New White Paper on Maritime Cybersecurity

A contributor to the Trade Secret Insider, Andy Lee has co-authored a white paper concerning the findings of a recently conducted Maritime Cybersecurity Survey.

The survey polled 126 senior executives, chief information and technology officers, and key managers across the U.S. maritime industry, with four key findings on the state of cybersecurity across various industry sectors.

The U.S. maritime industry is being targeted. Nearly 80% of large U.S. maritime industry companies (more than 400 employees), and 38% of all industry respondents reported that cyber attackers targeted their companies within the past year. 10% of survey respondents reported that the data breach was successful, while 28% reported a thwarted attempt.

There is a false sense of preparedness in the U.S. maritime industry. 69% of respondents expressed confidence in the maritime industry’s overall cybersecurity readiness, yet 64% indicated that their own companies are unprepared to handle the far-reaching business, financial, regulatory, and public relations consequences of a data breach.

Small and mid-size companies are far less prepared than larger companies to respond to a cybersecurity breach. 100% of respondents from large organizations indicated they are prepared to prevent a data breach, while only 6% of small company (1 to 49 employees) respondents and 19% of mid-size company (50 to 400 employees) respondents indicated preparedness.

Small and mid-size companies lack even the most fundamental protections, exposing them to huge potential losses. 92% of small company and 69% of mid-size company respondents confirmed they have no cyber insurance. In contrast, 97% of large company respondents have cyber insurance coverage.

The white paper also outlines best practices for well-prepared companies and offers guidance on how maritime companies can evaluate and improve cyber readiness.

Louisiana Appellate Court Addresses Customer Lists and Irreparable Harm In Trade Secret Case

A recent Louisiana court of appeal decision provides guidance on two issues that frequently arise in trade secret cases. Southern Marsh Collection, LLC v. State Traditions, LLC, 2017 WL 4985217 (La. App. 1st Cir. 2017) addresses the recurring question of when customer lists qualify as trade secrets and—somewhat surprisingly—holds the Louisiana Uniform Trade Secrets Act does not require a showing of irreparable harm for injunctive relief.

Factual Background. In Southern Marsh Collection, a Louisiana company sold casual clothing to retail outlets. The Louisiana company maintained electronically-stored contact information, including email addresses for individual decision makers, for over 500 different customers in 15 states. In violation of a confidentiality agreement, an employee of the Louisiana company supplied this information via email to a competing Alabama company. The Louisiana company sued for and obtained a preliminary injunction that prohibited the Alabama company from using the customer list or contacting any of the customers on the list with whom the Alabama company did not have a preexisting relationship.

On Appeal.  The Alabama company in Southern Marsh Collection argued that the customer list did not qualify as a trade secret because most of the information was publicly available. In fact, a competitor could obtain most of the information by using the “store locator” feature on the Louisiana company’s own website. In many cases, courts have refused to treat customer lists as trade secrets when the information can be obtained through proper channels.

The appellate court acknowledged all this, but nevertheless affirmed the injunction. The court held that the Louisiana company had proved that the customer list qualified as a trade secret even though much of the information was readily ascertainable. The real value in the list lay in the email addresses. Many buyers or store owners have multiple email addresses, with one being a “public facing” address, while the other is a “private” address where people expect to get “real” information that is not unsolicited mail (i.e. “spam” email). The Louisiana company had accumulated valuable private addresses for its customer contacts that the Alabama company could not readily obtain through proper means.

The Alabama company also argued that the trial court had improperly granted the injunction because the Louisiana company failed to prove that use of the list would cause it irreparable harm; the harm to the Louisiana company, supposedly, could be measured in the form of lost profits. Louisiana’s Code of Civil Procedure, in its article 3601, says that an injunction “shall be issued in cases where irreparable injury, loss, or damage may otherwise result to the applicant.” “Irreparable” harm is that which may not be remedied with a damage award.

Some Louisiana cases before Southern Marsh Collection have suggested that a plaintiff in a trade secret case must prove irreparable harm to obtain an injunction. However, article 3601 also says that a court may issue an injunction “in other cases specifically provided by law.” The court of appeal in Southern Marsh Collection pointed out that the Louisiana Uniform Trade Secrets Act specifically provides for injunctions against “actual or threatened misappropriations,” without saying anything about irreparable harm. In fact, the Trade Secrets Act says that plaintiff may recover damage awards “in addition to or in lieu of injunctive relief.” Thus, according to the court in Southern Marsh Collections, “the possible existence of a damage claim does not preclude the granting of injunctive relief as to a trade secret.”

Take Away. The appellate court’s decision in Southern Marsh Collection diverges from other Louisiana jurisprudence and could provide a useful weapon in the arsenal of businesses who need to protect protect trade secrets. Customer lists represent one of the most frequently litigated types of business information, and this case offers new avenues to demonstrate the independent economic value of these lists—without the need to demonstrate irreparable harm.




Louisiana Court Treats Inevitable Disclosure Provision as Non-Compete Clause Subject to Geographic Restrictions

May an employer enforce a contract provision that forbids an employee to leave and take another job that would require him to use or reveal the employer’s confidential information? In Louisiana, maybe not, unless the agreement complies with Louisiana’s non-compete statute, La. Rev. Stat. § 23:921.

In O’Sullivan v. Sunil Gupta, M.D., LLC, 2017 WL 3438349 (E.D. La. 2017), a federal district judge in Louisiana invalidated such a clause because the contract did not list geographic restrictions required by La. Rev. Stat. § 23:921. That statute nullifies “[e]very contract or agreement, or provision thereof, by which anyone is restrained from exercising a lawful profession, trade, or business of any kind,” unless the agreement meets certain criteria. Among other things, the agreement must be limited in duration to no more than two years after employment ends, and it may apply only to specified parishes (counties) and municipalities in which the employer “carries on a like business.” The confidentiality agreement in O’Sullivan did not restrict the application of the clause to any particular parishes or cities. Continue Reading

Google vs. Uber: Tech Giants Square Off Over Driverless IP

uber-serp-logo-f6e7549c89Waymo LLC — formerly Google’s self-driving car program and currently a stand-alone company owned by Google’s parent company — is now in fierce competition with Uber to develop and capitalize on driverless technology. This battle intensified on February 23, 2017, when Waymo filed a lawsuit against Uber Technologies, Inc., Ottomotto LLC, and Otto Trucking LLC.

Trade Secret Claims. Waymo’s lawsuit focuses on the actions of one former employee, Anthony Levandowski, who was a manager at Waymo and now leads a parallel self-driving car program for Uber. Mr. Levandowski resigned from Waymo in January 2016, but Waymo alleges that in December 2015 he downloaded more than 14,000 highly confidential business files, which included information on Waymo’s new and unique radar system. To add to the suspicious downloading activity, Waymo alleges that Mr. Levandowski met with Uber executives shortly after acquiring the files.

Waymo’s lawsuit further alleges that Mr. Levandowski went to great lengths to conceal the downloading. According to Waymo, he attached an external hard drive to his laptop and installed a new operating system “to erase any forensic fingerprints that would show” that he copied Waymo’s confidential information. Waymo also alleges that Mr. Lewandowski set up a competing company prior to his departure that later became Otto, and that he told coworkers of his plan. When Mr. Lewandowski resigned, Waymo alleges, other employees joined his new venture and took with them confidential supplier lists, manufacturing details, and highly technical information.

Within months after Mr. Levandowski started his competing business, Uber purchased it for $680 million. Waymo asserts that Uber’s self-driving car program had stalled before its acquisition of Otto, and that shortly after the acquisition, Uber represented to regulatory authorities that it was using an in-house custom built radar system. A Waymo employee was inadvertently copied on an email to Uber employees from a vendor of one of its radar system components. The email included an attachment of an Otto radar system that was similar to Waymo’s design. Waymo’s lawsuit followed.

Uber has not had an opportunity to respond to the allegations, but Waymo’s complaint paints a compelling story that we will continue to monitor and report on.

Take Away. It is no surprise that Uber wants to be on the cutting edge of self-driving car technology: a future with self-driving cars poses a significant challenge to Uber’s current business model. But this case stands as a cautionary tale that competitors — both big and small — can rely on state and federal laws to protect confidential and proprietary information from being exploited by their competitors.

Employers who rely on confidential information to compete should take steps, like Waymo alleges it took, to protect proprietary information. Laws that prohibit trade secrets theft are often unavailable when employers fail to take reasonable measures to protect their secrecy. Some fairly easy steps can be taken, such as restricting access to confidential information accessible to only high-level employees on a “need to know” basis and requiring and enforcing confidentiality and non-compete agreements. On the other hand, employers planning to hire an employee of a competitor (or acquire a business owned by a competitor’s former employee) should be highly vigilant about enforceable non-compete agreements and potential trade secret theft.

Trade Secret Dispute Brewing In Minnesota

beer clashThe popularity of craft beers has skyrocketed.  A report cited in Fortune claims that microbreweries’ market share increased from 5.7 percent in 2011 to 12 percent in 2015. This growth has led to competition as microbreweries capitalize on the growing appetite for their product. Unsurprisingly, competition has led to allegations of unlawful conduct.

Summit Brewing Company, one of the oldest microbreweries in the United States, recently filed a lawsuit alleging that its former VP of Sales coordinated with a Sales Market Manager to disclose trade secrets to a direct competitor. Summit alleges that the VP entered into an independent consulting agreement with a direct competitor within months of ending his employment. Summit further alleges that the Market Manager then emailed the former VP trade secrets that were passed on to high-level executives of the direct competitor. The allegedly stolen trade secrets included: (1) propriety sales and marketing plans, tools, strategies, and programs; (2) pricing and distribution plans, tools, strategies, and programs; (3) production goals; (4) growth strategies; (5) distributor relationship information; and (6) management systems and techniques.

At first glance, one might expect the recipe of Summit’s beers to be the subject of this brouhaha. But Summit’s claims reveal how state laws can protect proprietary information that falls outside a rigid concept of trade secrets. Strategic goals and distribution and marketing plans can qualify as protected trade secrets if they are valuable and not publicly known. When employees leave to work for a competitor, employers should take prompt action to investigate whether any trade secrets have possibly left the company as well.

Update Your Confidentiality Agreements and Policies *Now*

Tidea netheft of trade secrets by rogue employees is frighteningly common. When employees leave or lose their jobs, about half “steal corporate data and don’t believe it’s wrong” and forty percent “plan to use the data in their new jobs,” according to a 2012 global survey published by Symantec, a security firm. The survey was based on responses from thousands of employees in the United States, United Kingdom, France, Brazil, China, and Korea.

To help businesses crack down on trade secret theft, on Wednesday President Obama signed the Defend Trade Secrets Act of 2016. When someone willfully and maliciously steals another’s trade secrets, the Act gives the trade secret owner a powerful weapon: a right to seek exemplary damages and attorney’s fees. Exemplary damages may be up to twice the amount of the damages that may be awarded under the Act.

But if the trade secret owner is an employer and the thief is an employee, contractor, or consultant, there is a special requirement to preserve the employer’s right to exemplary damages and attorney’s fees. The employer must have given them notice of a subsection of the Act relating to immunity. Continue Reading

Obama Signs Federal Trade Secret Act

Today, President Obama signed the Defend Trade Secrets Act (DTSA) into law. The DTSA amends the existing Economic Espionage Act that was previously limited to criminal cases on behalf of the Department of Justice. The DTSA now allows companies to pursue trade secret claims in federal court under federal law. A copy of DTSA can be found here.

House Passes Federal Trade Secrets Bill

downloadWe recently reported that the U.S. Senate passed the Defend Trade Secret Act (“DTSA”), which would create a federal private cause of action for trade secret theft.

This week was the U.S. House of Representatives turn. The House overwhelmingly voted to approve the DTSA by a margin of 410-2. The bill is now headed to President Obama, whose administration has indicated strong approval.

And the Obama administration is not alone in voicing support. The Under Secretary of Commerce for Intellectual Property was vocal in praising the bill, as were corporations like Microsoft and General Electric and lobbying groups like the U.S. Chamber of Commerce, who issued a statement “urg[ing] President Obama to sign this legislation into law as soon as possible.”

We will continue to update you with any new developments and will also begin a new series of posts analyzing important aspects of the new legislation.

Federal Trade Secrets Bill Passes Senate

200px-US_senate_sealOn Monday, the Senate unanimously passed the Defend Trade Secrets Act (“DTSA”) — a bill that would allow companies to pursue trade secret theft through civil litigation in federal court. This long-awaited measure is a major step towards elevating trade secrets to the level of federal protection enjoyed by the other intellectual property, such as patents, copyrights, and trademarks. Currently, if companies want to sue for trade secret theft, they are generally relegated to state courts where there is a patchwork of inconsistent laws modeled after the Uniform Trade Secrets Act (“UTSA”). The DTSA would create a uniform standard for trade secret misappropriation and provide companies with pathways to injunctive relief and monetary damages to preserve evidence, prevent disclosure, and account for economic harm suffered from misappropriation.

The Legislation.  The DTSA would authorize a private civil action in federal court for the misappropriation of a trade secret that is related to a product or service used in, or intended for use in, interstate or foreign commerce. The proposed legislation defines “misappropriation” consistently with the UTSA, and provides for similar remedies, including injunctive relief, compensatory damages, exemplary damages and attorneys’ fees for willful or malicious cases of misappropriation. But the DTSA also differs from the UTSA in several important aspects that could greatly assist companies.  Most importantly, the DTSA provides a direct avenue for companies to use the federal court system to protect trade secrets. The DTSA also provides preemptive measures that companies may utilize to preserve evidence, and to thwart dissemination or theft before it occurs. For instance, companies who suspect that the confidentiality of their trade secrets may be compromised could apply for an ex parte order that allows the government to seize its trade secrets before giving any notice of the lawsuit to the defendant. This seizure protection goes well beyond what courts are typically willing to order under existing state and federal law. The DTSA’s statute of limitations period is also five years, as compared to just three under the UTSA. Additionally, the DTSA allows for treble exemplary damages and, unlike the UTSA, contains no language preempting other causes of action that arise under the same common nucleus of facts.

The Implications. Of the four types of intellectual-property rights — copyrights, trademarks, trade secrets, and patents — trade secrets are unique. Trade secrets are not registered with any federal agency, and companies currently have no direct avenue to protect them under federal law through civil litigation. The DTSA addresses these unique qualities by opening the doors of federal courts to companies looking to protect what they consider to be valuable trade secrets. If the House and Senate come together on final legislation, it would be the federal government’s most aggressive response to trade secret theft. We will keep you updated as the DTSA moves to through Congress and the White House.