Trade Secrets: How to Protect IP When Deploying Software

The ongoing legal conflict between Waymo and Uber speaks to an emerging (and unpleasant) trend in enterprise: a surge in the theft of trade secrets. Emerging technologies have always been tempting targets for IP theft. Today, the innovation sweepstakes center around fast-growing industries such as robotics, alternative energy, virtual reality, and autonomous cars.

And the stakes are high. Trade secret theft is estimated to cost around $300 billion annually. It contributes to the loss of at least 2 million jobs a year.

When protecting yourself against these thefts, applying technology to secure your data is only part of the equation. There’s also the legal side. By understanding the law and using it to guide how you deploy software and services to protect your IP, you can both discourage theft and ensure you have recourse against thieves who refuse to be deterred.

Covering Your Bases: A Brief Primer on Trade Secret Law

There are a number of laws that protect trade secrets. Two of the major ones are the federal Defend Trade Secrets Act (DTSA) and Digital Millennium Copyright Act (DMCA).

Enacted on May 11, 2016, the DTSA amended the Economic Espionage Act of 1996 to create a federal-law civil action for trade secret misappropriation. Under the DTSA, you can obtain greater damages, as well as attorneys’ fees, if you prevail on a claim. You can also obtain an injunction and have property seized to prevent the spread of a misappropriated trade secret. The DTSA increased criminal penalties to up to ten years of imprisonment and a maximum fine of either $5 million or triple the value of the stolen secrets. Under the DTSA, a plaintiff must demonstrate that it used adequate safeguards to protect its confidential information.

The problem is that what constitutes an adequate safeguard can vary. A federal court applying the DTSA, especially as a new law, may look to precedent from state courts that have traditionally decided trade secret cases. While most states have adopted the standardized Uniform Trade Secrets Act, state court judges reach different conclusions in view of differing circumstances and changing technologies. For instance, an Idaho court in 2009 determined that a website requiring a vendor login with a username and password could be considered a ‘reasonable effort’. Just a year earlier, however, a court in Wisconsin deemed that it was “not enough to simply restrict access to the facility and require passwords,” especially in the absence of a confidentiality agreement.

With such divergence among state courts, it is not clear that federal courts will achieve better consistency or how long it might take.

The best strategy for enterprises? Leave as little to chance — potentially conflicting court rulings, or technological obsolescence — as possible. Deploy a comprehensive program that combines elements like strong encryption, access restriction, access tracking, data segregation, staff training, nondisclosure agreements, and noncompete agreements.

A more advanced security program demonstrates that you place higher value on your confidential information – and by demonstrating that, you make it likelier a court will find in your favor and agree your secrets should be protected by law.

In some cases, you may also be able to protect secret information using the Digital Millennium Copyright Act, which provides protection to businesses that safeguard copyrighted files with some form of digital rights management technology. If you can prove that someone, be they an employee or contractor, willfully altered or circumvented that safeguard, they may immediately become liable for civil and criminal damages. First offenders risk a fine of up to $500,000 and up to five years in prison, with penalties doubled for repeat offenders.

How Far Should You Go to Protect Your Data?

Factors a court may consider when evaluating the adequacy of a safeguard include level of physical security, level of system security, access restrictions and controls, encryption technology, data segregation, data cataloguing, and activity tracking.

“Digital communication and storage – such items as email – require special attention and care,” explains author Howard C. Ana Walt in IP Strategy: Complete Intellectual Property Planning, Access, and Protection. “One should evaluate the need for the use of encryption, electronic authentication, and use of ‘digital locks’ [or] anti-circumvention devices, [which are] protected by federal law. If one uses [such measures], one can readily argue that adequate means were employed.”

While you may never deter a thief who’s determined enough, you can make the theft so difficult that you leave no doubts about their intent. And in so doing, you can better safeguard your files, minimizing the damage a theft might cause and increasing your chances of recouping any losses in court.

How BlackBerry Fits into Your Security Program

A market leader in enterprise security, management, and control, BlackBerry has a long, successful history of helping customers stay in control of their most valuable data. Security is in our DNA, and our solutions are trusted by all ten of the top US law firms and 100% of commercial banking companies in the Fortune 100. Our solutions regularly protect everything from product blueprints to financial records to government data, and our sophisticated technology can play an important role in protecting your confidential information.

If you need to share confidential information within or outside your company, BlackBerry Workspaces secures your content wherever it travels. With Workspaces, files are never out of your control – administrators can dictate on a user-by-user basis whether a file can be accessed, viewed, edited, copied, printed, or downloaded. These permissions can be revoked or extended at any time, effectively eliminating the chance of an accidental (or intentional) leak.

Workspaces also features email/IP watermarking and a spotlight viewer mode to deter theft and screen capturing, while file tracking and logging functionality ensures your IT department will immediately be aware of any suspicious activity. Workspaces works across all platforms and operating systems, and integrates readily with existing file repositories such as SharePoint. And anyone who circumvents its protections isn’t just subject to penalties under trade secret law – they’re subject to the DMCA, as well.

Workspaces can help protect your confidential information in the following ways:

• Teaching employees to use BlackBerry’s security solutions and educating them about best practices involving confidential information makes it more difficult for them to claim any theft was an accident or mistake.
• Workspaces’ sophisticated security controls deter employees who might otherwise make off with sensitive data. Not only that, other employers and other parties who might otherwise purchase the secrets will be made wary by the presence of deterrence technology such as screen blurring or watermarks.
• Workspaces secures collaboration on any device, and access controls ensure protected files are never accessed by unauthorized parties. Using Workspaces, individuals cannot simply walk off with your company’s files scot-free – IT can remotely wipe the files or revoke access.
• BlackBerry’s products as part of a security program justify protection under trade secret law, and choosing BlackBerry as a vendor demonstrates the high value you place on your confidential information.

 In short, if you’re seeking a product suite that can serve as a cornerstone of your security program, BlackBerry is your best option. Our solutions have yet to be referenced in court, while competitors such as Dropbox have suffered frequent data leaks. And our deep security expertise means we’ll constantly be adapting our solutions to meet new threats, vulnerabilities, and other challenges.

Stay Secure with BlackBerry

Trade secret theft is on the rise, and the market is changing. Your business needs to protect itself with more than an NDA and a password-protected firewall. Don’t be caught in a case where a court rules your traditional protections are no longer adequate — and stay out of court in the first place.

Keep your trade secrets BlackBerry Secure.

This piece was co-authored by BlackBerry Chief Legal Officer, Steven Zipperstein, and BlackBerry President, Global Sales and Service, Carl Wiese.