Proprietary Information
Proprietary information, also known as trade secrets, is sensitive information owned by an institution or individual that is not intended for public disclosure. Because of its importance and value, proprietary information is considered property. More commonly known as and referred to by lawyers as trade secrets, proprietary information generally covers information maintained as confidential by individuals or entities or information that an organization wishes to keep secret.
Examples of proprietary information, which often includes material and information relating to or associated with a company’s products, business, or activities, are as follows:
- Business plans
- Client lists
- Compilations
- Cooking recipes & formulations
- Designs
- Existing and future product designs
- Financial information
- Product Formulas
- Intellectual property
- Marketing plans or techniques
- Methods
- Patterns
- Performance specifications and reports
- Plans
- Procedures
- Processes
- Product research and development information
- Product specifications
- Proprietary computer programs
- Prototypes
- Schematics
- Techniques
Proprietary information can also extend to a company’s salary structure, employment contracts, and hiring plans. As related to employment, it can also include any information an employee learns while working for the organization.
Let’s jump in and learn:
Legislation on Proprietary Information
Laws protecting proprietary information were historically related to patents, copyrights, and trademarks. Three key pieces of legislation, passed in the latter part of the 20th century and the early 21st century, specifically recognize proprietary information and trade secrets.
1. Economic Espionage Act of 1996
2. Defend Trade Secrets Act of 2016
3. Uniform Trade Secrets Act of 1985
Economic Espionage Act (EEA)
The Economic Espionage Act of 1996 criminalizes the theft of trade secrets, or economic espionage, under two circumstances. The first is theft of a trade secret “intending or knowing that the offense will benefit any foreign government, foreign instrumentality, or foreign agent.” The second case covers theft of a trade secret “that is related to a product or service used in or intended for use in interstate or foreign commerce, to the economic benefit of anyone other than the owner thereof, and intending or knowing that the offense will, injure any owner of that trade secret.”
If proprietary information is stolen, the perpetrators of theft of trade secrets are prosecuted by the Department of Justice. Theft of trade secrets is punishable by imprisonment, fines, or both.
Individuals may be fined up to $500,000 and corporations up to $5 million. A violator may also be sent to prison for up to ten years. If the theft is performed on behalf of a foreign government or agent, the corporate fines can be doubled, and jail time may increase to 15 years. In addition, all property utilized and proceeds derived from the theft can be seized and sold by the government.
Defend Trade Secrets Act of 2016 (DTSA)
DTSA was the first law established that pertained to trade secrets. It provides trade secret owners with a uniform, reliable, and predictable way to protect their proprietary information anywhere in the United States. Because the DTSA does not preempt existing state trade secrets laws, trade secret owners have the option to pursue prosecution in state or federal venues.
Uniform Trade Secrets Act (UTSA)
Many states have enacted laws that make trade secret infringement a crime. Each has modeled their legislation around the model set forth in the UTSA, but with differences and, in some cases, enhancements.
For instance, it is a crime to acquire, disclose, or use trade secrets without authorization in California. Under Cal. Penal Code Section 499(c), trade secret theft is categorized as a form of larceny and carries fines for a violation that can be up to $5,000, a sentence of up to one year in jail, or both.
According to the UTSA, all proprietary information is protected no matter if it is “tangible or intangible, and whether or how stored, compiled, or memorialized physically, electronically, graphically, photographically, or in writing.” In addition, the UTSA requires owners to take reasonable measures to protect proprietary information.
Protecting Proprietary Information, a.k.a. Trade Secrets
Beyond cybersecurity systems and physical access controls to protect against external and insider threats, protecting proprietary information, a.k.a trade secrets, requires policies. These requirements detail how proprietary information should be handled, including:
- Identifiers (e.g., watermarks) and document management policies
- Employee protocols
- Non-employee protocols
- Proprietary information agreements
Proprietary Information Identifiers and Management
- All proprietary information should be clearly marked “CONFIDENTIAL,” and be subject to policies that prohibit replication, distribution, or other disclosure.
- Non-disclosure agreements (NDAs) should be used when proprietary information or trade secrets may be disclosed during meetings or when this information is shared.
- Protocols should be in place to regularly confirm that any proprietary information is being properly protected.
- Processes should be in place to ensure that newly created proprietary information is identified and handled appropriately.
Employee Protocols for Proprietary Information
Implement and enforce procedures for employees that protect sensitive and proprietary information and trade secrets, especially when they join and leave. This should focus on non-disclosure agreements—signing and abiding by the terms that protect proprietary information and trade secrets.
Non-Employee Protocols for Proprietary Information
- Agreements should be in place with independent contractors and other organizations that include a non-disclosure clause to protect proprietary information and trade secrets
- Speeches, technical papers, and demonstrations must not include proprietary information or trade secrets, if shared with anyone who has not signed a non-disclosure agreement
- Access to proprietary information should be limited based on the principle of least privilege, meaning only shared with people who require the information to perform their duties.
Proprietary Information Agreements (PIA)
A PIA can be used in situations where proprietary information or trade secrets are shared between organizations. There are three types of proprietary information agreements:
- Unilateral
- Bilateral
- Multilateral
Some of the more common provisions of a PIA include:
- Parties—should be named and sign the agreement
- Detailed list—the exact items that are to be considered proprietary and information or materials that will not be subject to such privacy
- Terms and conditions—such as the period information is kept confidential, and under what conditions, if any, allow disclosure
- Permissions—clarification that the disclosing party is permitted to seek legal remedies in the event the contract is broken
- Termination clause—what must be done with the proprietary materials when the agreement has been terminated
- Responsibilities—outline the commitments of the party who’s receiving the information
- Disclosure exceptions—circumstances under which disclosure is permitted
What Constitutes Proprietary Information
The first step to qualifying as proprietary information or a trade secret is that the owner must make a reasonable effort to protect the information from the public. If the owner of proprietary information fails to protect the secret or if the secret is independently discovered, released, or becomes general knowledge, it has no legal protection.
What constitutes proprietary information is anything considered highly valuable that an individual or a company produced and that is not allowed to be transferred or displayed publicly. That information is considered an asset.
The Importance of Protecting Proprietary Information
The variety and expanse of proprietary information makes it particularly difficult to manage and protect. However, like all sensitive data, proprietary information warrants the extra efforts that are required to protect it. The importance of protection is that it not only safeguards the information from unauthorized use, but ensures that it is eligible for legal protection.
Egnyte has experts ready to answer your questions. For more than a decade, Egnyte has helped more than 16,000 customers with millions of customers worldwide.
Last Updated: 15th February, 2022