An interesting article by Jason Raeburn from Baker McKenzie looking at the protection that exists under English law around trade secrets and how the requirements needed to benefit from that protection may be being moved. This is particularly interesting given the dominant rise of technology and data in the business world - something that is increasing during the current lock-down as more people are working, shopping and doing business online.
The trend of virtually all businesses has long been to digitise and we are seeing that trend increase in velocity. Businesses however, always need to make sure that they have the right controls in place around their developments and investments, otherwise their value could be greatly diminished. This does not just mean protection from the external hacker - which is obviously an important element - but also protection from the potential threat within.
The internal threat can arguably cause much more damage and is potentially more challenging to control - especially in the current environment. With IT security there is always a balance between protection and usability that must be struck. The best invention in the world is of no use, and would not get developed, unless it can be accessed and utilised. Businesses must therefore ensure that they put adequate procedures in place to protect their trade secrets - which are clearly contextual as set out in the article.
The current environment with more people working from home means that more and more systems are being accessed remotely and data is therefore potentially escaping from normally secure, well-managed environments. Businesses must take this into account as they continue to adapt to the current situation. There is not a one-size fits all solution for this - it is one that requires thorough risk management concepts to be applied, with the application and monitoring of appropriate controls and safeguards.
My colleague Lorenzo Grillo (https://www.alvarezandmarsal.com/our-people/lorenzo-grillo) regularly helps clients meet these challenges. Please let us know if you would like to learn more!
Whilst under English law a failure to satisfy the strict definition of "trade secrets" may not remove all potential for legal protection (due to the wide doctrine of breach of confidence, which is still likely to apply...satisfying the requirement of having taken "reasonable steps" is likely to be of particular importance in connection with cross-border trade secret actions or where the trade secret itself originates... Those who market AI and machine-learning implementations (e.g. smart devices) which carry important, embedded and valuable algorithms (which could potentially be reverse-engineered) should therefore consider whether they would likely satisfy the "reasonable steps" test in their field and assess whether what they have done is likely to be objectively perceived as "enough" in what is a dynamic and ever-changing environment in which new vulnerabilities, (like power consumption patterns) are coming to light over time.