Trade Secrets: Why a Standard Employment Contract No Longer Protects?

 

"In business, the most valuable assets often do not have a physical form – these are customer lists, materials from negotiations with customers and agreed terms of cooperation, pricing models, strategic plans, software code or unique business solutions.

 

This is information that is valued because it is not available to competitors. However, many managers still live with the belief that employees understand what is confidential. In reality, such an approach based on trust does not work: in the event of a dispute, it is the employer who has the responsibility to prove that trade secrets have been clearly defined, disclosed in a way that is understandable to the employee and protected.

 

The protection of confidential information is not a matter of trust, but of systematic legal, organizational and technological work. Both legal regulations and case law clearly state that the employer must define what constitutes his trade secrets and familiarize the employee with it.

 

The boundary between confidentiality and public information

 

How to clearly draw the line between what is confidential and what is not in a company? First of all, the employer must prepare a list of trade secrets and familiarize the employee with it. The list of trade secrets should be as complete and detailed as possible, because a common mistake of employers is to impose extremely abstract obligations on employees.

 

For example, such confidentiality provisions as: “The employer’s trade secret consists of all information that the employee has acquired during the performance of his/her job functions” are often found. However, the employer’s interests would be much more strongly protected by a detailed list of trade secrets – clearly itemized information that the employer considers to be a trade secret. For example, commercial offers provided to customers, product pricing, contact details of customers’ employees who make responsible decisions obtained during work.

 

It is not uncommon for the work rules, which the employee agrees to when signing the employment contract, to contain an abstract provision that the employee undertakes to protect the information constituting the employer's commercial secret, which is listed in the list of commercial secrets. In such cases, employees sign only the employment contract, but do not sign either the work rules or the list of commercial secrets. Then, during a dispute, it would be more difficult for the employer to prove that the employee was clearly informed of what constitutes commercial secrets.

 

It is recommended to clearly stipulate the employee's obligation to protect commercial secrets in the employment contract or additional agreement, and to provide the list of commercial secrets as an annex to the contract, each page of which the employee would sign.

 

It is important to note that the measures to protect information constituting a commercial secret must be not only legal, but also technical and organizational. For example, if information constituting a trade secret is stored in internal document management or data storage systems (e.g. SharePoint, Google Drive), password-protected access to it should be granted only to those employees who have committed in writing to protect trade secrets. In addition, the employer should organize the dissemination of trade secrets responsibly - trade secrets should be provided only to those of its employees who need such information to perform their job functions.

Remote work and digital tools only strengthen the need for protection

 

Today, working from home is completely common, but in such cases it becomes more difficult to control the protection of confidential data.

 

Therefore, in addition to the measures already mentioned, additional restrictions on the use of information related to the specifics of the employer's activities are necessary. For example, a ban on placing confidential data on external Internet platforms - artificial intelligence tools, translators or document format conversion programs.

 

It is also necessary to establish the procedure for using work tools provided by the employer: an obligation to work only with equipment provided by the employer, from a designated location, and a ban on connecting to public Wi-Fi networks.

 

It is also important to provide for a ban on transferring employer activity data to personal accounts (for example, personal e-mail) and a ban on working using equipment other than that provided by the employer.

 

These bans are particularly significant because disputes often occur in legal practice when an employee transfers confidential information to a personal e-mail during work and later moves to work for a competitor. In such a case, the employer proves the leakage of information, and the employee claims that such a practice was allowed and necessary in the company when working remotely.

 

If the contract clearly establishes a ban on storing such data in personal accounts or using personal equipment, it would be much easier for the employer to prove the leakage of confidential information in the event of a dispute.

What to do today to have peace of mind tomorrow

 

What can any company, even the smallest, do today to ensure that its business information is secure tomorrow?

 

First, prepare a detailed list of trade secrets and familiarize employees with it in writing. It should indicate all confidential and commercially valuable information. It is also possible to provide for an obligation to protect trade secrets even after the termination of the employment relationship (for example, 1-2 years).

 

Secondly, provide for a sanction for the disclosure of trade secrets. It must be realistic and correspond to the nature of the possible violation. For example, if a company generates an annual turnover of 500 thousand euros and provides a fine of 100 thousand euros for the disclosure of any confidential information, it is likely that such a sanction would be considered disproportionate and would not be enforceable.

 

Third, ensure practical protection of confidential information - set passwords in data storage systems, and provide access to confidential information only to those employees who need it and who are committed to protecting it.

 

Confidential information in the company will always be protected by timely training and clear information provided to employees working with trade secrets, which provides employees with knowledge of what to do and what not to do when working with data held by the employer.”