To establish a trade secret claim, the trade secret owner (usually an employer) must show that it used reasonable measures to protect that information’s secrecy. As a result, the question of whether that owner’s efforts were sufficiently reasonable is frequently the point of contention in trade secret litigation, as the parties argue over whether the owner did enough to prevent the potential disclosure or use of those trade secrets. There are a multitude of questions that can arise: Did the owner limit the access of its employees to the trade secrets on a “need to know” basis? If the information was stored electronically, did the owner use adequate electronic safeguards such as passwords, encryption or multi-factor authentication? If the trade secrets are tangible or visible to the eye, were the the trade secrets or the facilities in which they were stored under lock and key and were visitors prohibited? And perhaps most importantly, did the owner require employees or third parties with access to that information to sign non-disclosure agreements (NDAs) or confidentiality provisions to protect those trade secrets? The use of NDAs has long been considered a key protection, as courts and juries can readily appreciate a written agreement that sets out the trade secret owner’s expectations about protecting that information. A recent decision by the U.S. Court of Appeals for the Second Circuit, Turret Labs USA, Inc. v. Cargosprint, LLC, 2022 U.S. App. LEXIS 6070,. Case No. 21-952 (March 9, 2022 2d Cir. 2022), reinforces that courts consider these agreements to be a critical safeguard and that a trade secret’s owner’s failure to have them in place may prove fatal to a trade secret owner’s claims.
What happened in the case? Turret Labs USA (Turret) brought a trade secret claim against CargoSprint, claiming CargoSprint improperly gained access to and used Turret’s software, Dock EnRoll. Dock EnRoll was described as “air cargo ground handling control application that allows for payment of fees and scheduling of shipments based on synchronized real-time United State Customs release notifications, [and] was the first software of its kind at the time.” Turret claimed that it had licensed the software to another party (Lufthansa) and that CargoSprint falsely presented themselves as freight forwarders to Lufthansa to secure access to the software, although the court noted it was unclear whether Lufthansa granted them access or whether they secured the software by some other improper means.
Turret provided listed multiple security measures, including “that Dock EnRoll’s physical servers were kept in monitored cages within a data center with restricted access and that access to the software was limited to those with usernames and passwords approved by Lufthansa.” However, conspicuously absent from the complaint was any contention that CargoSprint was bound by any confidentiality obligations or agreements. It was unclear from the opinion just how CargoSprint secured the information or whether Lufthansa was at fault in providing them access, a fact that the trial court noted in its complaint.
CargoSprint moved to dismiss the complaint, arguing that the absence of an NDA or confidentiality agreement meant that as a matter of law Turret could not establish it had any protectable trade secrets. The U.S. District Court for the Eastern District of New York dismissed the case for Turret’s failure to identify a confidentiality agreement. In a thorough and well reasoned opinion, the court summarized its holding with the following brutal metaphor: “[g]iven the nature of the trade secrets at issue, these allegations are akin to a Plaintiff having pleaded that he locked all the upstairs windows of his house, while remaining silent on whether the front and back doors were left wide open.”
On appeal, the U.S. Court of Appeals for the Second Circuit agreed and affirmed the district court’s dismissal. In a short and rather terse opinion, the Second Circuit emphasized the nature of the underlying trade secret as a key consideration for an NDA, writing that where the alleged trade secret consists of a computer software’s functionality “that is made apparent to all users of the program, the reasonableness analysis will often focus on who is given access, and on the importance of confidentiality and nondisclosure agreements to maintain secrecy.” In the absence of an allegation that Turret had required NDAs, the Second Circuit held that Turret had not “plausibly” alleged that a trade secret had been misappropriated.
Why is the decision important to trade secret owners and employers? The decision reinforces the importance of trade secret owners having written confidentiality agreements in place with employees, vendors or others against whom they might have competing rights over that information. As the Turrett case shows, courts consider these agreements to be critical evidence that a trade secret owner has put the other party (usually an employee) on notice that confidential information was being shared with them, that the owner expects them to treat it as confidential, and that the information is the property of that employer/owner. Because a trade secret can take so many forms, can be the product of collaboration between employer and employee, or can even contain some publicly available information, having a written agreement that puts the other party on notice that shared information may be confidential is a sound and reliable best practice.
Why is the decision noteworthy to litigators? Traditionally, the question of whether measures of reasonable security measures is one of fact, meaning courts will not dismiss cases on these grounds and instead will let the jury decide that question, so long as the owner/employer has made some showing of reasonable efforts. Courts have allowed cases to proceed without written agreements if an owner can show they protected trade secrets or reinforced their confidentiality in other ways, such as through confidentiality policies, passwords, encryption, limiting access and other measures. However, and at the very least for federal courts within the Second Circuit, the absence of an NDA may prove fatal to a trade secret claim, even if a trade secret owner has taken other steps (limited access, secure electronic systems, confidentiality policies, etc.) to protect that information. In the past, I have been able to make out cases for reasonable protection without a written agreement but it has required me to show that the defendant acknowledged that he or she understood that the information was confidential either in writing or by electronic acknowledgements. To get a case to a jury in the Second Circuit, a trade secret owner will have to make a similar and perhaps even more compelling showing if he or she doesn’t have that agreement.