Keeping It on the Down Low: Preserving Confidentiality in the Electronic Age

December 7, 2010

Since Al Gore created the Internet back in the day, transferring large amounts of information instantaneously has become increasingly easier to do. The Internet, coupled with simple and inexpensive devices such as jump drives, has made it extremely difficult for employers to protect their confidential information. This article discusses the need for confidentiality agreements and trade-secret protection as well as practical considerations for setting up document management protocols.

Step One: Confidentiality Agreements
Employers of all shapes and sizes should consider having confidentiality agreements with their employees. Wisconsin employers, however, cannot place unreasonable burdens on employees regarding the use of confidential information if doing so unnecessarily restricts them from obtaining employment elsewhere. To avoid such a misstep, a confidentiality agreement must comply with Wis. Stat. § 103.465, which states:

A covenant by an assistant, servant or agent not to compete with his or her employer or principal during the term of the employment or agency, or after the termination of that employment or agency, within a specified territory and during a specified time is lawful and enforceable only if the restrictions imposed are reasonably necessary for the protection of the employer or principal. Any covenant, described in this subsection, imposing an unreasonable restraint is illegal, void and unenforceable even as to any part of the covenant or performance that would be a reasonable restraint.

To comply with Wis. Stat. § 103.465, you must define the scope of the information you wish to keep confidential, and the information must be subject to reasonable steps to maintain its confidentiality or a court will find that it isn’t confidential. For example, a confidentiality agreement may contain a definition of “confidential information” — e.g., information that is not a trade secret, which:

  1. The employer seeks to protect from disclosure,
  2. Is possessed by or developed for the employer,
  3. Relates to the employer’s business, and
  4. Is generally not known to the public.

You might follow the definition with a list of items that would generally fall within the protection of the agreement.

To avoid having a court find that a confidentiality agreement is overly broad, the agreement should exclude information that is:

  • Generally available or becomes generally known to the public through no wrongful act or omission of the employee;
  • Already in the lawful or rightful possession of the employee before he received the confidential information;
  • Or, developed independently by the employee without use of the confidential information.

Additionally, you should consider placing a time limit on how long the employee is precluded from using confidential information. In some instances, a geographical scope also may be appropriate.

Step Two: Trade Secrets
In addition to keeping confidential information confidential, you may protect your intellectual property under trade-secret laws. Trade secrets are a creature of statute. Classic examples are the formula for Coca-Cola and the recipe for Kentucky Fried Chicken. Employers that are serious about protecting bona fide trade secrets can seek additional protection under the Wisconsin Uniform Trade Secrets Act. The Act makes it unlawful for a person to misappropriate or threaten to misappropriate a trade secret by:

  • Acquiring it by a means that he knows or has reason to know is improper;
  • Disclosing or using a trade secret without express or implied consent if he used improper means to acquire it or, if at the time of disclosure or use, knew or had reason to know that he obtained knowledge of the trade secret:
    • From a person who used improper means to acquire it;
    • Under circumstances leading to a duty to maintain its secrecy or limit its use;
    • From a person who owed a duty to the person−seeking relief to maintain its secrecy or limit its use;
    • Or, by accident or mistake.

The Act defines “trade secret” as any information, including a formula, pattern, compilation, program, device, method, technique, or process that:

  • Derives independent economic value, actual or potential, from not being generally known to and readily ascertainable by proper means by other persons who can obtain economic value from its disclosure or use; and
  • Is the subject of efforts to maintain its secrecy that are reasonable under the circumstances.

The mandatory requirements of Wis. Stat. § 103.465 do not apply to a bona fide trade secret protected under the Wisconsin Uniform Trade Secrets Act.

Because a trade secret loses protection if it is no longer a “secret,” employers must take reasonable efforts to maintain its secrecy. One of those efforts should include the development and implementation of a trade secret security program. Components of such a program should, at the very least, include:

  1. A written policy setting forth the company’s limits on the use of trade secrets;
  2. New hire orientation;
  3. Use of carefully drafted nondisclosure and/or confidentiality agreements;
  4. Stamping documents as “trade secret”;
  5. Implementation of physical security and destruction measures; and
  6. Exit interviews and postemployment communications reminding former employees of obligations that may continue after employment.

Step Three: Locking Down Valuable Electronic Information
Since the introduction of the copy machine, employers have had to worry about employees walking off with important and sensitive documents. Nowadays, a disgruntled employee can spend 10 minutes forwarding key documents to his personal e-mail account before handing in his resignation. On one level, it’s simply impractical to try to control the flow of all confidential data without imposing such extreme burdens that it would be impossible to do business. However, you should consider placing some limitations on the creation and free flow of data to avoid a catastrophic misuse of sensitive information.

For example, setting up a centralized document management system that prohibits employees from storing documents on their personal hard drives or jump drives may help minimize the mass transfer of sensitive information. Similarly, you may consider blocking employee access to personal e-mail accounts. Further, limiting the file size of e-mail transmissions may slow down any nefarious document transfers.

Limiting access to documents within the document management system is critical. If you’re considering terminating an employee, you may want to suspend him with pay and restrict his computer access pending the outcome of your investigation. Finally, never let an employee who has been terminated or is about to leave your employment have unsupervised computer access.

Bottom Line
It’s nearly impossible to keep all sensitive information confidential in the electronic age, as is evidenced by websites such as Wikileaks. Notwithstanding these extreme challenges, employers shouldn’t throw up their hands and do nothing. Rather, confidentiality agreements, trade secret protection and closely monitored document-management systems can help keep the lock on the barn door. In addition to having counsel review or create confidentiality or trade-secret agreements, you should consider having an outside computer consultant audit your current practices.

To subscribe to email alerts from Axley Law Firm, click here.

For more information about "Keeping It on the Down Low: Preserving Confidentiality in the Electronic Age," contact Saul C. Glazer at sglazer@axley.com or 608.260.2473 or Troy D. Thompson at tthompson@axley.com or 608.283.6746.