Ten Low-Tech Ideas to Protect High-Tech Secrets
Even though certain firms — especially those in technology or other innovation industries — live or die with the protection of their business secrets, many fail to undertake some basic steps to protect their proprietary information from competitors or disgruntled former employees.
A few practical low-tech steps can significantly improve the chances of these companies protecting their valuable confidential information. Once taken, IP can be almost impossible to recover, and can require years of litigation and oppressive legal costs to reclaim it.
What to Protect
Business secrets might include customer lists, formulas, software, business processes, or market information. Theft of these intellectual property items can damage a company just as much, if not more than, the loss of a valuable piece of equipment or expensive raw materials.
Value of Low-Tech Precautions
Sadly, companies too often “skip the small stuff” when protecting confidential information. They enact expensive labor-intensive techniques like complex confidentiality agreements and patents, when a few low-tech procedures are capable of providing as much protection as the pinnacle of innovation.
Under the law, the mere presence of corporate “policies and practices” protecting sensitive information helps retrieve stolen secrets. Courts follow doctrines that provide that if a firm demonstrates “habitual protection” of its confidential information, it will more likely prove that the information is valuable and merits protection under the Uniform Trade Secrets Act. The opposite also holds true: a company that ignores strict protection of confidential information and ideas triggers a presumption of low value and little confidentiality.
Like unraveling a political cover-up, the best way to catch an information thief is to follow the trail of lies, copied emails, records of downloads, and rogue hard copies. The more impediments you put in place to copying and removing information, the more likely that the perpetrator will leave a trail of theft.
Ten Practical Tips to Save Confidential Information
1. Lock Doors and drawers. Keep the documents, disks or other media in a locked room or filing cabinet. It’s that simple.
2. Use Document Passwords. Amazingly, emails fly around offices and through cyberspace without password protection. Companies that habitually lock secret, or even semi-secret, documents with passwords avoid years of litigation. If a computer forensics expert can show that the culprit broke the password, or sent separate emails sharing the passwords with others, a judge is far more likely to acknowledge the confidential status of the information.
3. Create Virtual Compartments. Documents should be available only to persons with a need to know. Rather than simply dumping items into communal drives, companies should create levels of security to limit access. Some firms will even prevent their programmers from seeing an entire code, granting access to only that portion of the software code being developed by that programmer.
4. Use Snail Mail. Documents can be delivered in hard copy, marked with confidential stamps. Does the other party need to make copies? Do it for them. Mark all copies with a notation such as “Do Not Copy. This Stamp In Red.” If a black and white copy lands in the thief’s hands, it would be easy to prove that he or she should have known better.
5. Organize Confidentiality Agreements. Companies get lazy about this. Don’t. Routinely execute and file these agreements - whether from new employees or other business partners. Such habits, while not foolproof, demonstrate serious commitment to confidentiality and will often sway judges to rule against the information thief.
6. Leave Your Mark. Companies should aggressively apply copyright symbols, confidentiality stamps, or trademark notices. When in doubt, mark the document. As with other practices, this puts the thief on notice, demonstrates commitment to secrecy by the company, and validates court claims of value and confidentiality.
7. Use Employee Manuals. These books outline the general rules of the workplace for all employees. They provide the perfect means for clarifying and emphasizing strict processes and obligations of employees for maintaining the security of company information. These rules evidence corporate commitment to confidentiality.
8. Reject Stolen Property. Often new employees will bring pilfered intellectual property from their last job. Just as someone would reject a gift of clearly stolen merchandise, so should companies reject improperly obtained software, customer lists or manuals from a new employee. A firm with “unclean hands” should hardly expect judicial sympathy.
9. Monitor Guests; Limit Access. Companies should keep a strict log of any guests. This could be as simple as a sign-in sheet, or the provision of temporary electronic badges that guests can use to check in or out. Such procedures are compelling evidence of a firm’s sincerity in protecting its corporate secrets, while also demonstrating the value of its confidential information.
10. Embrace shredding. Rather than toss confidential information in the garbage, use shredders liberally. It will prevent others from rifling through your garbage to steal valuable information, and again, it reinforces your claim before a court that certain information is both valuable and proprietary.
The Bottom Line
By following these tips, not only will a firm more likely prevail in court, but unscrupulous individuals will be less inclined — and less able — to untangle the protections to steal your confidential information. Like car alarms, these protections cannot prevent every theft, but they might make it difficult enough for a trade secrets thief to target the next guy.
Craig McCrohon is a partner in the corporate group. You may reach him at firstname.lastname@example.org or 312/840-7006.