With so much commercial information being stored digitally, trade secrets have never been more vulnerable or valuable. And with cyber incidents becoming the norm, companies will be expected to exercise a baseline level of cyber security if they want the law to confer upon their information protection as a trade secret.
Trade secrets require efforts to preserve secrecy.
Under the Uniform Trade Secrets Act (UTSA), a version of which exists in most states, one of the requirements for information to be considered a "trade secret" is that it must be subject to reasonable efforts to preserve its secrecy. Reasonableness depends on the circumstances. The reasonableness standard in the era of snail mail and paper record-keeping was different from the reasonableness standard in the digital era, with its commonplace and increasing cyber security threat.
Preserving trade secrecy with cyber security measures
What's "reasonable" in terms of cyber security measures depends on the circumstances. The law doesn't list specific measures as prerequisites for "secrecy" status. However, it's hard to imagine that failing to implement elementary cyber security steps such as password protection, a firewall, or installation of anti-malware software, to name a few, would be considered reasonable cyber protection of commercially valuable information.
This post is for informational purposes only. Trade secret law varies from state to state. To determine how to earn trade secret protection where you do business, it is best to consult with an attorney.
