Trade Secrets and Computer Tampering

© 2013 Armstrong Teasdale LLP

Trade Secrets and Computer Tampering: The Convergence of Two Ways to Protect Important Company Assets and Information Presented by: Michael B. Kass



The ways employees can steal from you . . .

INTRODUCTION


What is computer tampering?

Sophisticated espionage not needed. • Ease of copying/transferring large amounts of data more

common among departing employees. − Email, thumb-drives, hand-held devices, laptops . . .

• Computer tampering statutes may make a lot that type of activity unlawful.

• You may be able to protect your information as trade secrets

• But . . . depends upon your policies and procedures. − These laws are important whether or not your company

restricts employees with non-compete agreements.


Why is this important to me?

Encourages steps to prevent theft in the first place and adds to your “menu” of potential weapons to use in your fight against the bad-acting departing employee.


Why is this important to me?


The Laws

Computer Fraud and Abuse Act Missouri Computer Tampering Act

Uniform Trade Secrets Act


Computer Fraud and Abuse Act (“CFAA”) 18 U.S.C. § 1030

Conduct prohibited by CFAA • Statute not “elegantly” drafted

• Most commonly relevant provision prohibits: Intentionally accessing a computer without authorization or by exceeding authorized access and thereby obtaining information from a protected computer.

• Knowingly causing the transmission of a program, information, code or command, and in doing so intentionally causing damages to a protected computer.

• Requirement for Civil Action: Economic damages > $5,000 − May include cost of forensic investigation (depending on jurisdiction)

• Key Issue: When does an employee “exceed authorized access”?


Missouri Computer Tampering Act

Tampering with Computer Data (§ 569.095 RSMo.) Tampering with Computer Equipment (§ 569.097 RSMo.) Tampering with Computer Users (§ 569.099 RSMo.) It’s “tampering” if done either:

• Knowingly (i.e. knowing it is unauthorized); or

• Without reasonable grounds to believe one has authorization

• (Slightly broader than CFAA “authorization” requirement)


Remedies

CFAA – Economic Loss, plus attorneys’ fees MCTA – Costs associated with uncovering the breach and

fixing any damage done to CPU systems, plus attorneys’ fees.


Trade secrets defined*

Information, data, technique, etc. that: • Derives independent economic value, actual or potential,

from not being generally known to, and not being readily ascertainable by proper means by other persons who can obtain economic value from its disclosure or use

• Reasonable efforts under the circumstances are taken to maintain its secrecy

*Source: Missouri Statute (RSMo. § 417.453(4))

Presenter

Presentation Notes

"Trade secret" is defined as “information which could include technical or nontechnical data, a formula, pattern, compilation, program, device, method, technique, or process, that:�


Trade secrets defined*

Factors used to determine if information is a trade secret • Extent to which the information is known outside the business

• Extent to which it is known by employees and others involved in that business

• Extent of measures taken to guard the secrecy of the information

• Value of information to the one claiming the trade secret and its competitors

• Amount of effort and/or money expended in developing that information

• Ease or difficulty with which the information could be acquired or duplicated by others

*Source: Baxter International, Inc. v. Morris, 976 F.2d 1189, 1194 (8th Cir. 1992)


Convergence of computer tampering and trade secret protection

Steps to prevent data theft before it happens Steps to help establish liability in the event of a breach



Safeguard your computer systems and electronic files. Password access only

• Additional password access for most sensitive documents for those who need to know

Computer and email usage policies • Be clear about extent of “authorization”

− Employee access to files on system for authorized business purposes only

− Not for employee’s personal benefit



Confidentiality policies and agreements • Policy

– Employee acknowledgement of receipt

– Periodic reminders.

• Policies and agreements – general language

– specific language referencing greatest concerns

Mark confidential documents “CONFIDENTIAL” Secure “confidential” documents (e.g., locked file cabinet)


Side Bar: You should be “atwitter” about your confidential information losing its trade secret status on social media sites.

Use of Twitter and LinkedIn by your employees • Restrictions on information they can post?

− Visiting “ABC Customer about XYZ today . . .”?

Who does your employee “follow” and with whom is she “Linked”?

• Veritable customer list?

• De-Linking Consider addressing in policies and agreements.


Closing comments

Simultaneously prevent theft while bolstering your ability to stop a bad-acting employee from harming you.

• Protect your electronic and confidential documents and

information with clear policies and agreements.

− Computer usage − Email usage − Confidential information

See departing employee checklist


Questions

Michael B. Kass [email protected]

314.552.6673

Trade Secrets and Computer Tampering

Business

Transcript of Trade Secrets and Computer Tampering