TO MAXIMIZE PROTECTION OF THEIR TRADE SECRETS AND CONFIDENTIAL INFORMATION, EMPLOYERS MAY NEED TO ADD WHISTLEBLOWER IMMUNITY LANGUAGE TO THEIR CONFIDENTIALITY AGREEMENTS WITH EMPLOYEES, INDEPENDENT CONTRACTORS AND CONSULTANTS

by Employment Attorney Leslie Lockard
The Law Office of Leslie Lockard, P.C.
P.O. Box 537
Walpole, MA 02081
Tel. 508 850-9800
FAX 508 850-9801
Email: Llockard@leslielockard.com
Website: www.LeslieLockard.com
August 16, 2016

Although the Massachusetts House and Senate each passed bills that would have significantly restricted non-competition agreements, and most observers expected a compromise bill to pass, the legislative session ended without a law being enacted. Bills to restrict the use of non-competition agreements will now have to start the legislative process anew when the 2017 legislative session begins in January. Many employers are relieved that these bills did not pass, as the Senate and House bills would have limited the duration of non-competition agreements to three months and one year, respectively, and both bills would have required employers to compensate employees for the time they are restricted from competition post-employment.

Another law on the closely related topic of trade secret protection did pass, though: the federal Defend Trade Secrets Act (DTSA). The DTSA provides strong new federal remedies for trade secret theft, in addition to those that may be available under state law. A “trade secret” in the DTSA is defined broadly to include all forms and types of financial, business, scientific, technical, economic, or engineering information, including patterns, plans, compilations, program devices, formulas, designs, prototypes, methods, techniques, processes, procedures, programs, or codes, whether tangible or intangible, and whether or how stored, compiled….” Presumably, the definition is broad enough to include customer lists, customer preference and sales history reports and the like. To be protected, though, the employer must have taken “reasonable measures to keep such information secret”. (I include a Trade Secret Protection Checklist below).

One section of the DTSA states that that “employers shall include in any contract or agreement with an employee that governs the use of a trade secret or other confidential information” a notice explaining that he/she will be immune from liability for trade secret disclosure in certain circumstances. (Oddly, an “employee” in this context also includes anyone performing work for the employer as an independent contractor or consultant). Failure to provide an immunity notice is not unlawful in itself, but disqualifies employers from two of the potential strong DTSA remedies: the ability to recover punitive damages and to receive an award of attorney fees. To maximize their bargaining power in cases of trade secret theft, and remain eligible for these two remedies, employers must include in agreements relating to trade secrets and confidential information a notice which informs employees, independent contractors and consultants that: they cannot be held liable under any federal or state trade secret law for disclosure of a trade secret in confidence to a federal, state or local government official, or to an attorney, solely for the purpose of reporting or investigating a suspected violation of the law; or in a court complaint or filing under seal.

The immunity notice would need to be included in any agreement with an employee, independent contractor or consultant which addresses the confidentiality of trade secrets and confidential information. Such agreements include stand-alone nondisclosure agreements and confidentiality agreements, and other agreements which include confidentiality provisions, such as:
  • noncompetition or nonsolicitation agreements;
  • offer letters;
  • employment agreements;
  • independent contractor agreements;
  • intellectual property, invention assignment or proprietary rights agreements;
  • separation or severance agreements;
  • consulting agreements.
Employers who choose to adopt this immunity language will therefore need to think of all agreements they have which address confidentiality/non-disclosure obligations. They must also remember to add the immunity language to all such agreements in the future.

The immunity language can be covered in about two paragraphs and therefore is not unduly long or burdensome to include. Adopting this language may therefore be advisable, particularly for businesses whose success strongly depends on maintaining the confidentiality of its trade secrets and confidential information.

Employers who want to adopt this immunity language have two options for doing so:
  1. They can include the immunity language in every agreement which sets forth non-disclosure or confidentiality requirements applicable to employees, independent contractors or consultants.
  2. They can place the immunity language in an employee handbook or policy, for example, in a confidentiality, code of conduct, ethics or anti-retaliation policy, and then simply refer to the handbook/policy in each employee confidentiality agreement, without setting forth the immunity language in full. (This option would work best for employees, as independent contractors and consultants usually would not have access to an employee handbook).
Employers who wish to obtain the benefits of incorporating this immunity language need not amend all existing agreements that include non-disclosure or confidentiality obligations: only those that were adopted or amended on or after May 11, 2016. It should not be necessary to reopen and renegotiate agreements entered on or after May 11. The employer could probably just provide notice of the immunity language to the employee and keep a copy of the notice with the agreement.

To Be Eligible For Court Protection Of Their Trade Secrets and Confidential Information, Employers Must Show That They Used Reasonable Measures To Protect Them

Both under Massachusetts law and the new federal DTSA, employers must show that they used reasonable measures to protect their trade secrets and confidential information in order to obtain an injunction or other judicial remedies in the event of a theft or breach. I have compiled a brief checklist of questions that employers should regularly ask themselves to help ensure that they are sufficiently protecting their trade secrets and confidential information:
  1. Do we have clearly worded, up to date confidentiality agreements and/or policies that inform employees who have access to our trade secrets and confidential information that they must keep such information strictly confidential? Do our agreements and policies clearly explain what uses and disclosures are prohibited?
  2. In the rush of day to day business, have we allowed our confidentiality agreements and/or policies to become outdated, so that they no longer cover all information that we would not want employees to disclose to a competitor, or to the public? For example, do we now have new types of information or business lines that are not covered by the wording of our existing agreements or policies?
  3. Have our confidentiality agreements and policies been updated to address the latest developments in technology? (For example, there have been several recent cases in which departing employees allegedly took their prior employer’s confidential documents by transferring them to a DropBox or Google Driver account. In another reported case, an employee posted a selfie without realizing that confidential materials were visible in the photo). Do we need to update our agreements/policies to address new communications methods and technologies? For example, do we need a policy prohibiting or restricting the transfer of confidential documents to Drop Box or Google Driver accounts?
  4. Over time, are there new employees who have access to our confidential information but who have not signed a confidentiality agreement or received a copy of our confidentiality policy?
  5. In practice, do we have sufficient security procedures in place to restrict access to our trade secrets/confidential information? For example, do we restrict access only to those employees who need to know the information in order to carry out their work responsibilities? Do we require complex passwords for access to our most sensitive information, which must be changed at regular intervals? Do we need to, and if so, do we encrypt such information?
  6. Do we have sufficient security measures in place so that we would learn of suspicious patterns of access, such as an employee who works days logging in for long periods of time in the middle of the night?
  7. Do we have adequate security procedures so that we can verify that a departing employee has not accessed or copied our confidential information/ trade secrets to use in his new employment?
  8. Do we have a procedure which immediately discontinues a departing employee from any means of access to our computer and communications systems? Do we immediately discontinue all departing employee email and user accounts?
  9. If we allow employees to use their own electronic devices to do company business, do we have device management software, and a device management policy, that allows us to remotely wipe all company information from the employee’s device?
  10. Are we regularly training and reminding employees of our confidentiality policies and procedures? For example, are we keeping employees updated and educated about how to recognize phishing attempts, and about not clicking on unrecognized links, attachments or PDF files? Are we training and continually reminding employees of their confidentiality obligations by multiple means: eg, when onboarding, in staff meetings, in e-mails, at annual reviews?
  11. Are we keeping documentation such as a list of the dates and types of training we do, to assist us in proving, if we ever need to, that we took reasonable measures to try to keep our information confidential?









Testimonials

"Thank you so much for handling my case so skillfully on our way to victory. Your skilled guidance, your superb confidence-building manner, and your kind, warm handling of all our encounters eased the pain of confronting this difficult situation. Again I thank you for all your help and friendship."


 

Contact Info

Attorney Leslie Lockard
The Law Office of Leslie Lockard, P.C.
P.O. Box 537
Walpole, MA 02081
Tel. 508 850-9800
FAX 508 850-9801
Email: Llockard@leslielockard.com
Website: www.LeslieLockard.com