One of the more important debates percolating within the trade secret community, as well as society at large, is what to do about the use of personal electronic devices. The colliding realities of today’s 24/7 workplace and the increasing security risks posed by the use of devices outside the protective sphere of a company’s infrastructure are bringing this issue into focus.  IT managers and CIOs are not the only ones talking about this issue; national media, including Forbes, the New York Times and the Wall Street Journal, have noted the tension betwen these forces in many recent articles.

To give this topic the attention it deserves, I am going to divide it into two posts. Part I will address the data and issues that are driving this problem to the front of the desks of many in-house lawyers, HR managers, CIOs and IT managers; Part II will address the security issues and what companies are doing, and can do, to reduce or eliminate this security risk.

The Facts Driving the Debate: One thing is clear, and that is that employees want to be able to use their personal devices for work. According to a survey, 35% of IT managers say they are under increased pressure from employees to offer greater flexibility for the use of personal devices. 

The reasons why employees want to use their personal devices for work are straightforward: (1) an individual employee is much more likely to keep up with ever-changing technology, as opposed to the employer, who as a matter of practical economic reality cannot match that pace (on average, companies upgrade their computers and other devices only once every three years); (2) employees, who are going to own their own devices regardless of their employer’s policy, don’t want to have to carry two smart phones, two laptops, etc.; (3) employees are expected to perform more work from home and many times after 5 p.m., so they do not want to be saddled with what they perceive as relatively “outdated” office technology while on (what was previously) their personal time; and (4) employees simply prefer working from a device with which they are comfortable and familiar, a fact reflected in their purchase of that device. These facts are unlikely to change anytime soon.

Those advocating the increased use of employee devices have coined the phrase “BYOD” (Bring Your Own Device) for those companies and firms that allow for greater use of employee devices.  Proponents claim that BYOD benefits the employer as well because it saves the company money, increases employee morale, and allows their employees to be more available after hours. However, as one opponent of BYOD commented, after identifying the legal, security, and logistical problems that accompany employees’ use of personal devices: “BYOD, you say? Better follow it up with BYOB, because you’ll want something to dull the pain.” (See Erik Sherman’s recent take in the Wall Street Journal article, “Should Employees be Permitted to Use Their Own Devices for Work?”  John Parkinson presents a nice defense of the BYOD position in the same article, some of which is incorporated above).

The Great Unknown:  Now for the frightening part:  recent research and surveys suggest that few companies and IT departments are adequately prepared – let alone adequately educated – to address the relevant issues head-on. According to a November 21, 2011 Citrix press release, a recent global survey by Citrix revealed that 62% of small and medium-sized businesses have no internal IT controls in place to manage employee-purchased smartphones, tablets, laptops, and other devices.  

Even more alarming, the Citrix survey found that 45% of the IT managers surveyed were unaware of all the devices being used to access their servers.  I am going to repeat that statistic — nearly half of those IT managers could not identify all of the devices that were accessing their servers.  Probably for that very reason, 57% of IT managers polled are most concerned about the security implications of employees using personal devices to conduct business.

We’ve confronted the issue and the facts on the ground.  Now, in next week’s Part II of this post, we will look at the practical consequences and what companies are doing, or can do, to protect themselves. 

A merger’s impact on the non-competes of the merged company remains a hot topic (see my October 7, 2011 post about the U.S. Court of Appeals for the First Circuit’s reasoning in OfficeMax v. LeVesque, which found the non-competes at issue did not protect the new company). Three weeks ago, the Ohio Supreme Court heard oral argument in a case, Acordia of Ohio LLC v. Fishel, that will go a long way in determining whether non-competes that do not specifically address the new company survive a merger in Ohio.

In Acordia of Ohio, the trial court refused to enforce the four non-competes in question. It ruled that under the specific language of those contracts, the restrictive covenants were confined to the specifically named employers, which changed over time after a series of successive mergers. After each merger, the company holding the specific non-compete disappeared. According to the trial court, this effectively terminated employment under each non-compete and triggered the time period of each non-compete. By the time the four employees decided to leave and join a competitor, each of their non-competes had expired under this analysis. 

The First Appellate District in Hamilton County affirmed the ruling late last year, looking not only at the language of the agreements in question but relying on Ohio statutory law to support its holding (citing in particular, Ohio R.C. 1701.82(A)(3)), which deals with the legal effects of a merger of Ohio corporations). The First District relied on older Ohio Supreme Court authority holding that “the absorbed company ceases to exist as a separate business entity” and that “[b]ecause the predecessor companies ceased to exist following the respective mergers, the Fishel team’s employment ceased to exist following the respective mergers, the Fishel team’s employment with those companies was necessarily terminated at the time of the applicable merger.” 

Former Ohio Court of Appeals Judge Marianna Brown Bettman’s Legally Speaking Ohio Blog has a fine summary of the questions asked by the Ohio Supreme Court Justices at the November 15, 2011 oral argument.  It is tough to handicap how the Court will rule. Logically, the employees’ position does not make sense: if the company in fact disappears, what is there to trigger, let alone compete against or protect, since there is no company left?  On the other hand, Ohio courts have shown increasing antipathy to non-competes over the past four years; given the language of the non-competes and the apparent absence of a provision allowing for the assignment to successors or assigns, it is altogether possible that the Supreme Court could affirm that the non-competes expired. This one is too close to call.

The takeaway? A better definition of “Company” under the Agreement (one that explicitly includes successors and assigns) as well as a provision providing that the agreement shall inure to the benefit of the parties’ successors and assigns would have better protected the employers. In addition, to remove all doubt, perhaps the simplest approach would be for all of the employees re-sign their non-competes with the new employer just before or after the merger.

Earlier today, the Illinois Supreme Court issued a much-anticipated ruling in Reliable Fire Equipment v. Arredondo, Illinois Supreme Court, Case No. 111871 (Dec. 1, 2011), holding that Illinois trial courts are required to determine whether a legitimate business interest exists based on the totality of the facts and circumstances of each individual case. 

In Reliable Fire Equipment, the trial court found the two non-competes before it to be unenforceable because the employer had failed to prove the existence of a legitimate business interest in support of the two non-competes. In what the Illinois Supreme Court described as a sharply divided panel, the appellate court nevertheless affirmed that decision.

According to the Legal Developments in Non-Competes blog by Illinois lawyer Kenneth Vanko, a three-way split had developed among Illinois Appellate District courts on how a legitimate business interest was to be analyzed. One line of cases had applied a categorical test that limited legitimate interests to customer relationships and confidential information, another had apparently questioned whether that requirement was even necessary, and the third had applied a fact-based analysis based on the circumstances of each case. Kenneth predicted, correctly it turns out, that the Illinois Supreme Court would adopt the fact-based analysis for determining business interests.

The Illinois Supreme Court reiterated that proof of a legitimate business interest was still required and that a covenant not to compete would only be enforced as reasonable if (1) it was no greater than required to protect the legitimate business interest of the employer; (2) did not impose an undue hardship on the employee; and (3) was not injurious to the public. In so doing, the Supreme Court explicitly rejected the holding of Sunbelt Rentals, Inc. v. Ehlers, 394 Ill.App.3d 421 (2009), which had held that an employer did not need to demonstrate a legitimate business interest when it sought to enforce a restrictive covenant. This came as no great surprise as the Sunbelt decision has been criticized and a number of Illinois appellate courts had declined to follow it.

Instead, the Illinois Supreme Court concluded that there must be an examination of the underlying business interest, focusing on the totality of the facts and circumstances of each individual case. Factors such as the near-permanence of the customer relationships to be protected, the employee’s acquisition of trade secrets or confidential information through his employment, and the time and place restrictions within the covenant are all to be considered and weighed.

The takeaway? Illinois trial courts are now indisputably vested with tremendous discretion to determine what qualifies as a legitimate business interest. While this ruling will lead to less certainty (something that is always good for lawyers, less so for their clients), one can hope it will lead to more equitable and practical results. 

Cisco’s General Counsel, Mark Chandler, has taken the unconventional step of writing a blog post criticizing Hewlett-Packard for repeatedly suing former employees who have joined Cisco over the past two years.  This post follows, and apparently details, the recent lawsuit filed by HP filed against its former Chief Technologist, Paul Perez, who joined Cisco on November 14 (for more on the litigation, see my recent post).  HP had sought to enforce a non-compete in Texas after Perez had filed an action in California challenging the enforceability of that same non-compete.

According to Chandler’s post, Perez has prevailed — emphatically — in the two lawsuits thus far.  Chandler reports that Perez’s Texas attorney was able to derail an effort at an ex parte temporary restraining order that was hurriedly scheduled in advance of a pending hearing in the California action on the very same issue.  Cisco’s legal department had reached out to HP to resolve the dispute before the California hearing, advising HP’s legal staff that Cisco had put safeguards in place to protect HP’s trade secrets (as HP had done earlier this year to insulate itself in a dispute with IBM, about which I also recently posted).

Instead of responding to that olive branch, HP apparently sought an “emergency” TRO conference without notice to Perez or Cisco even though the California hearing was scheduled to begin in two hours.  When Perez’s Texas attorney saw HP’s filing online, he appeared before the Texas court unexpectedly to report that “the matter was already in front of a California court, with HP fully represented.”  Chandler noted that “the judge in Texas was not impressed by HP’s effort to get her to act without a hearing,” that “she refused to proceed” on HP’s TRO request, and later that day “the California judge issued an order allowing [Perez] to begin his new career at Cisco.”

This resounding win and resulting post are both getting a fair amount of coverage.  The Wall Street Journal’s Law Blog, the San Francisco Chronicle, the San Jose Business Journal, and technology blogs like All Things Digital have all reported on Chandler’s post.  I have not been able to access either court’s ruling but, given the attention this case is receiving, I will do a post later once I have the opportunity to review them. 

The lesson here is ex parte requests are rarely granted and even more rarely appreciated by courts.  This is especially true when the court learns that the other side has counsel and has expressed an interest in trying to work things out.  In these high profile disputes, this aggressive approach can backfire and result in not only a legal but public relations coup for the other side.

If you fail to comply with the fine print found within the Terms of Service of an online agreement, have you committed a crime? That is the troubling question raised by increasingly broad interpretations of the acts sufficient to trigger a criminal action (or civil claim) under the Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030.
 
In an interesting post entitled “Lie about your age … Steal a trade secret … It’s all criminal,” the Non-Compete Trade Secrets blog posits that failing to follow some of the broadly written and mundane Terms of Service provided by many websites could, in the wrong circumstances, be enough to justify an indictment by an overzealous prosecutor.  Orin Kerr, professor and author of the Volokh Conspiracy Blog, has also written about the potential for abuse in his blog and in a recent op-ed piece in the Wall Street Journal.  Their concerns arise from recent decisions expanding one of the critical prongs of the CFAA — whether a defendant “exceeded authorized access” of a protected computer.
   
The most noteworthy of these decisions is the Ninth Circuit’s recent holding in U.S. v. Nosal,  642 F.3d 781 (9th Cir. Apr. 28, 2011).  In that case, the Ninth Circuit held that the violation of a computer use policy that placed “clear and conspicuous restrictions on the employees’ access” to the employer’s computer system and the specific data at issue could be enough to qualify as conduct that exceeded authorized access. The Northern District of California has since applied Nosal’s reasoning to online agreements, at least in a civil dispute between commercial parties. In Facebook v. MaxBounty, Case No. CV-10-4712-JF (N.D. Cal, Sept. 14, 2011), that district court found that a violation of Facebook’s terms of use could qualify as access without authorization under the CFAA.
 
It’s not just lawyers musing about the implications of these decisions. Even the Wall Street Journal has chimed in, expressing concern that the proliferation of online agreements that many of us mindlessly click and accept could trigger a violation of the CFAA. For example, supplying the wrong age, height or weight in a profile for a dating website might qualify as a violation of the CFAA because you may have agreed not to provide inaccurate or misleading information to the website. And this does not even account for the fact that many of these online agreements reserve the right for the provider to change those Terms of Service without notice at their discretion.
 
Naturally, federal prosecutors dismiss such fears.  According to the WSJ, Richard W. Downing, deputy chief of the Computer Crime & Intellectual Property Section at the Justice Department’s Criminal Division recently testified that such fears were “unsubstantiated.” According to Downing, the Justice Department would not “expend its limited resources on trivial cases such as prosecuting people who lie about their age on an Internet dating site.” The problem, however, is that not that prosecutors will pursue everyone, but that they have the discretion to pursue anyone.
 
The tide may be turning. While Nosal was initially applauded by many in the trade secret community because it would bolster employers’ protections under the CFAA, libertarian groups such as the Electronic Frontier Foundation argued that Nosal could criminalize the very acts outlined above as violations of broadly written Terms of Service. Perhaps as a result of those arguments, the Ninth Circuit indicated on October 27, 2011 that it will rehear Nosal en banc and noted that in the meantime Nosal was not to be used as precedent in the meantime.
 
I have to agree with the commentators on this one.  Isn’t the correct question what did Congress intend to prohibit when it enacted the CFAA?  I have not burrowed into the legislative history, but is difficult to imagine that the CFAA was supposed to govern a consumer’s failure to follow the fine print in an online licensing or terms of use agreement.

As many of you know, the challenges posed by the Internet and the potential for abuse by self-styled whistleblowers are two things near and dear to my heart.  A thoughtful but potentially troubling decision on November 9, 2011 by the U.S. District Court for the Northern District of California in Art of Living Foundation v. Doe, Case No. 5:10-cv-05022-LHK, may make it more difficult for trade secret plaintiffs to litigate against anonymous bloggers who post trade secrets on a website.

The Art of Living Foundation (AOLF), a religious group based in Bangalore, India with chapters in more than 140 countries, was accused of being a cult by the Doe Defendant, a blogger who uses the pseudonym “Skywalker.” As a result, AOLF sued Skywalker last November, claiming that two of his posts misappropriated some of its trade secrets, infringed its copyrights, and defamed it.  AOLF claimed that Skywalker and other defendants published AOLF’s copyrighted Breathe Water Sound manual and trade secret teaching methods in his blog and also made numerous false and disparaging remarks about AOLF and Ravi Shankar, who apparently holds himself out as an “enlightened being” and leader of this movement.

AOLF issued various subpoenas on several Internet Service Providers to discover Skywalker’s identity, and Skywalker moved to quash those subpoenas on First Amendment grounds. The Magistrate denied the Motion to Quash, but that decision was subsequently overturned by District Court Judge Lucy H. Koh, who balanced the rights of Skywalker against the needs of AOLF to discover Skywalker’s identity.  Using a practical approach, Judge Koh ultimately concluded that discovery of the blogger’s identity was premature because motions for summary judgment and to strike AOLF’s claims were fully briefed and ripe for decision. This part of the decision makes sense, since Judge Koh had already dismissed the defamation claim on First Amendment grounds on June 15, 2011.

My Concerns About The Ruling:  I think addressing the First Amendment question on the identity of the blogger was unnecessary.  AOLF may or may not be a cult, Skywalker may or may not be a disgruntled former member, and it is hard to argue against a blogger’s First Amendment right to criticize a large religious institution on what appears to be a genuine issue of public interest. That being said, in its desire to reach the First Amendment issues, the district court ended up engaging in circular reasoning. For example, Judge Koh recognizes that the nature of the underlying speech (is the speech political, religious or literary, or is it merely commercial?) will trigger the rigor of the standard to be applied to the speech in question. 

For this reason, the district court distinguished decisions ordering the identity of defendants in copyright cases where unidentified defendants are alleged to have illegally downloaded and distributed a plaintiff’s copyrighted songs using a “peer to peer” file copying network. Judge Koh reasoned that the individual’s motivation in those cases was commercial (i.e., to obtain music for free) as opposed to trying to communicate an idea or thought. This analysis is consistent with Ninth Circuit’s 2010 decision in In re Anonymous Online Video, which ordered the identity of the speakers because the speech was commercial and directed to the commercial and business practices of the plaintiff. (For a fine analysis of that decision, see this post from the IP Law Blog).

However, how can a party adequately determine whether the speaker in question is motivated by commercial interests if he can hide behind a veil of anonymity? After all, as the Second Circuit has recently held, a Doe defendant’s arguments may raise “questions of credibility and plausibility that cannot be resolved while [a Doe Defendant] avoids suit by hiding behind a shield of anonymity.” Arista Records LLC v. Doe, 604 F.3d 110, 124 (2d Cir. 2010). By foreclosing discovery regarding the defendant’s identity, a plaintiff may be precluded from determining whether there is in fact a commercial component to the speech in question. 

The second problem that I have with the district court’s reasoning was its willingness to readily accept Skywalker’s protestations of harm.  Holding that “to the extent that Skywalker’s anonymity facilitates free speech, the disclosure of his identity is itself an irreparable injury.” (Opinion at p. 13). The problem with this reasoning is that any disclosure of a blogger’s identity is equated with irreparable injury. Mark my words, we will see this language again in some other opinion in the future. Similarly, Judge Koh acknowledged that the blogger’s claims of potential retaliation were “not particularly reliable.” (Id. at p. 14). Yet on this weak record, she found that it still outweighted AOLF’s right to discover the blogger’s identity.

This is a pet peeve of mine. When issues of the First Amendment are raised, some federal courts are too eager to race to embrace them, particularly when public interest groups like the ACLU or First Amendment Coalition fan the flames. In this case, the district court could have easily punted based on the procedural posture of this case alone, the position that it ultimately settled on in deferring discovery. Unfortunately, the district court unnecessarily engaged in an involved First Amendment analysis that may prove problematic when applied later in another case to a less worthy defendant.

Finally, should the mere fact that a motion to dismiss or summary judgment is filed be enough to prevent discovery on the issue of the identity of the blogger? Again, the cloak of anonymity may frustrate the ability to meaningfully respond to such a motion.  One would hope that, under different facts, that the balancing test used by a district court would yield a different result.

I am a big believer in transparency and, as a result, I am always skeptical of those who claim that they should be free to criticize or do anything else under the cloak of anonymity.  We all know this is especially true given the potential harm that the Internet can cause.  Courts sometimes are too willing to accept the narrative of the noble but at-risk whistleblower, when the story may turn out just as easily to be that of someone who has an axe to grind or is simply unhinged.  Yes, AOLF is hardly a sympathetic plaintiff, and yes, AOLF probably wanted the identity of the blogger for reasons other than service of process.   However, another court may now take this reasoning and apply it to a situation where the identity of the blogger is simply not worthy of First Amendment protection.

As WikiLeaks’ funding has dried up and as the federal government presses ahead in its prosecution of those behind it, the risk posed by that once-dangerous phenomenon appears to be waning.  Throw in the recent SyncSort v. Innovative Resources decision holding that mere publication on the Internet does not destroy trade secrecy, and a trade secret plaintiff should feel better about its chances of prevailing these days in these cases.  However, the unnecessary First Amendment reasoning used in this case could lead to mischief later.

Law360 is reporting that the Hewlett-Packard Company (HP) sued its former Chief Technologist for its StorageWorks unit, Paul Perez, in Houston, Texas on Wednesday, November 16, 2011, to enforce a non-compete and non-disclosure agreement.  Perez resigned to join Cisco Systems on Monday, November 14, 2011, and according to HP, he has filed a preemptive lawsuit in California asking for a ruling that he is free to work for Cisco. 
 
According to the complaint filed in Hewlett-Packard Company v. Paul Perez, Harris County, Texas (Dist. Court No. 201169187), Perez was responsible for leading the HP StorageWork unit’s technology strategy and exploration processes, keeping a census of its IP portfolio, and leading the unit’s patent review process. After working for HP for more than 25 years, Perez executed a one-year non-compete in 2010. HP contends that Cisco is a direct competitor and that by serving as Chief Technology Officer with Cisco’s Server Access Virtualization Technology Group, Perez is violating his non-compete.   
    
Like some other high profile disputes involving senior executives, there is a looming battle over which law and forum should govern. According to HP, Perez agreed that he would not pursue any legal action to set aside or avoid his non-compete. However, on the day that he resigned (November 14, 2011), Perez filed a complaint against HP in California challenging the enforceability of his non-compete (Perez v. Hewett-Packard Company, Cause No. 111-CV-213052, Superior Court of California, County of Santa Clara). HP argues that the court should disregard Perez’s claims of California residency because he still owns a home in Texas and never advised HP of any move to California.

As I have written before, the first court to hear the injunction generally decides the outcome of the case. Most if not all of these cases involve efforts by the former employee to invoke California law, which we all know forbids non-competes except under the most limited circumstances. However, California courts have not been terribly receptive to eleventh-hour claims of residency and have been willing to defer to the court in the state in which the employee previously resided. For example, in a high profile non-compete case in 2009, David Donatelli, the chief of EMC’s storage division, moved from Massachusetts to California to join (ironically) HP and tried the same approach; that strategy fizzled when the Massachusetts court enforced the non-compete in substantial part and the California court then demurred on grounds of comity. (Full disclosure: I have represented EMC in the past).

I will keep an eye on this one and provide an update if there is a decision.

More and more companies are using “cloud computing” for the offsite storage and use of their proprietary data and information. To date, no court has yet addressed whether a company’s storage of trade secrets in the cloud compromises those trade secrets’ status. However, as the argument will inevitably be made in litigation, there are a number of steps a business can take to defuse any argument that its information is not adequately protected within the cloud.

Cloud computing presents a different paradigm for the storage, use and delivery of computer resources. Unlike traditional desktop computing, data is not stored or used with purchased software products installed on a local computer, but rather through a service kept in the cloud that is accessed and billed as needed. The data is stored remotely on third party servers accessed via the Internet, as opposed to a private computer or network. The cloud may be reached through traditional computers and mobile devices, such as cell phones and tablets.

Storage costs tend to be lower within the cloud, as large upfront capital expenditures for computing infrastructure and software are reduced to routine operating costs as the specific services are used. In addition, data in the cloud may be accessed regardless of the user’s location or device. Cloud computing solutions are also readily scalable as a company’s needs change.

As a result, everyone seems to be embracing the cloud. The research firm Forester has estimated that the global market for cloud computing will grow from $41 billion in 2010 to $240 billion in 2020. Apple has introduced iCloud which will sync remotely-stored data between devices. Amazon’s Cloud Player allows music to be stored online and then played on different devices. And Microsoft is adding more and more cloud-based services to its products like Windows and Office. 

Trade secrets are frequently stored within the cloud. They may be passively stored as data or actively used with a service hosted in the cloud. A trade secret may even be stored locally on its owner’s private network, transmitted to the cloud to be manipulated by a service, and then brought back to the owner’s network where the results are saved. A trade secret owner may not fully appreciate every time a trade secret makes its way into the cloud. Online backup services place data, including trade secrets, on servers in the cloud. And a trade secret sent as an attachment to web-based e-mail is passing through the services’ servers. 

What can a business do to protect its trade secrets in the cloud? While there is no court decision to serve as a guide, there are some common sense steps that can followed. The first step is obviously to ensure that the cloud computing service provider’s security policies, practices and infrastructure adequately safeguard the confidentiality of the information. The service provider’s encryption arrangements should be examined and verified. It is important to remember that because your senstive data is being pooled with the sensitive data of others, your cloud provider is a “target-rich” environment for hackers and cybercriminals. Make sure that your IT staff has completely satisified itself that the cloud provider is capable of protecting your trade secrets.

Second, a company should consider adding a second layer of encryption to data containing a trade secret. Two layers of encryption are more difficult to infiltrate than just one, especially since the client’s encryption would be independent of the service provider’s encryption.

Third, terms of service for any cloud computing service should be reviewed thoroughly. Terms outlining ownership, the right to conduct audits, and continued confidentiality and deletion of data once the relationship ends should be included. The service provider should be liable for its subcontractors or other parties it uses and should be required to maintain data-protection or cyber-liability insurance coverage that adequately protects the trade secrets that it may store or use. Additional ideas for contractual terms are included in a fine recent post on the TechNewsWorld Blog.

Cloud computing will continue to grow in popularity because of its cost and access advantages. As trade secret owners may face challenges to their use of the cloud to store their trade secrets, adopting some of the practices suggested above will hopefully reduce arguments that they have failed to protect those secrets in the cloud and provide an added level of security.  (I’d like to thank my colleague John Molnar for his help with this post).

New Jersey appears close to adopting the Uniform Trade Secret Act (UTSA). I think that this is a pretty big development, as New Jersey is one of the four remaining states that have not adopted some or all of the provisions of the UTSA (Massachusetts, New York and Texas are the others) but instead rely upon some variation of the Restatement of Torts (2d) for trade secret misappropriation claims.

The bill, which is simply described as the “New Jersey Trade Secrets Act” (A-921/S-2456), has taken more than two years to work its way back and forth between the New Jersey General Assembly and Senate. However, on September 26, 2011, the New Jersey Senate approved the bill which would formally adopt the UTSA and replace the current common law remedies. The Act would include many features of the UTSA including the right to recover damages for unjust enrichment or a reasonable royalty for unauthorized disclosure or use of the trade secrets in question. The Act would allow for punitive damages in cases of willful misappropriation (not to exceed twice the amount of the actual damages proven) and would also permit an award of attorneys fees for claims found to have been brought in bad faith. 

The New Jersey Act also has a couple of unique provisions. Going against the trend favoring public proceedings, the Act would impose “a presumption in favor of granting protective orders in connection with discovery proceedings” as well as “provisions limiting access to confidential information to only the attorneys for the parties and their experts, holding in-camera hearings, sealing the records of the action, and ordering any person involved in the litigation not to disclose an alleged trade secret without prior court approval.” The Act also precludes a defendant from arguing that “proper means to acquire the trade secret existed at the time of the misappropriation,” which is a defense commonly offered in trade secret cases.

The Assembly has to vote on the Senate’s amended version before it is presented to Governor Chris Christie for his signature. The bill is expected to be voted upon after the November recess and signed by Governor Christie. Once the bill is signed by Governor Christie, it will become effective immediately. 

In short, trade secret protection is very much on the minds of state and federal legislators. As I wrote last month, Congress is now considering a federal civil cause of action under the Economic Espionage Act. In addition, Georgia broadened its non-compete statute through a consitutional amendment last year and legislative developments in Masachusetts are underway as well. It is truly a momentous time to be practicing in this area.

Courts continue to grapple with whether to enforce a non-compete against a former employee who joins a competitor but takes affirmative steps to protect the former employer’s trade secrets and avoids former customers. For example, in Aspect Software v. Barnett, the U.S. District Court of Massachusetts enforced a non-compete even though it found that the employee and his new employer had taken “scrupulous steps” to protect his former employer’s trade secrets decision. Now, another important decision on this issue, IBM v. Visentin, 2011 WL 672025 (S.D.N.Y. Feb. 16, 2011), has just been affirmed by the U.S. Court of Appeals for the Second Circuit. In contrast to Aspect Software, the U.S. District Court for the Southern District of New York found that the efforts of the employee and new employer in Visentin were sufficient to avoid any inevitable disclosure of IBM’s trade secrets; its denial of IBM’s request for a preliminary injunction was affirmed by the Second Circuit on November 3, 2011.
 
Even by trade secret litigation standards, the Visentin case has moved at warp speed: On Jan. 19, 2011, Giovanni “John” G. Visentin, a general manager at IBM, announced his intention to leave IBM to work for HP. Although Visentin offered to remain at IBM for a reasonable transition period, IBM declined that offer and instead immediately sent someone to his home to retrieve his laptop. The next day, IBM filed a complaint alleging breach of his non-compete and misappropriation of trade secrets, and moved for a preliminary injunction. U.S. District Court Judge Loretta Preska held a four-day hearing beginning on February 11, 2011 and issued a comprehensive 61-page opinion on February 16, 2011 denying IBM’s request.
 
Essentially, Judge Preska rewarded Visentin and HP for their good behavior. The district court was persuaded that the steps taken by Visentin and HP would safeguard IBM’s interests. Those steps included not only directing Visentin not to share any IBM confidential information but also specifically structuring his new position to avoid any overlap with areas that he oversaw at IBM. In addition, Judge Preska found that as a general manager, Visentin’s exposure to IBM’s trade secrets was minimal and in the absence of misconduct by Visentin, IBM had not met its burden of showing that he would inevitably disclose the few trade secrets that he had.
 
Judge Preska’s decision also reinforces how an employer initially reacts to the news of the employee’s resignation may be an important factor when the district court balances the equities. In particular, Judge Preska emphasized IBM’s decision to refuse Visentin’s offer to remain at IBM and its refusal to discuss the new position with Visentin exacerbated the very emergency for which IBM sought the court’s assistance.  (For a more detailed analysis of Judge Preska’s decision, which includes the perceptive note that I included above, please see Weil’s reprint of an April 4, 2011 article in The New York Law Journal).
 
The Second Circuit simply affirmed Judge Preska’s opion with a summary order, concluding for “substantially the same reasons” in Judge Preska’s “thoughtful and well reasoned” opinion that she did not abuse her discretion.
 
The takeaway? It is difficult to completely reconcile the holdings in Visentin and Aspect Software, as the former employee and new employer implemented similar safeguards to protect the former employer’s trade secrets in both cases. Perhaps the difference in the roles and responsibilities of the respective employees may account for the different rulings, as well as the fact that they were issued by courts in different jurisdictions applying arguably different standards (New York and Massachusetts have not adopted the UTSA). Whatever the case, Visentin certainly stands for the proposition that good behavior, sound planning and methodical execution can save the day.