While the point can be argued, for many organizations, a trade secret is more valuable than a patent. It doesn’t expire, and it can be nurtured and adapted over time to meet market or technology challenges. A well-fed, often read intranet will eventually contain trade secrets; in fact Use #2 of our 365 List is a trade secret.
But as Ian Ballon wrote back in 2004,
Some businesses fall into the trap of developing elaborate security procedures that amount to little more than a stack of documents recording unenforced obligations (or policies hidden behind an icon on an intranet that employees do not actually access). As a general rule, trade secret owners should try to adopt simple, straightforward rules that are easy to follow. Employers need to publicize those rules, and reinforce them during initial and exit interviews for employees given access to trade secrets. Employers also should define for employees what they consider to be trade secrets.
Assuming the intranet is both well-fed and well-read, trade secrets must be explicitly identified and protected. Despite breaches other high tech exfiltration, a major source of trade secret loss is through current or past employees, contractors or customers.
The intranet should:
- provide a clear notice of trade secrets, perhaps through iconography
- implement policies which make it easier to auto-classify and inherit “trade secret” status
- provide the policy to new intranet users as a click-through must-read, and as a periodic reminder (with meaningful examples) for all users
- implement other policies recommended by a trusted legal authority, such as corporate counsel
Situations vary, but trade secrets may be at least as important as some other security and privacy concerns.
I. Ballon, “The realities and frailties of trade secret protection,” R&D Magazine, Nov. 2004. [Online]. Available: http://bit.ly/1vYZLXp