The ECPA of 1986 protects a variety of electronic communications and records. Title I protects electronic, wire and oral communications in transit. Title II, the Stored Communications Act (18 U.S.C. §§ 2701-12) (“SCA”) protects stored electronic communications. Title III prohibits the use of trap and trace devices and pen registers, which essentially compile a record of dialed telephone numbers and routing.

Titles I and II both restrict the ability of law enforcement and governmental agencies to acquire communications protected by the ECPA. Title I requires a court authorized search warrant upon a showing of probable cause that the communications sought contain evidence that a crime was committed. Title II of the SCA only requires a similar judicial warrant for stored communications 180 days or less. In the case of stored communications older than 180 days, law enforcement or a governmental agency only need issue an administrative subpoena. That administrative subpoena is essentially a letter from the agency to the holder of the stored communications, such as an Internet Services Provider (“ISP”), that the communications are relevant to an investigation and forces the holder to divulge the stored communications.

This is significant because the standard required for law enforcement or regulatory agency to obtain e-mails or data files older than 180 days differs not only in the age of the communication, but also where the communication is stored. For example, if the communication is stored on a computer hard drive in one’s home or business, law enforcement is required to obtain a search warrant to obtain the data regardless of age. In the case of communications stored with a third party, the standard of proof (i.e., court approved warrant v. agency subpoena) depends upon the amount of time the communication has been stored, with the dividing line being 180 days.

Changes In The Use Of Data Storage

Congress originally passed the SCA and the ECPA in 1986 with a few amendments since then. In the intervening 26 years, data usage drastically changed. Previously, storage, both online and offline was at a premium. In the past, e-mail was predominately downloaded from ISPs to e-mail clients and stored locally on a user’s computer. Alternately, users deleted older e-mails stored on third party servers. Users predominately stored all data and communications locally on their hard drives. Businesses typically stored their communications on their own servers.

The landscape of communication and data storage today has turned to third party “cloud” services. For individuals, Web based e-mail providers such as Gmail, Yahoo and e-mail provided by ISPs with generous storage encourages individuals to keep e-mail and even voice mails in the case of Google Voice on third party servers indefinitely instead of deleting communications or downloading them to local client hard drives. Even businesses have migrated to “cloud services” including hosted e-mail servers and cloud-based backup.

Increases In The Use Of Administrative Subpoenas

At least anecdotally, the amount of agency subpoena requests has dramatically increased. For example, in Google’s Transparency Report (http://www.google.com/transparencyreport/removals/government/), notes in the first half of 2012 it had 1,791 subpoena requests. In the first half of 2011 Google reported 949 such requests.

Recent Efforts To Require Court Issued Warrants For Stored Communications

The good news is that there is movement in the U.S. Senate to amend the ECPA to protect communications older than 180 days older. Legislation introduced by Senator Patrick Leahy recently passed a Senate panel against objections by law enforcement that it would hinder investigations. If passed, the proposed law would require law enforcement and regulatory agencies to obtain a court issued search warrant for all stored communications, regardless of the age. Of course, it is early in the legislative process. Stay tuned.

The Computer Fraud and Abuse Act (“CFAA”): It’s Not Just For Hackers. 

In 1984 Congress enacted the Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. § 1030, to protect against hacking into U.S. government and financial institution computers.  With the expansion of computer use, the explosion of the Internet and the adaption of crime to these expanding technologies, Congress broadened the CFFA to include almost any computer.  Moreover, a 1994 amendment added a civil cause of action to the criminal statute.

The CFAA prohibits seven acts briefly summarized as:

1. trespassing a computer to commit espionage;
2. trespassing a computer and obtaining specified financial, credit, governmental or commercial information;
3. trespassing a government computer;
4. trespassing a computer to commit fraud;
5. damaging a computer;
6. trafficking in computer passwords; and
7. threatening to damage a computer.

The CFAA contains several definitions that apply the statute broadly.  For example, the CFAA applies to “protected computers.”  This includes computers owned by the U.S. government, financial institutions and those “used in or affecting interstate or foreign commerce or communication.”  Thus, the CFAA applies to virtually all computers.

As abbreviated above, trespassing includes accessing a computer “without authorization” or “exceeding authorized access.”  A Computer Fraud and Abuse Act violator could have authorized computer access such as a log-in ID and password, but later access data that was not within that user’s authorized scope.  By way of example, a bank employee may have authorization to access and modify data in the ordinary course of business, but if the bank employee violates computer use policies by viewing an acquaintance’s account records with no business need to do so, the CFAA is violated by exceeding authorized access.

Federal courts have creatively interpreted the terms “without authorization” and “exceeding authorized access.”  In Shureguard Storage Centers, Inc. v. Safeguard Self Storage, Inc., 119 F. Supp. 2d 1121 (W.D. Wash. 2000), a federal court in Seattle held that a former employee lost “authorized access” when he became an agent of a competitor by e-mailing the competitor trade secrets and proprietary information belonging to the former employer while still employed there.  The court did not rely on a non-disclosure agreement, but rather on an agency common law principle where the employee’s authority terminates when the employee “acquires adverse interests or if he is otherwise guilty of a serious breach of loyalty” to the employer.  While some courts have disagreed with this ruling, see, e.g., Shamrock Foods Co. v. Gast, 535 F. Supp. 2d 962 (D. Ariz. 2008) others have followed this line of reasoning.

In another case involving a former employee who used confidential information obtained from the former employer to benefit a new competitor, the court focused on the use of “Confidential or Proprietary Information” and the existence of a confidentiality agreement.  EF Cultural Travel BV. v. Explorica, Inc., 274 F.3d 577 (1st Cir. 2001).  There, plaintiff was in the business of providing global tours for high school students.  Former executive had confidential information of tour codes and data structure of proprietary information of former employer and was bound by a confidentiality agreement (“NDA”).  The former executive assisted competitor’s Internet consultant in designing a “scraper” program to extract pricing information from former employer’s Web site.  The competitor then used this data to undercut former employer’s prices.  The First Circuit Court of Appeals did not reach the question of whether the competitor was authorized to navigate plaintiff’s Web site to obtain competitive data.  Rather, the court held that defendant former executive exceeded that authorization “by providing proprietary information and know-how” to the Internet consultant to create the scraper program for the competitor.

The CFAA has also been invoked by Web site operators where the user had violated the Web site’s Terms of Service (“TOS”).  America Online, Inc. v. LCGM, Inc., 46 F. Supp. 2d 444 (E. D. Virginia 1998), involved an AOL member who harvested AOL members e-mail addresses for sending unsolicited bulk e-mails (“spam”) via AOL’s network in breach of AOL’s Unsolicited Bulk E-Mail Policy and its TOS.  While the case involved other serious issues such as trademark violations for “spoofing” the spam e-mail messages as being from the “aol.com” domain, the trial court held that the TOS violations rendered defendants’ access as unauthorized and in violation of the CFAA for computer trespassing and gaining commercial information.

While the AOL case involved a member TOS agreement, Southwest Airlines Co. v. Farechase, Inc., 318 F. Supp. 2d 435 (N.D. Texas 2004), involved Southwest Airline’s Web site’s TOS and directly warning defendants about prohibited activities on its Web site.  Defendant software company created and licensed software that could “scrape” Southwest’s Web site to obtain data by “sending out a robot, spider, or other automated scraping device across the Internet.”  Another defendant licensed the software to use in a product for corporate travelers to search airline fare information.  Southwest sued under various theories, including violation of the CFAA.  Defendants argued that Southwest’s Use Agreement (“TOS”) was an unenforceable contract.  The court reserved that fact question as inappropriate in a motion to dismiss.  Rather, the court relied on Southwest’s direct communication to one of the defendants that Southwest prohibited the use of “any deep-link, page-scrape, robot, spider or other automatic device, program, algorithm or methodology which does the same things.”  Thus, Southwest directly informed one defendant that its access was authorized, giving the court grounds to deny defendants’ motion to dismiss this claim.

While the CFAA is a criminal statute, there is a private right of action.  Generally, the prospective plaintiff needs to prove damage to the computer, or “loss” exceeding $5,000.  Losses are defined as “any reasonable costs to any victim, including the cost of responding to an offense, conducting a damage assessment, and restoring the data, program, system or information to its condition prior to the offense, and any revenue lost, cost incurred, or consequential damages incurred because of interruption of service.”  Proving the statutory minimum loss to institute a civil lawsuit for injunctive and/or monetary damages can be easily met with costs of investigation and plugging security holes.  The fair value of in-house IT staff has been allowed in the calculation of “loss.”

The CFAA will likely be increasingly used in employment, trade secret and unfair competition cases.  The key takeaways with respect to the CFAA include:

• Maintain network security;
• For employees and other “insiders,” require non-disclosure agreements (“NDAs”) and provide clear limits on data access, modification and deletion through a comprehensive IT or computer use policy; and
• For Web sites, provide clear Terms of Use (“TOS”) and monitor traffic to determine whether there may be a violation of TOS and serve cease and desist letters on identifiable violators.

Web Site Terms of Service (“TOS”): A Contract with Web Users?

Many Web sites contain a link to a Terms of Service (“TOS”), Terms and Conditions of Use, or similarly titled Web page.  What are these? Essentially, these pages are the site owner’s contract or license agreement with users who simply browse or use the services offered by the site owner.  TOS are important to Web site owners for various reasons such as limiting stresses placed on the host network from unreasonable use, protecting intellectual property, and protecting against inappropriate use of the site.

Indeed, Facebook, the popular social networking site that claims 175 million users, had a backlash from users when Facebook changed its terms of use to grant Facebook what protesters claimed was greater control over user content.  Facebook reverted to its former terms of use while it studies the situation.

Are a Web site’s Terms of Service enforceable?  As with most legal issues, the qualified answer is “it depends.”  Most sites’ TOS can be lumped into one of two types of agreements: “click wrap” and “browse wrap” agreements.  There are generally no negotiations on the Internet and a contract or license requires consent.  The type of consent – explicit or implicit – is the differentiator between click wrap and browser wrap agreements.

A click wrap agreement requires users to click an “I Agree” button or manifest assent by checking a checkbox.  Click wrap agreements are used particularly by online social networking, membership and commercial online sellers, where the site owners usually also require additional personal information.  This agreement is typically a prerequisite to viewing the site or unlocking members-only content or functionality.  Of course, premium content paid sites and software as a service sites (“SaaS” and formerly referred to as an application service provider or “ASP”) also require electronic payment information and assent to payment terms.

Unlike the click wrap agreement, a browse wrap agreement is used passively on a site and is either contained on the site’s homepage or on a Web page accessed via a link to a page containing the site’s TOS.  A user is deemed to consent to the TOS by using the site.  Thus, a browse wrap agreement does not require any clear user agreement with the TOS.  Courts interpreting browse wrap agreements have been mixed as to their validity.  As a general rule, the enforceability of the browse wrap TOS has turned on whether the user has actual or constructive notice that the TOS applies.

All Web sites should have a Terms of Service page.  The TOS itself will vary depending on the site itself.  Short of requiring each user to agree to the TOS via an intrusive click wrap agreement, a site owner can increase the likelihood that users have constructive notice of the TOS.  For example, the Web site owner can make the TOS more prominent by using noticeable icons or hyperlink to the TOS with distinguishable font types, font size, capitalizations or emphasis.  Moreover, a header or footer containing language to the effect that use of the site is governed by the TOS would be more effective.

IT Digital Device Border Searches Cover More Than Just Laptop Contents.

Right to Search Digital Devices.  Legally, CBP inspecting officers have the authority to search digital devices incidental to a search at the border.  One exception to the U.S. Constitution’s Fourth Amendment prohibition against unreasonable searches and seizures relates to searches incident to border entries.  United States v. Montoya de Hernandez, 473 U.S. 531 (1985).  The Ninth Circuit Court of Appeals recently ruled that the CBP’s search of digital files does not require any level of suspicion or probable cause prior to the warrantless search.  United States v. Arnold, 533 F.3d 1003 (9th Cir. 2008).  While the inspecting officer may have the authority and the international traveler may have nothing to hide, an inspection of digital devices can be more invasive than a search through one’s underwear.  The inspection may lead to delays and possible impounding of the digital devices for further forensic analysis.

Traveler Responses to Digital Device Search Possibility.  If the traveler wishes to minimize the invasiveness of digital device inspection or if the traveler believes that they may be a likely target due to nature of business, foreign countries visited or the result of perceived profiling (of which the author provides no opinion as to whether CPB uses profiling), there are some steps that the traveler can take to minimize the chances or extent of searches.  First, the traveler can carry no digital device that the traveler does not want inspected or potentially impounded, even if the digital device is later timely released.  Alternately, the traveler can securely delete or “wipe” any data contained on the digital devices to minimize effects of an inspection.

A second alternative is to use the power of “cloud computing” and work with all data through the Internet.  This method is easy given the widespread use of Web access for mail servers and online data storage solutions.  This also assumes that appropriate security procedures are in place such as VPN connections or use of SSL encryption protocols.

A third alternative is use whole or partial hard drive encryption on laptops used while traveling internationally.  This alternative is a no-brainer as any laptop containing proprietary business data, including personally identifiable information subject to data breach notification laws, should already be encrypted.  This begs the question of what should the traveler do if asked by a CBP official for the password.  Not having the data in the first place avoids this issue, but traveling without the data or applications may not be an option.  While travelers are expected and should cooperate with the inspection process, one trial court recently held that an inspected traveler had no duty to provide CBP with a password consistent with the Fifth Amendment of the U.S. Constitition’s privilege against self-incrimination. In re Boucher, 2007 WL 4246473 (Nov. 29, 2009).

While this post only discussed the issue of returning to the United States after international travel, the CBP can inspect an international traveler prior to departing the U.S. to foreign countries.  Likewise, this post did not discuss the issue of foreign customs searches where foreign laws may be less predictable and as protective.  Indeed, the option presented regarding data encryption may be unavailable in certain jurisdictions which also restrict or prohibit importation of strong encryption technology.  U.S. export control laws may also restrict the “exportation” of strong encryption technology.  Know before you fly.

A Non-Disclosure Agreement is a contract to protect information considered to be confidential or proprietary and disclosed in an employment relationship or in business transactions.  It is sometimes called “Confidentiality Agreement” or “NDA.”

Why Is A Non-Disclosure Agreement Necessary?

•  To Protect Trade Secrets.  A Non-Disclosure Agreement is used to protect trade secrets.  A trade secret is any type of information that is not generally known by the public and from which actual or potential economic value can be derived.  The owner of a trade secret must use reasonable efforts to maintain secrecy.  By using Non-Disclosure Agreement, a trade secret owner can maintain the trade secret status, while preventing the recipient of the information from further disclosing the information to a third party and retaining control over use of that information. In many circumstances, a NDA can be specifically enforced judicially through injunctive relief.
• To Create A Business Relationship.  A Non-Disclosure Agreement is also used in common business transactions where any confidential or proprietary information is shared.  For example, when companies expand their business or create a strategic alliance such as a joint venture, development agreement or outsource business processes, the strategic partner receiving the confidential information needs limits on use and further disclosure of the confidential information.  A Non-Disclosure Agreement allows the disclosing party to share its proprietary and confidential information with others without unduly jeopardizing the information.

 Non-Disclosure Agreement Considerations

1. Definition of Confidential Information.  The definition of “Confidential Information” plays a very important part of a Non-Disclosure Agreement because it determines the scope of information disclosed and protected under the NDA.  The definition of confidential information needs to be specifically defined such as the forms of confidential information (e.g., tangible or intangible).  In most cases, the agreement includes the provision where orally disclosed information is protected if the disclosing party confirms the confidential nature of the disclosure in writing within a certain period of time.  Indeed, the form of confidential information is irrelevant to its status as a trade secret.  The Washington Supreme Court held that a memorized customer list did not lose its trade secret protected status merely because a former employee did not take the list in a tangible form.
2. Non-Disclosure Agreement Types.  A Non-Disclosure Agreement is often categorized as either mutual or one-way, but it is also used among multiple companies such as for the purpose of a strategic alliance.
3. No Use or Disclosure of Confidential Information.  Typically the disclosing party seeks to limit the recipient from disclosure to any third party or restrict use of the confidential information other than the purpose described in the NDA.  Indeed, a typical requirement is that the confidential information is allowed to be provided to the disclosing party’s employees on a need to know basis.  Generally, where confidential information is sought by a governmental body or requested by subpoena or other court order, the recipient must resist such request, notify the disclosing party and cooperate with the disclosing party in challenging the request.
4. Limits on Confidential Information.  A Non-Disclosure Agreement generally puts some limits on the type of information such as information already in public domain, possessed by the recipient before being disclosed by the discloser or independently developed within the recipient’s organization.  Another purpose to limit confidential information is to make sure that the Non-Disclosure Agreement is not extended too much and to comply with the Uniform Trade Secret Act.
5. Term of Non-Disclosure Agreement.  A Non-Disclosure Agreement is usually meant for a specific purpose and should be documented for each purpose.  Generally, the protection of confidential information remains even after the relationship of the parties ceases, so long as the confidential information remains a secret.

Common Instances Where A Company Cannot Acquire Trademark Protection

• Abandonment.  Abandonment is a situation in which the owner of a mark does not use the mark for a significant period of time, fails to protect the unauthorized use or lets others use the mark without adequate supervision.  If a mark is abandoned, the owner might lose its exclusive rights to the mark. For example, if the owner of a mark for an apartment closed its business and failed to use the mark for twenty years the owner would have abandoned the mark.
• Generic Terms.  Generic terms are common words or terms which the relevant purchasing public identify products and services and are not specific to any particular source. For example, the term “cola” is a generic term.
• Likelihood of Confusion.  The terms “likelihood of confusion” or “confusingly similar” refer to the foundation of trademark law.  It is the standard required to prove infringement of a trademark.  The likelihood of confusion test is also one of several examinations conducted by the USPTO in determining whether or not to approve an applicant’s trademark application.  Intent to infringe is not necessary as an innocent infringement is just as damaging to a trademark owner as an intentional one.  Although the defendant’s intent to infringe may play a role in assessing damages, there is no requirement that defendant have intended to infringe another’s mark.
• Descriptive Trademark.  A descriptive trademark is a mark that is descriptive or suggestive of the product or service and entitled to a lesser degree of protection than a stronger mark (i.e., one that is arbitrary or fanciful).  A descriptive trademark will not be protected unless the owner of the mark can prove that consumers are aware that the mark is associated with their product or service.  If an applicant attempts to register a weak mark, the USPTO will not approve a mark unless the applicant proves distinctiveness.
• Functional Design.  Trade Dress is the totality of elements in which a product or service is shaped or packaged, such as the shape and appearance of a product or container.  Trademark law will not protect functional aspects of a product or packaging.  For example, an electric guitar body can be made with various designs.  The guitar designs may be trademarked because the guitar’s design is not required for it to function properly.  The design may be also protected as a design patent.

Trademark Infringement

Infringement may occur when a mark is identical or confusingly similar to a trademark of its owner.  Once it is determined that another mark may be confusingly similar, a trademark owner should take aggressive action.  Failure to take steps to protect a mark can be held to constitute a waiver of any rights in the mark.  If a mark is federally registered, the registrant may initiate a civil action in federal court against anybody who used the mark without the registrant’s consent in a manner likely to cause confusion.

If the mark is infringing, the registered mark’s owner may be able to recover the infringer’s profits, the mark owner’s damages, treble damages, costs and attorney’s fees.  On the contrary, if the trademark’s owner has not been damaged, the court has discretion to allow the competitor to use the mark under very limited circumstances in order to avoid the possibility of consumer confusion.

Importance Of Trademark Registration

Registration of a trademark with the USPTO gives constructive notice nationally that trademark belongs exclusively to the registrant.  The registrant is also allowed to use the symbol ® to indicate that the trademark has been registered.  Once a mark is registered with the USPTO, an infringement action can be initiated in federal court, a variety of remedies can be granted, including damages.  A mark owner does not need to have federally registered a trademark with the USPTO to initiate a lawsuit for competing use of the infringing mark, but would rely on unfair competition laws.  Moreover, the unregistered mark owner’s right of enforcement may also be geographically limited to one or more states, rather than nationwide had the mark been registered with the USPTO.  Most states also provide for some means registering trademarks with a state agency and allow for some remedies in case of infringement.

A trademark is a “word, name, symbol, device, or combination” of these that an entity uses to identify and distinguish its goods from those of others. A service mark is similarly defined, but is used to distinguish services. The term “mark” includes both trademarks and service marks. Titles, character names, or other distinctive features of movies, television, and radio programs can also serve as marks when used to promote a product or service. Once a mark is established, the owner is entitled to its exclusive use. For example, the name “Chanel” and the overlapping double “C” symbol have value because people associate them with Chanel®’s products and all of the luxury and quality and trust that the company has built over the years.

Trademark Registration.

To register and obtain benefits of registration under federal trademark law, an applicant files an application with the U.S. Patent & Trademark Office (“USPTO”).  A mark can be registered if it is currently used in commerce.  An applicant can also file an intent to use application if the applicant intends to put mark into practice within six months, although subsequent extensions are available and registration is required.  A registration is effective for ten years and renewable every ten years.  After the initial registration, however, the mark’s owner must file an affidavit demonstrating continuous use in commerce between fifth and sixth years after the initial registration.  World-wide trademark registration and management is complicated because trademark rights are solely territorial in scope.  Each country has its own laws and registration systems.  Some countries, for example, grant trademark rights based on a first to use in commerce basis and other countries on a first to file basis.  Generally, to obtain global trademark protection, the rights have to be acquired individually on a country by country basis, although treaties, such as the Madrid Protocol, provide a means to coordinate registrations.

Trademark Law.

Trademark law gives the most protection to distinctive names, logos, and other marketing devices. In decreasing order of distinctiveness are marks that are:  (1) arbitrary and fanciful; (2) suggestive; (3) descriptive; and (4) generic.  Arbitrary marks can be commonly used words that have no relationship to the goods or services they are associated with.  Fanciful marks are typically made-up names.  Suggestive marks suggest a good or service without actually describing them.  Descriptive marks describe a product or service, such as the purpose, quality or geographic origin.  Generic marks merely describe the type of product or service.  Distinctive marks include arbitrary, fanciful and suggestive marks, which are registerable with the USPTO without demonstrating that the mark has acquired a “secondary meaning” in the market.  Descriptive marks, however, may only be registered if a “secondary meaning” has developed through sales and advertising and can be demonstrated by the applicant’s substantially exclusive and continuous use for five years.  Competing uses of marks are generally resolved in favor of the owner to first to use the mark in a category or within a geographic area.  The test used to determine whether one company’s mark infringes that of another is whether the use is likely to cause confusion, mistake, or deception among the relevant consuming public.  In the test, actual confusion is not necessary.  It is likelihood of confusion that is measured.  In Trademarks 102 (Part 2 of this series), trademark limitations, infringement and importance of registration will be explored.

A trade name is a name that is commonly used by a business that does not use the full legal name of the business.  Although it is usually registered with a state government agency and is commonly referred to as a “doing business as” or “DBA,” it is a “shorthand” business name used for commercial purposes.  The state government does not give companies a trade name with a prospective right as granted for a trademark.  A trade name is protected only if it is functioning as a trademark to identify and distinguish the company’s goods from those of others.

Trade Name Registration

Although the procedures to register a trade name vary from state to state, registration of a trade name does not involve any complicated process to be approved by a state government.  Applicants simply list the name they want to register on the application and pay for the processing fee and the registration fee.  There is generally no “clearance” performed by the state agency other than to deny registration for a trade name already registered.

What Is The Difference Between A Trade Name And Trademark?

A trade name is a “shorthanded” name to identify a business other than by its legal name, such as “ABC” (trade name) instead of “ABC Inc.” (legal name).  A trade name may also be used to identify a company’s products or services just like a trademark but in order to receive trademark protection, the trade name that is used as a trademark must be protected as a trademark.  As mentioned in an earlier trademark article, trademark law gives the most protection to distinctive names, logos, and other marketing devices.  In decreasing order of distinctiveness are marks that are: (1) arbitrary and fanciful; (2) suggestive; (3) descriptive; and (4) generic.  A business should not assume that its registered trade name gives the company the right to use the trade name for any business purpose and is legally fully protected.

Trade Name Infringement

The test used to determine whether one company’s trade name infringes that of another is whether the use is likely to cause confusion, mistake, or deception among the relevant consuming public just as the test used for trademark infringement.  Therefore, if a company’s trade name is sufficiently similar to another’s registered trademark, the test of “likelihood of confusion” is applied to such confusing trade name and a trade name may infringe on a trademark.  Misuse of a trade name could also expose a company to liability under federal and state unfair competition laws and consumer protection acts.

Although trade name registration is not a complicated process, companies should be careful about selecting a trade name.  If the trade name is infringing another’s trademark, the company using the infringing name might ultimately have to change it and spend extra costs on reparative advertising in addition to defending and paying damages from a trademark infringement lawsuit by the trademark owner. In other words, the business should approach trade name adoption with similar care as it would create trademarks.

 A trade secret is any information that derives economic value from not being generally known, has been maintained in confidence, and is not known by competitors.  A company that owns trade secret may petition a court for a relief against those who have obtained or used its trade secret through improper means.  The trade secret owner can also institute an action against those who wrongfully publicly disclose the trade secret in violation of legal obligations such as conditions set out under a non-disclosure agreement (“NDA”).

 Trade Secret Law

Each state has its own statute or regulations that govern trade secrets.  Most states, however, have enacted a form of the Uniform Trade Secret Act (UTSA).  Although the majority of states have adopted the UTSA, the enacted versions and judicial interpretations of the UTSA may also differ from state to state.  In Washington State, Uniform Trade Secret Act is set out in Chapter 19.108 of the Revised Code of Washington (RCW).

 Trade Secret Protection

Trade secret law requires maintenance of secrecy, and it is a type of intellectual property law.  Whereas patent law protects inventions, processes or useful business methods for a number of years in return for the owner’s full disclosure of the information to U.S. Patent and Trademark Office (USPTO).  On the contrary, a trade secret can be protected permanently so long as it is not disclosed to the public and reasonable steps are undertaken to preserve secrecy.

 Companies need to consider whether hey seek protection under trade secret law or another type of intellectual property law such as copyright or patent law.  A typical example for this choice is the Coke® recipe.  The Coca-Cola Company protects the Coke® formula as a trade secret, which allows for indefinite protection so long as the company takes reasonable efforts under the circumstances to maintain secrecy.

 Compare protection under patent law, which gives the owner the exclusive rights to make, use and sell the protected item for a limited period of time.  Patent rights are more comprehensive for a finite period, but require patent filings with the USPTO.  Patents can also be very expensive to prosecute.  On the other hand, the trade secret owner does not have to file a trade secret application or registration with any government office.

 The fact that no registration is needed does not mean that obtaining trade secret protection is easy.  Trade secret protection requires significant efforts by setting up a program to create and administer reasonable measures to keep the information secret.  Moreover, a trade secret owner does not command exclusive use of the trade secret.  Any competitor may lawfully use the subject of the trade secret so long as it is independently developed and implemented.

Trade Secret Protection Methods

 Since the key in determining whether information is deemed to be a trade secret is the confidentiality of the information, it is essential to institute a preventive program to protect the company’s confidential information.

•  Physical Measures.  Companies need to develop a variety of physical measures to protect their proprietary information.  Reasonable security measures are required for trade secret protection.  Reasonableness may require that areas in which the information was being used or store were made physically inaccessible to others (for example, one is personally escorted to another floor where all the doors are locked and monitored).  For trade secrets stored electronically, reasonable efforts may require adequate IT security measures such as commercially reasonable firewalling, access control and use of encryption technologies.
• Contractual Measures.  Under many circumstances, someone receiving a company’s trade secret takes it subject to an implied obligation not to disclose.  However, having a written agreement has several benefits for the trade secret owner.  The existence of a NDA provides evidence that the owner of the trade secret is taking confidentiality measures.  The formality of an agreement also ensures that the recipient of the trade secret is expected to protect the information and it warns of possible consequences if it is not implemented.  A written agreement also makes available a remedy for breach of the agreement as well as trade secret liability.

 Trade Secret Protection Limitations

 While a patent, for example, gives the patent owner the exclusive use of the patent, trade secret protection does not protect against independent development of a product or process that is the subject of the trade secret.  Moreover, trade secret law does not protect information that is in the public domain.

 Trade Secret Litigation

 The owner of the trade secret harmed by trade secret theft can commence by filing of a complaint describing the defendant’s wrongful conduct.  Such action should be done as soon as the leakage of the trade secret is discovered.

 Litigation between a company and its former employee is the most common trade secret case.  This situation typically arises where an employee departs from the former employer and starts their own business or joins another company, either of which is a competitor of the former employer.  Employers often file a trade secret action, claiming that the former employee is using the employer’s trade secret.  Memorization of trade secrets is typically is not a defense.  A successful plaintiff can obtain injunctive relief to prevent further leakage of the information and monetary damages to compensate the owner of the trade secret.