BNA Report: Mobility = Trade Secrets Risk
By Todd
BNA's Daily Labor Report has published a piece concerning risks the mobile workforce places on corporate trade secrets. It makes a solid read and provides reliable analysis:
Corporate policies aimed at safeguarding intellectual property and
trade secrets are becoming increasingly important as the mobility of labor
markets grows and as the tools available for compromising critical corporate
data expand, a panel of employment and technology law professionals said Dec.
12.
Daniel Waldman, corporate counsel for San Jose, Calif.-based Cypress
Semiconductor Corp., said corporations must develop and execute vigorous trade
secret protection policies with the help of their legal, human resources, and
information technology departments. Such policies should become embedded in the
corporation's culture so employees understand that they play a vital role in
the protection of organizational assets.
"By having such specific policies in place, an employer puts its employees
on notice as to their obligations and responsibilities with respect to
protecting the company's technologies and data," Waldman said during an
American Bar Association teleconference entitled "Surviving the Brave New World
of Employee Mobility."
Bradford Newman, chairman of the employment law department at Paul,
Hastings, Janofsky & Walker LLP in Palo Alto, Calif., said three important
trends are converging to make trade secret protection a critical mission within
almost every organization. First, a corporation's essential value is
increasingly composed of its intangible assets, including intellectual property
and trade secrets. This fact of corporate life is obvious in technology and
financial companies, but Newman said this trend is no less true in
manufacturing, services, and other traditional industries.
"All industries are moving toward a business model that relies on product
differentiation and small differences in innovation vis-a-vis their
competitors," Newman said.
Time of Long-Term Employment Over.
In addition, Newman said employee mobility and the emergence of
nontraditional worksettings create significant opportunities for the loss of
intangible property, adding that the days of long-term employment with a single
employer are over. Newman said this trend is especially true for highly skilled
professionals, who likely understand an organization's most important
commercial secrets. The modern worker may also work from a remote location,
where his or her daily activities cannot be strictly monitored.
"Employees are moving in groups--in two's and three's and in 20s and 30s,"
he said. "And one thing everyone can be sure of: data is moving with these
employees--data that doesn't belong to them, data that may inadvertently or
intentionally be moved, and data that all of our clients increasingly want to
keep track of."
Finally, Newman said tools capable of hijacking the organization's most
valuable assets are becoming increasingly sophisticated. While external storage
devices, PDAs, instant message communication equipment, portable hard drives,
and cell phones are the essential tools of business, they are also effective
vehicles for shifting sensitive data and trade secrets off company servers. In
addition, external e-mail systems can serve as convenient storage bins for
employees looking to rob the store.
"E-mail policies alone are woefully inadequate to protect a company's
trade secrets," Newman said. "With mobile employees working all over the world
outside the four brick-and-mortar walls of the headquarters and with the
sophistication of moving information off of company systems, new technologies
such as instant messaging and stand-alone storage drives need to be accounted
for in a trade secrets policy."
Conduct Trade Secrets Audit.
Darren Weingard, senior corporate counsel for the Internet giant Yahoo!,
said companies need to begin their security processes by conducting a trade
secrets audit. Each organization must identify the intangible property to be
protected and then identify the locations and the channels by which it can be
accessed. Organizations also need to know who creates these valuable company
assets and who has access. Weingard said this internal process should be done
on a cross-functional basis involving members of the organization's information
technology, human resources, and legal departments.
The process should produce policies governing who has access to critical
organizational information and on what terms. The organization must also
develop specific policies governing the use of storage devices and external e-
mail accounts.
"It is an important point because a company's encouragement of the use of
external devices can, in the context of potential litigation, affect the
argument that a trade secret has been protected," Weingard said. "You will
certainly see your adversary argue that the company did not adequately protect
its trade secrets."
Waldman agreed, but cautioned that companies should be mindful of policies
that inhibit innovation.
"The real issue employers need to consider is how far does [the company]
want to go before the benefit of the constraint is outweighed by the adverse
impact on the employee's work performance," he said.
Comprehensive Policy Needed.
Newman pointed to a range of additional issues that should be addressed in a
trade secrets policy, including: controls on mobile employees, consultants and
contractors; ongoing training for employees aimed at trade secret
identification and protection; and, monitoring employees' use of computer and
e-mail systems.
Newman added that organizations must develop comprehensive employee exit
processes. During the exit interview, laptops and other equipment must be
accounted for. The employer should determine whether the exiting employee will
work for a competitor. He noted that the employer may ask the departing
employee to certify that he or she will not use any secret or sensitive
information in their new position. In cases involving executives who have been
privy to highly sensitive information, the company may want to create a
forensic imaging of the departing executive's hard drive.
Corporate policies aimed at safeguarding intellectual property and
trade secrets are becoming increasingly important as the mobility of labor
markets grows and as the tools available for compromising critical corporate
data expand, a panel of employment and technology law professionals said Dec.
12.
Daniel Waldman, corporate counsel for San Jose, Calif.-based Cypress
Semiconductor Corp., said corporations must develop and execute vigorous trade
secret protection policies with the help of their legal, human resources, and
information technology departments. Such policies should become embedded in the
corporation's culture so employees understand that they play a vital role in
the protection of organizational assets.
"By having such specific policies in place, an employer puts its employees
on notice as to their obligations and responsibilities with respect to
protecting the company's technologies and data," Waldman said during an
American Bar Association teleconference entitled "Surviving the Brave New World
of Employee Mobility."
Bradford Newman, chairman of the employment law department at Paul,
Hastings, Janofsky & Walker LLP in Palo Alto, Calif., said three important
trends are converging to make trade secret protection a critical mission within
almost every organization. First, a corporation's essential value is
increasingly composed of its intangible assets, including intellectual property
and trade secrets. This fact of corporate life is obvious in technology and
financial companies, but Newman said this trend is no less true in
manufacturing, services, and other traditional industries.
"All industries are moving toward a business model that relies on product
differentiation and small differences in innovation vis-a-vis their
competitors," Newman said.
Time of Long-Term Employment Over.
In addition, Newman said employee mobility and the emergence of
nontraditional worksettings create significant opportunities for the loss of
intangible property, adding that the days of long-term employment with a single
employer are over. Newman said this trend is especially true for highly skilled
professionals, who likely understand an organization's most important
commercial secrets. The modern worker may also work from a remote location,
where his or her daily activities cannot be strictly monitored.
"Employees are moving in groups--in two's and three's and in 20s and 30s,"
he said. "And one thing everyone can be sure of: data is moving with these
employees--data that doesn't belong to them, data that may inadvertently or
intentionally be moved, and data that all of our clients increasingly want to
keep track of."
Finally, Newman said tools capable of hijacking the organization's most
valuable assets are becoming increasingly sophisticated. While external storage
devices, PDAs, instant message communication equipment, portable hard drives,
and cell phones are the essential tools of business, they are also effective
vehicles for shifting sensitive data and trade secrets off company servers. In
addition, external e-mail systems can serve as convenient storage bins for
employees looking to rob the store.
"E-mail policies alone are woefully inadequate to protect a company's
trade secrets," Newman said. "With mobile employees working all over the world
outside the four brick-and-mortar walls of the headquarters and with the
sophistication of moving information off of company systems, new technologies
such as instant messaging and stand-alone storage drives need to be accounted
for in a trade secrets policy."
Conduct Trade Secrets Audit.
Darren Weingard, senior corporate counsel for the Internet giant Yahoo!,
said companies need to begin their security processes by conducting a trade
secrets audit. Each organization must identify the intangible property to be
protected and then identify the locations and the channels by which it can be
accessed. Organizations also need to know who creates these valuable company
assets and who has access. Weingard said this internal process should be done
on a cross-functional basis involving members of the organization's information
technology, human resources, and legal departments.
The process should produce policies governing who has access to critical
organizational information and on what terms. The organization must also
develop specific policies governing the use of storage devices and external e-
mail accounts.
"It is an important point because a company's encouragement of the use of
external devices can, in the context of potential litigation, affect the
argument that a trade secret has been protected," Weingard said. "You will
certainly see your adversary argue that the company did not adequately protect
its trade secrets."
Waldman agreed, but cautioned that companies should be mindful of policies
that inhibit innovation.
"The real issue employers need to consider is how far does [the company]
want to go before the benefit of the constraint is outweighed by the adverse
impact on the employee's work performance," he said.
Comprehensive Policy Needed.
Newman pointed to a range of additional issues that should be addressed in a
trade secrets policy, including: controls on mobile employees, consultants and
contractors; ongoing training for employees aimed at trade secret
identification and protection; and, monitoring employees' use of computer and
e-mail systems.
Newman added that organizations must develop comprehensive employee exit
processes. During the exit interview, laptops and other equipment must be
accounted for. The employer should determine whether the exiting employee will
work for a competitor. He noted that the employer may ask the departing
employee to certify that he or she will not use any secret or sensitive
information in their new position. In cases involving executives who have been
privy to highly sensitive information, the company may want to create a
forensic imaging of the departing executive's hard drive.
<< Home