It takes three to keep a secret: Top points for corporate trade secret protection following FTC’s noncompete rule

With the FTC’s adoption of its rule seeking to ban employee non-competes beginning August 2024, and as legal challenges are filed in anticipation of the rule’s implementation, businesses are encouraged to audit, improve, and implement concrete measures to protect trade secrets in case noncompetes are eliminated.

The FTC has acknowledged that non-competes are frequently used to protect trade secrets, but the agency has also consistently stated that there are better ways to protect trade secrets, including through litigation. But trade secret litigation may be expensive and can only initiate once a company has had their trade secrets stolen. At least three major opportunities exist to prevent trade secret misappropriation both before and after it occurs.

Invest in Your Confidentiality Agreement: It all starts with your Confidentiality Agreement or Proprietary Information Agreement (PIA). Using a generic “off-the-shelf” PIA that is not tailored to your unique business model and your bona fide secret, confidential, and proprietary documents may negate the impact, gravitas, and enforceability that a PIA is meant to clearly and specifically embody.

Has your business performed an internal or outside-counsel-led trade secret audit in the past five years to assess and document (in the PIA and other employment agreements) those types of unique company information, documents, and data that truly provide your competitive advantage? These are company crown jewels for which you might sue a departing employee for taking to a competitor.

Different businesses have different trade secrets. If your PIA lacks some specificity of reference to those actual competitive levers, then it may be more difficult to enforce given that opponents may be more inclined to defend on the grounds that it is a noncompete. Worse yet, vague PIAs may allow clever wrongdoers to justify intellectual property theft by the absence of clarity or call-out in the PIA. Pointing to a reasonably tailored PIA may substantially increase the successful enforcement of a breach of your company PIA, whether in a cease-and-desist context or in litigation.

A pox on external devices: Next, employee misuse of external hard drives, thumb drives, and other personal storage (eg, cloud or e-mail) represent the most frequent vector of trade secret misappropriation. But, in the vast majority of trade secret cases, the mass taking of company information only reveals itself when the proverbial information horse has left the barn. Your employee has joined a competitor and has your crown jewels in hand, and you are spending ample money in clawing back what is undeniably yours. It may be easier to prevent it from leaving than seeking to get it back.

In a post-non-compete world (if and when we get there), many businesses may benefit from clearly articulated, employee-acknowledged, monitored, and enforced restrictions on peripheral device use. Further, companies may consider disallowing it altogether – especially as common reasons for use of peripheral devices and electronically stored information have diminished substantially, as cloud environments have become the norm. Loudly and consistently disseminated prohibitions on employee use of peripheral devices may be employed absent unusual circumstances. When necessary, companies may consider providing company-owned storage devices that must be returned upon separation and disallowing personal use.

Caution – exiting employee: Too many trade secret tragedies could have been prevented in the departing employee’s final hours. Detailed and competently performed exit interviews may prevent a major measure of IP theft. As unpleasant as these interviews may be, asking an employee what thumb drives, electronically stored information, and good old hard copies they maintain, and certify to have returned, may achieve huge practical advantages. Honest employees may retrieve and return the odd thumb drive that happens to have gigabytes of company information on them. For dishonest ones who are later found to have kept and misused stolen IP, a detailed and documented exit interview may provide compelling information upon which courts can rely in entering temporary restraining orders or preliminary injunctions in trade secret litigation. Coupled with requiring the employee to sign an exit certification verifying compliance with the PIA and full return of company materials, an employee would have to breach at their own peril, especially if there’s a prevailing-party provision in the PIA. For senior-level or departing employees with access to the company’s most sensitive or valuable trade secrets, employers may consider preceding the exit interview with a forensically sound, IT-led review of the employees’ recent peripheral device use or suspicious cloud storage actions leading up to their final days. For several hundred dollars, a company may strongly consider forensically imaging a departing employee’s hard drive, especially if that device will be wiped and reissued. They may also include in the employee’s initial employment agreement and PIA that subsequent employers will be notified of all contractual confidentiality obligations and actually follow through on that notification.

The deliberate and considered protection of trade secrets often warrants action and intentional conduct. Please let us know if DLA Piper can assist in your efforts.