Trade Secret Management and the Fear of Missing Something
“The point is that you don’t have to boil the ocean to know what you have at a sensible level of detail. For many companies, it will be enough to identify the categories of information that are (or will be) your ‘crown jewels.’”
“An approximate answer to the right problem is worth a good deal more than an exact answer to an approximate problem.”
— John Tukey
As I was participating in a recent conference of trade secret nerds (yes, we often refer to ourselves that way), I found myself thinking about the Titanic. More specifically, about the legend of the missing binoculars. It seems that on that tragic night in 1912 the lookout was unable to find a pair of binoculars that he thought had been stowed in the crow’s nest. According to the story, they were in a locked box in the quarters of the former second officer, who had been transferred to another ship just before departure (lucky guy) and apparently took the key with him. In the immediate aftermath of the sinking, no one considered that the lack of binoculars had anything at all to do with the ship’s failure to steer clear of the iceberg. It was pitch dark, and the obvious cause was excessive speed. The official report didn’t even mention binoculars. But during the later inquest, the lookout testified about his futile search, and the “but for the binoculars” legend was born.
Whether to ‘List’ Your Trade Secrets
Why did this come to mind sitting in a meeting about trade secret management? We were debating a classic question: should a company create a “list” of its secrets, so that it can sensibly manage them and be ready if it has to go to court to protect them? The transactional lawyers in the group said yes, but many of the litigators were opposed. They worried that if a company committed to a list, it might later need to file an action to enforce a secret that wasn’t on the list and lose the case as a result. Like the binoculars, something that initially seemed fairly insignificant might become critical in a new context.
Proving trade secrets often requires focus on the impression that you’re giving the judge or jury about what information really matters to you. Ideally, the owner offers compelling evidence that this specific design, or code, or process makes a big difference to the success of the company. But if you had failed to put this on the “list,” it’s hard to avoid the argument that you didn’t care enough about it, or it just wasn’t all that important. However, as we’ll see it doesn’t necessarily have to end up that way; a lot depends on how you go about “listing” what you have.
At our meeting, the argument boiled down to a contest of competing perfections. The corporate lawyers wanted to maximize the company’s ability to manage an asset that is as valuable as it is evanescent, so were willing to take some risk on a later dispute if in return the business could more effectively supervise its secrets. The litigators wanted to maximize flexibility to “adjust” the company’s claimed secrets to later circumstances, without worrying about a previous catalog that may have missed something now considered to be important.
There’s No One Right Answer
Both sides in this debate were right and wrong. Yes, the law requires that a company trying to enforce its trade secret rights demonstrate that it has engaged in “reasonable efforts” to keep them secret; and knowing what they are is an obvious first step in that process. But the law requires only that the business act reasonably, not flawlessly. Similarly, in litigation where you have strong proof of theft, the jury is not likely to be too distracted by the fact that you didn’t perfectly categorize all the secrets that you can now prove have value.
Of course, it certainly helps to show that you have always taken seriously the need to protect the information that gives your business a competitive edge. The judge or jury tends to equate the actual value of your secrets with the relative effort that you have put into caring for them. But that doesn’t mean you have to inventory each and every bit of data. That’s a fool’s errand. Because trade secrets are so granular and pervasive throughout the enterprise, and because they – and their value – are always changing, you would have to be updating the list daily, and you would never get it totally right.
There is a simpler way to identify your information assets, one that doesn’t take inordinate resources or risk losing a lawsuit. It recognizes that there is no one “best practice,” but only a range of practice that is “reasonable under the circumstances” for your business. As that phrase suggests, there are multiple potentially relevant factors.
A Lot Depends on the Nature of the Business
For example, if you run a small business that is relatively predictable, such as a restaurant or an insurance agency, you already have an appreciation for the secrets you need to protect, whether recipes or customer lists. And you know that the main risk you face is with employees who may be tempted to walk off with them. Having that in mind, your efforts will be focused on limiting access, perhaps with some training to help the workforce understand why those things are sensitive.
At what might be the other extreme, if yours is a startup tech company with a mission to disrupt a market, you will be creating and discarding ideas and data as you quickly grow. Your dataset of valuable information is necessarily dynamic (as are the risks it faces). In that environment, trying to stop and get a useful handle on what your most important secrets are can be very difficult; everything is moving too fast.
But that doesn’t mean you should just throw up your hands and forget about trying to understand the nature of your competitive advantage. You may not have (yet) discovered something discrete on the order of the blockbuster drug molecule or the perfect search algorithm; but even in the early stages you learn a lot about what works and what doesn’t. You develop an idea of what the ideal feature set for your upcoming product might be. You begin to understand what it is that your customer base would love to have, if only you could deliver it to them.
Would you want your competitors to have access to all that information? Of course not. But if you don’t pause from time to time to think about what it is, then you won’t be in a position to actively manage it, to protect it and use it to increase enterprise value. Remember, the “it” we’re talking about here is the essence of what distinguishes your company, or will distinguish it going forward. What could be more important?
You Don’t Need to Boil the Ocean
The point is that you don’t have to boil the ocean to know what you have at a sensible level of detail. For many companies, it will be enough to identify the categories of information that are (or will be) your “crown jewels,” recorded and briefly described on a spreadsheet that is regularly updated. Other companies wanting to impose more discipline on the process may opt to use a trade secret management tool such as Tangibly. Whatever sort of system you adopt, its description or user notes should include the caveat that it is intended as a guide for management, and should not be seen as comprehensive or exhaustive. By doing that, and also describing your secrets in broad terms, you will decrease the risk that something omitted becomes a problem.
On the positive side, you will have given yourself a solid basis for effective management of your information assets by assigning appropriate risk levels and considering mitigation measures. And you will be much more prepared for transactions like acquisitions or licenses, and also able to respond immediately with litigation when your rights are threatened.
At least you won’t be frantically searching for the keys to the binoculars case.