Guardians of innovation: US businesses in Europe need to protect trade secrets in the age of AI

As artificial intelligence (AI) systems become business-critical assets, companies will need to check whether they have sufficiently adapted their daily work to European trade secret protection frameworks to address unique challenges for cross-border intellectual property strategies.

This explosive growth of AI capabilities is fundamentally changing how companies must protect their most valuable intellectual assets, and this development was the focus of discussion at the global association for brand owners INTA's recent "The Business of Trade Secrets: Navigating the Challenges and Opportunities in the Ever-Changing World of AI" conference in New York City.

The discussions explored how US law in this area is similar to the EU framework, but there's no one-size-fits-all approach for proper protection. Instead, companies need to evaluate their specific circumstances—including their size, structure, trade secrets' importance, and other factors.

For US businesses operating in European markets, understanding the evolving landscape of trade secret protection in the EU and Germany has become essential, as traditional safeguards face unprecedented challenges from AI's unique characteristics.

Hidden wealth

Trade secrets represent the invisible backbone of competitive advantage for many companies. Unlike patents or trademarks, trade secrets can theoretically last forever and protect a vastly broader range of assets—including customer lists, pricing strategies, proprietary algorithms, and manufacturing techniques. In knowledge-intensive industries, trade secrets often account for 70-80% of company value, with many businesses maintaining hundreds or thousands of distinct trade secrets worth billions in aggregate.

This value is particularly pronounced in AI-intensive industries, where proprietary training methodologies, curated datasets and fine-tuning techniques represent critical competitive advantages. These assets often can't be protected through traditional intellectual property registrations, copyright, or database rights (generally speaking, unlike conventional software). Instead, they require specialized protection strategies tailored to their unique characteristics.

Europe's protection framework

The EU Trade Secrets Directive (2016/943) established harmonized protection standards across member states, requiring that information must be kept secret, have commercial value because of its secrecy, and be subject to "reasonable steps" to maintain that secrecy. In Germany, the implementation through the Trade Secrets Act (Geschäftsgeheimnisgesetz) created one of Europe's most robust protection frameworks.

This allows companies to protect their trade secrets through measures like preliminary injunctions, within days after discovering potential theft – most commonly when departing employees take confidential information, which is a frequent scenario that companies find particularly challenging to address.

Three critical vulnerabilities

However, AI systems have introduced novel complexities that test these established legal boundaries.

•    Inadvertent training data inclusion. When proprietary information is unwittingly incorporated into AI training datasets, the traditional concept of "misappropriation" becomes difficult to apply. Recent cases in Munich have highlighted how businesses struggle to prove trade secret violations when information appears to have been independently "learned" rather than directly copied.

•    Output regeneration risks. AI systems trained on public data can sometimes reconstruct trade secret information through pattern recognition and inference. The Berlin Regional Court recently recognized this "convergent generation" scenario as a novel threat to intellectual property that doesn't fit neatly into existing legal frameworks.

•    'Reasonable steps' redefined. The standards for what constitutes "reasonable steps" for protection in AI-enabled environments have yet to be fully determined. However, since many AI tools use inputs to train their datasets, the threshold for companies to establish or maintain trade secret protection will likely increase. Standard non-disclosure agreements and access controls may no longer be sufficient when AI systems can process and synthesize information in ways human recipients cannot.

Strategic protections for forward-thinking businesses

US companies operating across the Atlantic can implement several practical strategies to strengthen their trade secret position:

•    Dynamic classification systems that specifically identify AI exposure risks for different categories of proprietary information are increasingly viewed as a baseline requirement under German law.

•    AI-specific contractual provisions and up to date policies should address not only direct use restrictions, but also derivative works and model training limitations.

•    Technical safeguards, like digital watermarking, information fingerprinting, and strategic data poisoning, are gaining recognition as essential components of a comprehensive protection strategy.

•    Documentation of protective measures is particularly crucial in German jurisdictions, where courts expect detailed records of security protocols and their consistent enforcement.

Osborne Clarke comment

As AI becomes central to business operations worldwide, trade secret protection strategies must evolve from static safeguards to dynamic AI-aware governance frameworks. For US businesses with European operations, understanding the emerging legal interpretations in key jurisdictions like Germany provides both a compliance roadmap and strategic opportunities to safeguard their most valuable intellectual assets—often worth billions of dollars in market value—while continuing to leverage AI's transformative potential.