What do the formula for Coca-Cola and the source code to Microsoft Word have in common?
They’re both trade secrets, immensely valuable to their owners because they’re kept secret and unavailable to their competitors. Consider whether Coke would be the best-selling cola and Word the top-selling PC word processor if one could download the Word source code from the Internet, or read the recipe to Coke at the Chicago Public Library.
How does the law define a trade secret? In Illinois, very broadly. The Illinois Trade Secrets Act (P.A. 85-366, effective Jan. 1, 1988) provides sweeping protection to confidential trade secret information that gives businesses competitive advantage. Under the statute, a trade secret is any:
information, including but not limited to, technical or non-technical data, a formula, pattern, compilation, program, device, method, technique, drawing, process, financial data, or list of actual or potential customers or suppliers, that:
(1) is sufficiently secret to derive economic value, actual or potential, from not being generally known to other persons who can obtain economic value from its disclosure or use; and
(2) is the subject of efforts that are reasonable under the circumstances to maintain its secrecy or confidentiality. [Emphasis added.]
With respect to software, a trade secret can be as expansive as the program’s source code itself and its underlying architecture, or a particular component of its architecture that determines functionality, such as statistical assumptions for computing investments. The key to “trade secret status” is that the claimed trade secret provide its owner a competitive advantage by not being generally known to others, and the owner takes reasonable steps to prevent the trade secret from becoming generally known.
Unlike patents and copyrights, trade secrets cannot be “infringed.” But they can be lost or stolen. They’re potentially lost when their owners fail to take, as required by the statute, reasonable steps to maintain their secrecy or confidentiality. Insufficient efforts at maintaining secrecy might include a software company allowing visitors who have not signed confidentiality agreements to stroll through its development lab where next generation product plans are within plain view. Or where employees have not been required to follow procedures for protecting confidential information and copies of source code without confidentiality notices are scattered throughout its offices. In these circumstances, a court might choose not to protect the claimed trade secret when its owner seeks legal relief against someone who has allegedly “misappropriated” it.
Illinois law, however, tilts the balance in favor of protecting trade secrets and confidential information. The Illinois Trade Secrets Act broadly defines what constitutes trade secret misappropriation. Under the statute, “misappropriation” means:
(1) acquisition of a trade secret of a person by another person who knows or has reason to know that the trade secret was acquired by improper means [“improper means” includes “theft, bribery, misrepresentation, breach or inducement of a breach of a confidential relationship or other duty to maintain secrecy or limit use, or espionage through electronic or other means,” but not reverse engineering or independent development]; or
(2) disclosure or use of a trade secret of a person without express or implied consent by another person who:
(A) used improper means to acquire knowledge of the trade secret; or
(B) at the time of disclosure or use, knew or had reason to know that knowledge of the trade secret was:
(I) derived from or through a person who utilized improper means to acquire it;
(II) acquired under circumstances giving rise to a duty to maintain its secrecy or limit its use: or
(III) derived from or through a person who owed a duty to the person seeking relief to maintain its secrecy or limit its use; or
(C) before a material change of position, knew or had reason to know that it was a trade secret and that knowledge of it had been acquired by accident or mistake. [Emphasis added.]
The statute prohibits both active and passive conduct resulting in unfair use of another’s trade secret information. Apart from the prohibitions one would expect against theft, fraud and breach of a duty of confidentiality, the Act also prohibits the use of another’s trade secrets which are obtained inadvertently through accident or mistake. If your competitor unintentionally leaves its appropriately marked confidential strategic plan in your potential client’s conference room after a presentation, you should think twice before sneaking a peek. If you use or further disclose that information, you are potentially liable under the Act for trade secret misappropriation. Your competitor can sue you to get an injunction against your use and disclosure of its trade secrets. In addition, you may be required to pay your competitor monetary damages for its actual loss and your unjust enrichment from the misappropriation. A court can also force you to pay royalties to your competitor. And if it believes your misappropriation was willful and malicious, you can be slapped with punitive damages up to twice the amount of compensatory damages, as well as forced to pay your competitor’s legal fees.
Unlike a patent, which lasts 20 years, a trade secret can potentially last forever. That is, so long as its owner takes reasonable steps to keep it secret and someone else doesn’t independently create, “discover,” or develop it using “improper means” as defined above. Under the Act, reverse engineering is specifically excluded from the definition of “improper means” making this method of discerning a competitor’s trade secrets available. Other concerns come into play in the process of reverse engineering software, such as avoiding infringing your competitor’s copyrights, and that is the subject of another article.
Attorney Eric Freibrun specializes in Computer law and Intellectual Property protection, providing legal services to information technology vendors and users. Tel.: 847-562-0099; Fax: 847-562-0033; E-mail: email@example.com.