Its Simple- Trade Secrets Are Only Protected Because They Are A Secret 

We live in a competitive world. The extent to which a company is able to protect its trade secrets is an important factor in its overall ability to survive and prosper. In the employment context, complicated legal issues arise when a departing employee is in a position to use and/or disclose confidential information to a competitor.  Remember, a trade secret is only a trade secret because it is a secret!  Once published to the outside world it is hard to claim it is intellectual property anymore as it is no longer a secret.

 An important step in the Legal Risk Management Process (LRM) is to implement processes and procedures to protect trade secrets and confidential information, especially from misappropriation by former employees who move over to competitors.  This is one of the most serious issues involving a company’s IP.  Are you protected?

So- what is a trade secret anyway? 

Understanding What Constitutes a Trade Secret 

Prior to 1979, few states in the U.S. had trade secret statutes, and actions for theft of trade secrets were generally governed by the 1939 edition of the Restatement of Torts. The Restatement defined a trade secret as: 

Any formula, pattern, device or compilation of information which is used in one's business, and which gives him an opportunity to obtain an advantage over competitors who do not know or use it. It may be a formula for a chemical compound, a process of manufacturing, treating or preserving material, a pattern for a machine or other device, or a list of customers. See Restatement of Torts section 757 (1939).  

The National Conference of Commissioners on Uniform State Laws approved the Uniform Trade Secrets Act ("UTSA") in 1979. Since then 41 states (including California) and the District of Columbia have adopted the UTSA in some form. Texas and New Jersey have not adopted the UTSA. Under the UTSA, a trade secret is somewhat broader than the definition under the Restatement: 

"trade secret means information, including a formula, pattern, compilation, program, device, method, technique or process that:

derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable by proper means by other persons who can obtain economic value from its disclosure or use; and

is the subject of efforts that are reasonable under the circumstances to maintain its secrecy." 

Under the common law of the U.S. and other countries courts generally look at six factors for determining whether information is a trade secret. Those factors are: 

1. The extent to which the information in question is known outside the business;

2. The extent to which the information is known by employees and others involved in the business;

3. The extent of the measures to safeguard the secrecy of the information;

4. The value of the information to the competitor;

5. The amount of effort or expense required to develop or compile the information; and

6. The ease of difficulty with which the information could be properly acquired or duplicated by others. 

The determination of whether information constitutes a trade secret is extremely fact specific, and the courts have reached opposite conclusions on the same types of information depending on the facts presented. Two principal factors create the difference between cases that recognize information as a trade secret and cases that do not. First, courts determine whether the information is truly secret, i.e. not in the public domain or easily accessed. Second, courts determine whether the employer has taken reasonable steps to protect the secrecy of the information. 

 Reasonable Steps a Company Can Take to Protect Its Trade Secrets 

Steps include:  

I.  Physical Security Precautions 

Failure to maintain appropriate physical security may doom a trade secrets claim. Companies should restrict access to its premises generally, and in particular, where trade secrets are located. Security services should enable the company to maintan the physical security of trade secrets- that may be important to show that a disloyal employee entered or left a facility during unusual times. Smaller scale physical security within departments is equally as important. Employees should be required to place confidential information in secured areas such as drawer, locked file cabinets. A security audit should be performed to determine its vulnerability to trade secret theft. 

II. Communicating Confidentiality 

A company or organization should communicate with employees regarding its policies on confidentiality. Confidentiality policies should be included in employee handbooks and employees should receive periodic reminders regarding the confidentiality policy and any contractual obligations regarding confidentiality.

Document control is another essential means to communicate confidentiality. Document controls can be put in place that are simple and routine. Confidential documents may be marked "Confidential" or "Property of XXX." Automated headers and footers will increase the likelihood that the employees will follow the procedure. Upon termination of employment, exit interviews should be conducted to remind the employee of their obligations regarding confidentiality. An effective exit interview should normally include the employee's supervisor and a human resources representative to serve as a witness. An effective exit interview also requires preparation. For example, the employee may be reluctant to provide information regarding his new position of employment. By checking with co-workers and doing some investigation beforehand, the employer may be able to gather important information for the exit. 

Remember, in today’s competitive world, it is quite common to have employee turnover.  One of the most serious aspects of employee turnover is the misappropriation of trade secrets. Companies must be very diligent in protecting trade secrets ( IP is the life blood of most companies) and other IP from theft and infringement.    

So- have you done a risk management audit on your IP and employee related processes? Are you protected from trade secret misappropriation by former employees?  If not, now is the time to take action! 

 

Using Metrics to Control Costs.  

      A company, wherever situated, will eventually be subject to litigation, government investigations, fines, employee actions, class actions, commercial litigation, etc. In a sense, the cost of business is having to pay for resolution of legal matters and problems. However, that cost may be high.  In order for a company to properly defend itself will require the use of law firms, especially in the United States.  However, legal fees and costs can be onerous and excessive. The financial well-being of a company may depend upon how well it is able to manage outside legal fees and costs.  A company may win a lawsuit but go bankrupt because of excessive legal fees. 

     As part of an overall Legal Risk Management ( LRM) Program, a company’s law department must implement processes to control, reduce, and manage outside legal fees and costs. By utilizing legal risk management tools (such as surveys, interviews, risk assessments, KPIs and other metrics) a law department or risk management department can proactively reduce its legal spend.  Likewise, a law firm , to stay successful must also implement internal processes to contain costs or it runs the risk of becoming irrelevant as corporate law departments switch from famous brand name law firms that are very expensive to lesser known law firms that are just as capable but much more reasonable in fees.  Some of the tools that a law department or law firm can use to contain costs are: 

Tools for Reducing Legal Fees 

Processes that can measure the performance of outside counsel

Processes that track legal costs and expenses

Use of KPIs that measure the Law Departments metrics

Creation of a contract management system, which standardizes contracts and forms

Negotiation of legal fee agreements with outside counsel

Use of outside billing guidelines, which prevent excessive billing by law firms

Use by law firms of metrics such as KPIs that measure the law firms’ performance

Conduct risk assessments to determine whether to settle early or not 

KPIs 

     Key performance indexes (KPIs) are an effective way to measure a Law Department’s metrics as well as use and effectiveness of outside counsel.  It can also be used by a law firm to measure its performance such as turnaround time of matters, etc.  I recommend a corporate law department to establish at least ten to twenty KPI metrics to get a good picture of the effectiveness of not only the law department but outside counsel. This can be reflected in the dashboard on your computer monitor. Typical examples would be: 

Law Department’s total expense

Law Department’s total expense as a percentage of revenue

Number of active litigation matters

Number of new litigation matters

Number of closed litigation matters

Law Department’s fees for outside counsel

Total external spending on litigation matter

Cycle time to resolve claims

Estimated dollar savings through use of legal risk management tools 

Percentage of legal matters that receive a management—specific post-mortem review       

         Law firms can use metrics too! 

     Law firms can also use KPIs to measure performance and help contain costs. Typical examples would be : 

       Law firm’s total expense as a percentage of revenue

       Number of active matters in relation to revenue

       Number of closed matters

       Turnaround time for transactional matters

       Number of attorneys per case

       Number of hours billed per attorney

       Number of hours spent marketing the firm per attorney 

Why Metrics? 

      There are other KPIs to use, but the above metrics can be used to help quantify the number of litigation matters, average time to resolve matters, total legal costs, and savings through LRM processes. The more processes put in place to measure performance from a risk management point of view the better.  KPIs not only measure and track the effectiveness and efficiency of a law department but can be used as a tool to improve the effectiveness of the law department as well as the typical law firm. 

      What law firms must realize is that law departments are being held to a strict standard by the CFO or CEO of a company. Companies are requiring in house counsel to be more efficient and cost conscious especially when picking outside counsel.   Law firms that come up with innovative business oriented practices that help the company’s bottom line will become the preferred law firms.  As businesses use more and more metrics to measure performance and cost so will law firms be required to do the same thing.  Law is becoming less of a staid old boy profession and is becoming more of a dynamic business that is subject to all of the vagaries of business just as the law firm’s clients are subject to such vagaries.  

     What can law firms do to contain costs and stay relevant: 

  1.  Use the KPIs mentioned above
  2. Implement strategies to contain costs
  3. Focus on cost management
  4. Conduct early risk assessments
  5. Utilize plans for strict budgeting and staffing
  6. Do more with less
  7. Consider using alternative fee arrangements instead of hourly billing
  8. Use surveys to provide feedback from clients
  9. Work with in house counsel to contain costs
  10. Add value! 

     Times are changing.  Not only are corporations taking more and more steps to contain costs but the law departments and ultimately the law firms themselves are being required to contain costs as well.  Failure to contain costs will result in law firms becoming less relevant in a world that is flat and quite demanding.

A company should consider the risk of success if it wants to remain successful.

I recenlty went to one of my favorite new restaurants in Seoul.  The restaurant has a unique menu- something you normally dont see in Korea.  The food was very good as was the service. It became my favorite place to have Sunday Brunch. I and many others started frequenting the place.  Unfortunately, during my last visit, I noticed the service had rapidly declined.  In other words the restaurant was becoming a victim of its own success.  The restaurant owner clearly never thought he would be so successful so quickly.  He could not keep up with the demand. His staff was stretched to the limit.  Oh well- maybe I should look for another place to have Sunday Brunch.

My ex- favorite restaurant's failure to deliver proper service because of its success  started me thinking about risks inherent in any business when it faces unexpected results- whether positive or negative. Looking at recent events it is impossible not to notice how many of the risks faced by companies were either unintended or unexpected.  From a risk management standpoint, such a failure to appreciate potential risks because the risks were unexpected or the result of unintended consequences, is a failure of  risk management itself.

Granted, it may be easier to foresee certain risks than others and take action to mitigate the risks that are more visible.  But the very reason to create a risk management system and nurture a culture of risk mitigation, is to foresee all potential areas of risk and take steps to mitigate or at least acknowledge the existence of risk.  Stockholders of a finance company do not want to be told the company collapsed because it failed to appreciate the risks inherent in mortgage backed securities.  Investors in an energy company dont want to be told the company collapsed because it failed to reign in corruption and malfeasance on the part of upper management.  What every company must ask itself is the fundamental question- "Has the company looked at all areas of risk, including the unexpected areas and taken steps to mitigate the risk.?"

Risk comes in many packages. Political. financial, legal, business, economic, natural and of course personal.  Risk can be the result of political or economic events.  Risk can also result from natural disasters. But it can also be the result of success.  In essence, there is risk in the unexpected consequences of  success.  How so you may ask?  Look at Sony.  Sony's success led to hubris.  It led to the decision to expand in to a multitude of business ventures and product lines which resulted in Sony concentrating less on it core products which had made it successful and concentrating on product lines it was not so familiar with. The end result- it took its eye off the ball. Samsung and LG rushed in.  Look at Samsung today- you can also argue that Samsung was too successful with its PDAs and forgot to look at the competition in China. Sony, Panasonic and others are victims of thier own success.  But they didn't have to be if they appreciated the fact that success can lead to unintended consequences.

The world today is flat.  Every aspect of the world is interconnected.  Success can be fleeting if companies fail to realize that a company's brand is now based not only on creating a superior product but on providing superior service or creating a superior consumer experience.  The risk a company faces on a day to day basis is the risk that it fails to recognize it must provide a superior product, service and customer experience on a regular basis.  Once it provides a superior product or service, it must continue to do so or it runs the risk of failure or collapse.  It faces unexpected failure as it relied too long on the out of date "successful" business plan.  Or it experiences unexpected failure because it relied too long on the "superior" product that suddenly becomes out of date. What happened to the Sony Walkman?  The risk is that a company fails to realize everything changes, and based on past success or based on unexpected success it fails to push the envelope and fails to provide a superior product or superior service all the time.

How does your company handle success?  Has it stopped striving to be the best?  Has success made it complacent?  Does it understand that there is great risk in success if it fails to understand why it became successful?  Does the risk management department consider the risk of unintended consequences?  What do the reports from the field say about products and product development?  What does Service say about customer satisfaction?  Is your company a little paranoid about its business plan or is it overly confident based on past victories and successes?  Is it always trying to streetch the envelope or is it a little comfortable?

A risk management department in any company must understandably handle commonly perceived risk on a daily basis.  But it must also consider the risks inherent in unexpected or unintended consequences.  Failure to do so invites great risk and potential disaster.  What do the risk models and processes say about success?  Talk to your risk managers.  They will be the first to tell you if your products or services are becoming out of date or are having trouble in the field.  Remember, one of the unexpected consequences of success is risk.

Product planning and development has the potential for great risk, but also for mitigation of risk if the right mechanisms can be used in a timely fashion. Creating products that do not present safety risks or pose a hazard is not only should be the main goal of a manufactruring company but it of course can be a complicated process.  As I have stated in my other blogs-  companies need to be very risk management focused to avoid product liability litigation and legal exposure. If  safety related processes are implemented in a timely and correct manner to minimize product defects, such processes can limit and minimize legal risk, especially regarding class actions. 

1.1  Stages 

Product development and planning normally involves four distinct stages prior to mass production: 

In each stage there is potential cause for risk, as each stage involves processes that can potentially expose a manufacturing company to great legal risk  by virtue of poor planning, documentation or poor implementation of critical development processes.  A breakdown in processes can lead to disaster. Such processes include : 

In each stage of product design, development, and production, many departments must share and coordinate information, tasks, roles and responsibilities, and communication with each other. Failure to do so in an effective manner in accordance with proper procedures and processes leads to not only failure but potential legal liability. For instance, let’s look at the main stages of a product planning cycle in a new product development scenario. 

1.2  Product Planning 

A typical product planning life cycle would involve at least eight departments and look something like this: 

These days companies must pay close attention to the development process.  As part of a robust risk management program, product planning and development must also pay attention to product defects and resulting product liability claims.  A product planning and development process is the first process in the manufacturing cycle that if handled properly can ensure the products are manufactured in an environment which minimizes product design and manufacturing defects and produces high quality products.

I recommend any manufacturing company to implement a legal risk management audit covering the department and divisions I have mentioned above.  Such audit should pay close attention to the product planning and development processes currently in place.  Every company should ask itself whether the processes in place are first class, adequate or outdated.  Producing defective products resulting in injuries or that present safety issues or safety hazards will always lead to product liability lawsuits and class actions.  Extreme care and caution must be taken to minimize any chance of legal liability.  Remember, when planning and developing products- processes that promote safe designs  and safety comes first.

KOREAN IP SCANDALS: LACK OF ENFORCEMENT DESPITE THE MECHANISMS 

Lately, Korea has been the subject of several high profile IP related lawsuits.  On March 11, Burberry filed a lawsuit in Korea against underwear maker SBW, claiming SBW copied Burberry’s trademarked checker patterns.  More recently, SanDisk and Toshiba files separate lawsuits against SK Hynix for stealing flash technology.  Though these lawsuits reflect a different aspect of IP, one a trademark case and the others alleging the theft of trade secrets, they also show a disturbing trend of passive IP infringement in Korea.

IP infringement in Korea is nothing new. Kolon was sued by Dupont for trade secret theft as well, which resulted in a $950 Million verdict against Kolon in the U.S.  The verdict has been overturned on appeal and of course, the Apple v Samsung litigation, is perhaps the most famous litigation involving trade dress as it has mushroomed out to involve cases in various jurisdictions.  However, the size and seriousness of passive IP infringement is growing despite Korea’s implementation of a well drafted IP regime.

Though Korean companies are the 5th largest file of patent applications in the world (number 2 in the US) Korean companies rarely take legal action against infringers, especially domestically.  Despite Korea’s IP laws and numerous governmental agencies that can assist in IP infringement actions, such laws are rarely used domestically.  In the past, Korean companies have refused to aggressively use IP laws to enforce their patent and trademark rights as they wanted to avoid litigation and the perception they were using the law against domestic counterparts. In essence, they did not want to be viewed domestically as taking advantage of IP rights for political or economic gain over fellow Koreans.  Even today, Korean companies, except for a few chaebols, refuse to aggressively exercise IP rights, even though they may have cause to do so.

As Korean companies continue to refuse to take aggressive business or legal action against infringers, especially domestic ones, this has led to the current trend of passive counterfeiting. Korean companies are no longer counterfeiting products as much as they are counterfeiting or copying designs, marketing strategies, trade dress and product environment.  Likewise, though more sensitive to IP violations than in the past, Korea’s failure to proactively protect IP rights has led to a permissive atmosphere among Korean companies when it comes to theft or misuse of a company’s trade secrets.  This is quite evident when considering the lawsuit filed by Toshiba and SanDisk against SK Hynix alleging trade secret theft.  The lawsuits filed in Tokyo District Court and in the Santa Clara Supreme Court in CA, allege a former SanDisk engineer sold NAND flash memory to SK Hynix in 2008.

For foreign companies doing business in Korea or doing business with Korean companies, protecting and enforcing IP rights is of great concern.  It must also be balanced with the business environment, as a foreign brand would be ignored in the Korean domestic market, if a company is perceived as “too aggressive” when enforcing its rights.

Foreign companies, when dealing with IP infringement issues should make use of the 5 main government agencies that protect IP and help enforce IP rights.  They are:

  1.  Korea Intellectual Property Office ( KIPO)
  2.  Korea National Police Agency
  3.  Korea Customs Service ( KCS)
  4.  Korea Trade Commission ( KTC)
  5.  Ministry of Justice ( MOJ)The agencies, if used properly, can help a number of ways, including (i) investigation of the distribution network, (ii) raids, (iii) blocking of imports,(iv) international trade remedies, and (v) injunctions against counterfeit sales, etc.As litigation is expensive, companies need to consider whether filing civil complaints are in fact worth the time and effort.  KTC action may be less expensive and easier to enforce than litigation.  Therefore, a company needs to consider all alternatives available to it when enforcing IP rights.As companies continue to do business in Korea, they need to be aware of the very real danger of IP infringement and theft that could take place.  They must also realize that many Korean companies are very lackadaisical when enforcing third party IP rights and sometimes turn a blind eye to IP infringement internally.  Considering the danger of IP infringement, companies should take preventive action to prevent loss or misuse of IP including:
  1.  Creation of a IP Brand Protection Team that can implement a anti-counterfeiting plan and strategy;
  2.  Create a counterfeiting detection system;
  3.  Control all aspects of the distribution network. Track the product through distribution to confirm where the products came from;
  4.  Monitor sales outlets and online shopping malls;
  5.  Do extensive due diligence on potential buyers and sellers to confirm they do not sell counterfeits;
  6.  Do extensive due diligence on potential dealers and distributors to confirm they do not sell counterfeit products or misuse IP.
  7.  Train all Korean employees on IP infringement. The more the Korean employees understand what IP consists of the more serious they will be about protecting it; and
  8.  Make certain your HR department screens hires from competitors to prevent unauthorized disclosure of trade secrets. 

The most important part of a General Counsel's career is picking the right law firm.  The right law firm will help the company save time and money.  It will also help proactively handle major legal issues and of course it will make the  General Counsel ( GC ) look good in front of the CEO or CFO.  The issue facing the GC is of course picking the right law firm.  What criteria should be used when deciding which firm to use?

The GC will have numerous law firms begging to be considered- each claiming they are the best firm for the job. Obviously, the GC will look for a firm that adds value to the company instead of one that does not.  One of the major criteria in selecting the right firm is cost containment. Which firm does the best job in containing legal costs and fees while providing effective and efficient legal services?  Which firm adds value.

Firms that want to stay relevant must realize that as companies are requiring in house law departments to be more efficient and cost conscious- so will the GC require outside firms to be efficient and cost conscious.  What does this mean for law firms?  It means a number of things:

1.  Controlling costs is essential.  If a firm thinks it can continue to bill excessive legal fees  and costs it it wrong.

2.  The billable hour is dead.  Most GCs are now demanding law firms to agree to Alternative Fee Arrangements ( AFAs) - primarily fixed fees or hybrid fee arrangements.

3.  Firms must view themselves as a business that provides legal services.  As a business they are subject to the vagaries of the business world.  They must find a way to differentiate themselves from the "pack".  They must also use business tools at their disposal- such as risk assessments, client surveys and metrics to become efficient and effective providers of business solutions that resolve legal issues.

4.  They must focus on cost management and implement strategies to contain costs.

5.  They must be creative in attracting and retaining clients by offering various fee and billing arrangements customized for the client and matter at hand.  One size does not fit all.

6.  They must give serious thought as to how to provide AFA s while still making a profit. Like any business, if they agree to a fixed fee but underestimate the amount of work needed they may be forced to close their doors.

7.   They must use the latest software in predicting costs and controlling costs.

8.   They must advise the client on what it can do to lower legal costs.

9.   They must become involved in their client's business on a regular basis so they can help the client stay proactive.

10. They must minimize billing as much as possible by taking such steps as minimizing internal meetings, not charging for admin costs and not over staffing.

By taking steps to control costs, a law firm is not only helping its client's bottom line, it is staying relevant.  For those firms which pay only lip service to controlling costs, it is extremely doubtful that they will remain viable business entities much longer.

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram