Industry insiders, reporters, attorneys and the general public alike have shown tremendous interest in the trade secret battle between Waymo and Uber that played out in Judge Alsup’s San Francisco courtroom last week before abruptly settling. The companies, players, and personalities have been notable to watch, but this article focuses on the lessons that can be gleaned from this and other trade secret disputes, particularly in the context of the relatively new Defend Trade Secrets Act (DTSA). To address these issues, we have split this articles into two separate parts. In this article, we focus on lessons that companies and attorneys can take away from the Uber dispute and other situations, as to how best protect their trade secrets.
Lesson #1: Mark Your Trade Secrets
Staking your claim to a trade secret by adding a “confidential” or “secret” designation is an important step, even if it is not required by law. The definition of “trade secret” requires that the owner prove that it “has taken reasonable measures to keep [the] information secret.” 18 U.S.C. §1839(3). We have seen from mock jurors that they expect a company to know what its trade secrets are, and can be persuaded that failing to properly and consistently mark trade secret material as such is unreasonable. Aside from meeting the expectations of would-be jurors, having procedures for properly marking trade secret material serves two other important purposes. First, it helps to remind employees that they need to protect the confidentiality of the materials. Second, proper marking prevents any ambiguity or later argument as to whether an alleged misappropriation was intentional.
At the same time, a common mistake by companies is to over-designate materials, leading later to arguments that the company labels almost everything as a trade secret, and therefore the designation has no meaning. An embarrassing example of this that we’ve seen in multiple situations is when a simple Google search turns up data sheets and presentations available on the Internet or on the company’s website that bear trade secret or confidential designations. Beyond identifying and properly designating materials that you want to be entitled to trade secret protection, any documents or materials labeled as trade secrets should be kept in secure locations and/or servers with proper access controls. It is also a good practice to periodically search for materials that contain your company’s name and a confidentiality designation. You may find that your company’s website security is not properly configured, or find other ways that confidential information is leaking out to the public.
Lesson #2: Have Written Polices Outlining How Trade Secrets Are Safeguarded
Rightly or wrongly, potential jurors may expect companies to have policies and procedures that dictate how confidential or trade secret information is used, and how it is protected. It is a good idea to meet this expectation by having reasonable, written policies in place long before any dispute arises. However, a poorly written policy can do more harm than good. In the real world, it is hard for a written policy to anticipate every conceivable circumstance, and it can be hard to expect employees to comply with an overly prescriptive policy that sets out bright-line rules that do not meet the needs of an operating business. We suggest writing the policy in the manner that the company’s witness at a trial would testify: (1) set out common-sense definitions and examples of what the company considers to be important, commercially-sensitive information, (2) set out practical safeguards, and (3) acknowledge that mistakes in handling information will sometimes happen and encourage prompt correction.
Once you have a written policy – don’t stop. Think about other systems that can be put in place to help remind employees to protect trade secret information. For example, consider configuring business systems to give reminders to your employees on proper information handling. This may include customizing login banners to remind employees that a system contains sensitive information, or adding reminders to electronic workflows in CRM or ERP systems.
Lesson #3: If You Can’t Track It, You Won’t Know It’s Gone
The Waymo situation itself is an interesting example of how potential trade secret materials may be improperly used, and the owner may never become aware of it. In the Waymo dispute, the misappropriation was discovered by a Waymo employee who was accidentally copied on an e-mail chain by a vendor that was also working with Uber. However, companies cannot rely on such happenstance to uncover misappropriation of their trade secrets. When employees, particularly higher-level engineers depart a company, tracking mechanisms should be in place (and reviewed!) that can confirm what materials the employee downloaded or removed before leaving the company.
Lesson #4: Don’t Setup Automatic Downloads for Servers Containing Trade Secrets
A jarring fact that was revealed at trial was that Waymo’s server that held the 14,000 files that its former employee alleged stole was setup such that whenever an engineer logged into the server, an update would occur resulting in all relevant files being downloaded to the engineer’s computer. During opening arguments, the jury was shown an email from a Waymo engineer to Waymo’s lawyers noting that it was normal for Waymo’s engineers to download all the documents on the server to a local machine, and stated that it was “uncomfortable to think that lawyers are trying to ascribe suspicion” to such downloads. This type of automated setup would likely raise red flags with any jury as to whether a company is truly safeguarding and minimizing access to confidential materials.
Trade secret materials should not only be restricted in how they can be accessed, but also carefully monitored and tracked in terms of access and usage. Should any theft occur, it is equally important to not only have an established practice and procedures for how to label trade secret information, but also for how the materials are stored and the safeguards in place to ensure they are properly accessed.
Lesson #5: Have a System for Dealing With Trade Secrets With Incoming and Outgoing Employees
A key aspect of managing trade secret risk is creating procedures to handle incoming and outgoing employees. Procedures should be implemented at both stages to not only prevent employees from taking trade secrets with them at the end of employment, but to also prevent any allegations of trade secret theft by a new employee’s prior company.
It is a good practice to explain to new employees that they are being hired for their skills and experience, but that the company is not looking to take an improper shortcut and new employees are expected to comply with their contractual obligations to former employers. Ask new employees to identify anything that they intend to bring with them into their new job, such as personal computers, storage devices, or work papers. This is a good opportunity to help prevent a new employee from inadvertently contaminating the workplace with trade secret materials that belong to others. The process also serves to emphasize that the company is interested in doing things the right way.
While many companies require new employees to sign a written non-disclosure agreement, it is also important to provide training on how employees are expected to use and protect confidential information. Training is an important step because jurors can be sympathetic to a former employee’s excuse that they are not a lawyer and did not fully understand the agreement.
Once an employee gives notice, it is important to take steps to protect the company’s trade secrets. All departing employees should be reminded, preferably in person and in writing, of their continuing obligation to maintain the confidentiality of the company’s information. The company should also confirm that the employee has returned all the company’s materials that were in his possession. For employees with access to particularly sensitive material, such as source code, consider auditing the employee’s access to the materials from before and after notice was given. If there are any suspicious changes in behavior, it can be easier to assess the employee’s intentions prior to their departure.
If there are any suspicious changes in behavior, it can be important to act quickly. When an employee goes to work for a competitor and there is a high-risk of misappropriation, the company may want to consider sending a letter to the new employer that puts them on notice of the employee’s confidentiality obligations. However, you must consider whether sending such a notice would violate the former employee’s privacy or could be seen as improper interference with their new employment relationship. Consider including appropriate waiver/consent language in your form of non-disclosure agreement for new employees.
Although blockbuster trade secrets are relatively rare, Waymo v. Uber is a timely reminder that companies should periodically reassess their trade secret policies and procedures. In Part Two of this article, we will address how companies can best position themselves to assert and defend trade secret misappropriation claims.
Harper Batts is an intellectual property litigation partner in the Palo Alto office of Baker Botts. Chris Ponder is a senior associate in the office who focuses on complex patent and business litigation.