The misappropriation of a trade secret can come at a significant cost to its owner. In 2014, research published by PwC and the Center for Responsible Enterprise and Trade estimated the total value of misappropriated trade secrets in the US at between 1% and 3% of GDP – the equivalent of up to $550 billion per annum. If unlawful disclosures allow a third party to compete, this can affect customer retention, profits and brand reputation on a global basis.
The recent introduction of the EU Trade Secrets Directive will facilitate enforcement of rights across Europe, through offering a minimum standard of protection and harmonised remedies.
Here, we take a look at the legal protection for trade secrets in Europe and how that compares to the position in the US, alongside practical steps that businesses can take to safeguard valuable confidential information.
Protection in the EU
The EU Trade Secrets Directive was implemented by a number of Member States including the UK, France, Belgium, Italy and Sweden during 2018. The aim of the EU Directive was to harmonise and clarify the protection of trade secrets in all Member States, which previously offered patchwork protection through a variety of civil and criminal laws.
One of the key changes introduced by the EU Directive is a new harmonised definition of a trade secret. Information will be considered a trade secret if it:
- is secret – in the sense that it is not (as a body or in the precise configuration and assembly of its components) generally known among, or readily accessible to, persons within the circles that normally deal with this kind of information;
- has commercial value because it is secret; and
- has been subject to reasonable steps (under the circumstances) to keep it secret by the person lawfully in control of the information.
The EU Directive also sets out remedies and enforcement options for owners of misappropriated trade secrets. These remedies include damages, which may include an award for moral prejudice caused to the trade secret owner.
The substance of the EU Directive largely reflects the previous UK law on trade secrets. However, for other Member States including Germany, this introduces new concepts such as permitted reverse engineering. It also presents new enforcement measures such as the introduction of "confidentiality clubs" to restrict access to trade secrets during legal proceedings, which should eliminate some concerns in bringing proceedings. These "clubs" were not previously used in several Member States.
At the time of writing, the implementation of the EU Directive remains outstanding in some Member States, including Germany. Also the nature of the legislation as a directive means that each Member State has a degree of freedom to deviate from its specific provisions when giving effect to the Directive in national law. This may lead to some divergence between different territories, but it is anticipated that the EU Directive will introduce consistency for key issues and a minimum standard for protection and enforcement of trade secrets.
How does that compare to the US?
The purpose of the EU Directive's echoes that of the US Defend Trade Secrets Act of 2016, which was introduced to harmonise and strengthen protection across the US, whilst preserving existing state law. The EU Directive also provides a definition of trade secrets that is very similar to that under the US Economic Espionage Act (as amended by the Defend Trade Secrets Act), which provides that information will be considered a trade secret if:
- the owner has taken reasonable measures to keep the information secret; and
- the information derives independent economic value from not being generally known or readily ascertainable through proper means by others.
Likewise, the key requirements for misappropriation under the EU Directive are also broadly aligned with those under US legislation. For example, the EU Directive and the US Defend Trade Secrets Act each expressly permit reverse engineering.
These similarities are not surprising, given that both the EU and US are parties to TRIPS, which requires countries to protect information meeting the key characteristics of a trade secret. The consistency in approach offers greater certainty to businesses operating both in the US and in Europe.
Tips for protecting confidential information
Whilst there remains some uncertainty as to how different territories will interpret the requirement for "reasonable steps/measures", it is clear that there are actions that businesses can (and should!) take to protect valuable confidential information in the US and Europe.
Here are some of our key tips:
- Consider whether to introduce confidentiality and usage provisions within relevant supplier and/or client contracts.
- For key collaborative projects, enter into NDAs and ensure that their terms are suitable for the scope of the particular project.]
- Develop and implement procedures for marking, segregating and storing trade secrets. This could include new IT procedures to ensure that the information is encrypted, or warnings appear before the information is sent externally.
- Provide training to employees and/or suppliers who are most likely to access confidential information.
The implementation of the EU Directive will make it easier for businesses to enforce their trade secrets rights across Europe, with more clearly defined remedies.
In addition, the broad similarities between the definitions of "trade secrets" and "misappropriation" in the US and Europe will offer greater certainty to businesses implementing global policies for the protection of their valuable confidential information.