The “George Costanza Defense” to Trade-Secrets Theft

Costanza

Seinfeld fans will remember the episode where George Costanza’s boss caught him sleeping with a cleaning lady on his desk, leading to this memorable exchange:

Mr. Lippman: It’s come to my attention that you and the cleaning woman have engaged in sexual intercourse on the desk in your office. Is that correct?

George Costanza: Who said that?

Mr. Lippman: She did.

George Costanza: [pause] Was that wrong? Should I not have done that? I tell you, I gotta plead ignorance on this thing, because if anyone had said anything to me at all when I first started here that that sort of thing is frowned upon… you know, cause I’ve worked in a lot of offices, and I tell you, people do that all the time.

Mr. Lippman: You’re fired!

Funny stuff. Now, a former Ford employee is using a similar excuse to explain alleged trade-secrets theft.

According to this Detroit News article, the FBI is investigating a former Ford engineer who admitted planting listening devices in Ford’s meeting rooms. These devices recorded meetings, including ones not involving the engineer.

The engineer’s lawyer is quoted in the article. He essentially gives the Costanza defense, saying that his client used the devices to help her take notes. He’s pleading ignorance on his client’s behalf. She apparently did not know that it was improper to plant hidden recording devices in meeting rooms and leave them there to record meetings she did not attend.

We have no idea whether she is telling the truth. But just like George’s boss, the FBI seems skeptical.

There’s a lesson here. You need to let new employees know their obligations when it comes to protecting your confidential information. A written trade-secrets policy, as either a supplement to or part of an employee handbook, is a great start. The policy should prohibit recording meetings or other conversations without management’s approval.

Can Mark Cuban’s Cyber Dust Help Protect Proprietary Information?

Cyber Dust is an app that lets users send text messages without leaving a digital fingerprint. All texts “self destruct” within 30 seconds, after which they are not stored anywhere — including on Cyber Dust’s servers. Also, Cyber Dust notifies you if someone takes a screenshot of one of your Cyber Dust texts.

Mark Cuban is behind Cyber Dust. In a recent Forbes article, he explained that the idea came from his own experience of having the SEC use his text messages in its insider-trading action against him: “That the phone companies and your text recipients own your texts and even the most innocent text can take on a whole new context. I wanted to have a means of communication that is analogous to face to face – where you can speak openly and honestly. That is why we created Cyber Dust.”

Similar technology is being developed for emails. For example, The Atlantic recently wrote about Pluto Mail, which includes features that allow the sender to set an email to expire after a set time. After that, the recipient can no longer view the email.

As Cuban notes, emails and texts create a digital record that can last forever. When your employees (or others, like consultants or vendors) send emails and text messages that contain your proprietary information, there is a risk of disclosure. As more companies use bring-your-own-device policies, those companies lose even more control of information sent via text and email.

I’ve been thinking of how to use this technology to minimize unwanted disclosure. For example, a company could require that all work-related text messages be sent via Cyber Dust. Emails are a bit more complicated, since there is often a need to preserve emails for later use. But a company could require that all emails containing proprietary information, or attaching certain proprietary documents, be sent with a scheduled expiration date.

In the end,  these policies would only be effective if there’s a way to monitor compliance. Otherwise, it’s not worth the effort. Also, these policies likely would not deter someone who is sending the information with malicious intent, such as an employee who knows he will be leaving to work for a competitor. UPDATE: In fact, such a person could use this technology to cover his tracks.

But it’s worth exploring how to use new technology like Cyber Dust to help bolster efforts to protect proprietary information.

Steakhouse Trade Secrets at Peter Luger

Most businesses have some kind of trade secrets, but many don’t realize it. Even when running a seemingly simple business, companies need to be aware of how they are protecting their proprietary information. Recently, food blog Eater.com wrote about how New York’s venerable Peter Luger Steakhouse prepares its porterhouse. This article shows that trade secrets can show up in unexpected places, like a famous steakhouse’s basement.

The article starts with a quote:

“There are very few secrets in a steakhouse,” says third generation Peter Luger Steakhouse proprietor Jody Storch. “It’s really just about buying the best product that’s out there and simply preparing it.”

But later on, Storch reveals that Peter Luger’s porterhouse is at least a little proprietary:

If there is a “secret” to the Luger porterhouse, it’s in the dry-aging. In the basement of Peter Luger is a long dry-aging room, but Storch cannot reveal details like how cold the temperature is in there, or what the humidity level is, or how long the aging process takes.

Peter Luger’s dry-aging process could be a trade secret. But only if it reasonably protects the information. Based on this article, it certainly seems that Peter Luger is focused on preventing disclosure of its proprietary process. Hopefully, it only shares this information with those who need it to do their jobs, all of whom signed confidentiality agreements.

All businesses, even simple ones, should ask (1) what proprietary information do we have, and (2) how are we protecting it? The answers can be critical to preventing unwanted disclosure and mitigating the damage of any such disclosure.

And if you make it to Peter Luger, order a slice or two of the bacon.

Trade Secrets and Public Records

Companies performing municipal or government work face unique challenges when they need to share their confidential or proprietary information with public agencies. These companies must be wary of state public records laws and the Freedom of Information Act. A recent case, All Aboard Florida — Operations, LLC v. State of Florida, et al., filed in Leon County, Florida, illustrates this.

All Aboard Florida is attempting to develop passenger rail service between Miami and Orlando. It is doing so in partnership with various governmental entities. Recently, Orlando developer Matthew Falconer served various Florida agencies with requests under Florida’s Public Records Act for various documents relating to All Aboard Florida’s efforts.

According to the complaint, these agencies told All Aboard Florida that they intended to provide Falconer with All Aboard Florida’s Florida Ridership and Revenue Study. In response, All Aboard Florida filed this complaint for declaratory and injunctive relief, seeking protection under Florida’s Trade Secrets Act. According to All Aboard Florida, this study is a trade secret:

The Ridership Study analyzes expected market share for AAF’s service, including the effects of various pricing and travel time scenarios on AAF ridership. As such, the Ridership Study is an extremely sensitive and commercially valuable document, the disclosure of which to the public could place AAF at an unfair competitive disadvantage vis-à-vis airlines and other transportation alternatives.

Under Florida’s Public Records Act, trade secrets are exempt from disclosure.

When All Aboard Florida provided this study to the government, it marked each page as proprietary and confidential. For companies facing this situation who have no choice but to provide proprietary information to a government agency, I would recommend going one step further: Label each page of any proprietary document as “Trade Secret Information Protected From Disclosure By Section 815.045, Florida Statutes” (or the relevant statute in the state at issue).

The goal is to make it as simple as possible for the government employees responding to a public-records request to recognize that the document at issue should not be disclosed.

 

Slightly Off Topic: Major Opinion Changes the Standard for Unfair Trade Practices Claims in Florida

I’m going to take a brief detour from trade-secrets issues today, and instead wander in to the world of the Florida Deceptive and Unfair Trade Practices Act (FDUTPA). This statute, like many state consumer-protection laws, prohibits unfair trade practices, among other things.

Prior to this week, Florida courts have defined an unfair trade practice as one that is immoral, unethical, oppressive, unscrupulous, or substantially injurious to consumers. (The definition of consumer includes just about all individuals and business entities.) This broad standard allowed FDUTPA to serve as the Swiss Army Knife of claims, since it could apply to diverse types of bad acts. For example, I obtained a judgment for violating FDUTPA where my client’s former independent contractor started a competing business using my client’s proprietary information. (So there’s at least some connection between FDUTPA and trade secrets, since FDUTPA claims could be brought in a misappropriation action.)

But this week, in Porsche Cars North America, Inc. v. Peter Diamond, Florida’s Third District Court of Appeal changed the standard. Now, an unfair trade practice is one that causes injury to a consumer that (1) must be substantial, (2) must not be outweighed by any countervailing benefits to consumers or competition that the practice produces, and (3) must be an injury that the consumers could not reasonably have avoided.

This revised definition, and the third prong in particular, will make it more difficult to bring unfair-trade-practice claims.

As a result of this decision, there is now a district split on this issue. It will be interesting to see if this case gets appealed, and if so, whether the Florida Supreme Court settles the issue.

Do Noncompetes Stifle or Encourage Innovation? Should you care?

The New York Times published an article yesterday discussing the increased use of noncompete agreements in nontraditional industries. The article starts by talking about a 19-year-old college student who had a job offer to work as a summer-camp counselor withdrawn as a result of a noncompete agreement she signed at another camp:

Colette Buser couldn’t understand why a summer camp withdrew its offer for her to work there this year.

After all, the 19-year-old college student had worked as a counselor the three previous summers at a nearby Linx-branded camp in Wellesley, Mass. But the company balked at hiring her because it feared that Linx would sue to enforce a noncompete clause tucked into Ms. Buser’s 2013 summer employment contract.

The article also talks about a lawn-maintenance person, an entry-level social-media marketer,  and a hairdresser, all of whom had to sign restrictive covenants.

As more and more employers require restrictive covenants, there has been increased push-back. Against the backdrop of Massachusetts’ proposed ban on noncompetes, the article goes on to discuss arguments for and against employee restrictive covenants. Some argue that noncompetes stifle innovation:

“Noncompetes are a dampener on innovation and economic development,” said Paul Maeder, co-founder and general partner of Highland Capital Partners, a venture capital firm with offices in both Boston and Silicon Valley. “They result in a lot of stillbirths of entrepreneurship — someone who wants to start a company, but can’t because of a noncompete.”

Employers argue that the opposite is true:

“Noncompetes reduce the potential for poaching,” said Mr. Hazen, whose company makes scratch lottery tickets and special packaging. “We consider them an important way to protect our business. As an entrepreneur who invests a lot of money in equipment, in intellectual property and in people, I’m worried about losing these people we’ve invested in.”

There has always been a dispute about restrictive covenants’ effect on macro-level economic health. From my perspective, I am more concerned about using restrictive covenants to my clients’ benefit, as opposed to resolving this dispute; the policy implications of restrictive-covenant law are irrelevant to companies trying to protect their proprietary information. But the article leaves out a real-world benefit: increased certainty for employers and employees.

When permitted to use restrictive covenants, employers and employees have a better understanding of what will happen when the employer/employee relationship terminates. Employers can more comfortably share proprietary information with their employees, knowing that the restrictive covenants protect the employers’ interests. And employees know the precise limitations on their future employment, which can better inform their employment-related decisions.

Regardless, as I’ve discussed over and over, companies seeking to protect their proprietary information need to consider whether to require restrictive covenants. As long as the applicable jurisdiction permits them, restrictive covenants are often a company’s most powerful weapon to prevent unwanted disclosure.

Is Facebook Buying a Massive Trade-Secrets-Theft Liability?

Big trade-secret news last week. Oculus VR, Inc., the virtual-reality company Facebook is acquiring for $2 billion. was sued by Zenimax Media Inc. for trade-secrets misappropriation. Zenimax owns popular video-game titles such as Doom and Wolfenstein. A copy of the complaint is linked below.

Facebook’s acquisition of Oculus received widespread media coverage. This lawsuit, which will likely seek billions in damages, should draw extensive media interest.

According to the complaint, when Oculus’s founder (Palmer Luckey, named as a defendant) was developing Oculus’s VR headset called “Rift,” Zenimax provided Luckey with Zenimax’s proprietary information. This information allowed Oculus to transform Rift from a primitive, non-functional prototype into a viable platform justifying Facebook’s billions. After that, the Zenimax employees involved left to work for Oculus.

There are always two sides to every story, and so far we’ve only heard from Zenimax. But the complaint paints a pretty egregious picture of trade-secret theft. One example: After leaving Zenimax, where he had signed an agreement providing that any intellectual property he created for Zenimax belonged to Zenimax, to join Oculus, John Carmack tweeted: “When you are in a hurry, and you know you wrote the exact needed code (well!) at a previous job, reimplementation grates.”

While Zenimax appears to have a strong case, I see some potential issues. Most importantly, Zenimax did not have Oculus sign a nondisclosure agreement until after Zenimax had provided Oculus with at least some of its proprietary information. Oculus will likely argue that Zenimax did not reasonably protect this information, since it shared it with a third-party without requiring a confidentiality agreement.

This leads to the biggest takeaway thus far for companies looking to protect their proprietary information: Never share this agreement with anyone, for any purpose, unless that person/entity executes a nondisclosure agreement.

It’s also interesting that a company as sophisticated as Zenimax would allow its employees to provide significant proprietary information to a third party without first working out, and documenting, how it would be compensated. Later on, the two companies tried to negotiate a compensation agreement, to no avail.

Finally, any company that doubts the risks employees present to its proprietary information should look at the responses to the Carmack tweet I discussed above, which has 95 “favorites.” Sample response: “that’s what USB sticks are for…”

I will monitor this case and write about its developments.

Zenimax Complaint

 

In Defense of the Defend Trade Secrets Act

In my last post, I discussed the recently proposed, bipartisan Defend Trade Secrets Act that would create a federal cause of action for trade-secret misappropriation. I wrote favorably about the statute’s mechanism allowing a judge to enter an ex parte order to preserve evidence. Since then, I’ve discussed this provision with several people who have concerns about it. This post responds to these criticisms.

To start, I want to explain why this provision is so important. Trade-secret theft is overwhelmingly accomplished by electronic means, such as through email, downloading to portable media, or via remote access to IT systems. Companies suspecting trade-secret theft can often determine where and how the information was stolen. For example, forensic techniques can identify that certain documents were saved to a flash drive on a specific date.

The Defend Trade Secrets Act permits the company, armed with this information, to seek an order requiring seizure or preservation of the media/computer/etc to which the information was downloaded. As a result, critical evidence that could otherwise easily be destroyed would be preserved. Without a statutory provision specifically authorizing this remedy, most litigants find it very difficult to convince a judge to enter this type of order.

I’ve heard concerns about the risk that judges will improvidently grant ex parte seizure orders brought in bad faith by unscrupulous litigants, potentially causing significant unjustified damage to defendants. This risk, while real, is present any time a judge hears an ex parte motion for temporary restraining order. The overwhelming majority of judges are reluctant to enter an ex parte injunction unless absolutely necessary. And this statute contains requirements that make it materially more difficult to get a seizure order as compared to a TRO.

In particular, the Defend Trade Secrets Act borrows from the Trademark Act’s procedure for seizing goods containing counterfeit trademarks. These requirements go beyond the typical TRO prerequisites. For example, the movant must show evidence that the item to be seized will be in a certain location. The court must also take measures to protect the defendant from publicity regarding the seizure. Further, the order directing seizure remains sealed until the defendant has an opportunity to contest it at a hearing that must occur within 15 days of entering the ex parte order. And as a final example, the statute provides for damages, including punitive damages, if the defendant is damaged by the wrongful entry of a seizure order.

These protections go a long way to minimize the likelihood that orders are improperly entered. In the end, the benefit of avoiding destruction of evidence—which happens all too frequently—outweighs the risk of unwarranted orders, particularly given the statute’s protections.

Thoughts About the Defend Trade Secrets Act

Last week, Senators Hatch and Coons introduced bipartisan legislation, called the Defend Trade Secrets Act, that would create a federal private right of action for trade-secrets theft. This act adds to the Economic Espionage Act, which was passed in 1996 and made trade-secret theft a crime. Copies of the Defend Trade Secrets Act and the Economic Espionage Act are linked below.

While I’m still thinking through some of these issues, my first reaction to this law is a strongly positive one. Companies would benefit from having a national standard for trade-secret misappropriation. Today, while most states have adopted the Uniform Trade Secret Act (UTSA), there are state-by-state variations in the statutory text and interpretation. Also, this law would allow companies to litigate in federal court, where cases often proceed more quickly than in state court.

The act also acknowledges the e-discovery issues that frequently arise in trade-secret litigation by allowing for the ex parte entry of an order to preserve evidence, specifically allowing an order compelling “a copy of an electronic storage medium that contains the trade secret.” Today, it can be difficult to obtain such an order, with plaintiffs forced to resort to conventional injunction proceedings in front of state-court judges, who may not be as familiar with e-discovery issues.

The Defend Trade Secrets Act has a five-year statute of limitations, as opposed to the three years in the UTSA. Given that misappropriation is commonly done through surreptitious means, five years is more reasonable.

This proposed law is not perfect—for example, I would like to see a broader definition of “improper means” instead of just adopting the UTSA’s definition—but overall, this law would be a step forward for companies trying to protect their trade secrets. Hopefully, this bipartisan effort will have more success than other recent attempts to create a federal civil action for trade-secrets misappropriation.

Economic Espionage Act

Defend Trade Secrets Act

What Can the Donald Sterling Episode Teach Us About Protecting Trade Secrets?

Even if you hate sports, you have surely heard about the NBA banning LA Clippers owner Donald Sterling for life for his racist comments. The comments came to light after a recording of a telephone conversation between Sterling and his “girlfriend” was made public. We can all agree that Sterling’s comments were reprehensible. But for our purposes, what does this episode teach us about protecting trade secrets?

We’ve reached a point where virtually every person is walking around with technology in their pocket that allows them to record, photograph, videotape, or otherwise document everything around them at any given moment. The widespread use of iPhones and other smartphones has profound implications on many aspects of society. For Sterling, this led to the disclosure of what he thought was a private conversation. For companies trying to protect their proprietary information, they need to be even more vigilant about keeping this information secret.

As I’ve discussed before, only share proprietary information with those who need it to do their jobs. Don’t allow visitors access to areas where proprietary information is stored. Use IT solutions to restrict and password-protect critical proprietary information. And make sure (through training and contractual obligations) that employees know not to discuss this information with any third parties. After all, you never know when the other person may be recording the conversation.