Dr. Amandeep Singh Anushthan Assistant Professor Enrollment No.160101040 Section: A

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 18

DR.

RAM MANOHAR LOHIYA,


NATIONAL LAW UNIVERSITY,
LUCKNOW
SESSION-2019

SUBJECT: CYBER LAW

TOPIC- PROTECTION OF TRADE SECRET IN CYBER SPACE

CLASS: B.A.LL.B. (HONS), VIIth SEMESTER

SUBMITTED TO SUBMITTED BY

DR. AMANDEEP SINGH ANUSHTHAN

ASSISTANT PROFESSOR ENROLLMENT NO.160101040

SECTION: A

1|Page
ACKNOWLEDGMENT
It is my greatest pleasure to be able to present this project of the Cyber Law. I found it very
interesting to work on this project. I would like to thank Dr. Amandeep Singh Assistant
Prof., Faculty of law, Dr. Ram Manohar lohiya National Law University for providing me
with such an interesting project topic, for his unmatched efforts in making learning an
enjoyable process, for his immense sincerity for the benefit of his students and for his
constant unconditional support and guidance.

I would also like to thank my librarian for helping me in gathering data for the project. Above
all, I would like to thank my parents, who from such a great distance have extended all
possible moral and motivated support for me and have always advised me to be honest in my
approach towards my work.

2|Page
TABLE OF CONTENTS
ACKNOWLEDGMENT.................................................................................................................2

INTRODUCTION...........................................................................................................................4

MEANING OF TRADE SECRET AND CONFIDENTIAL INFORMATION.............................5

WHAT IS TRADE SECRET?.........................................................................................................5

SIGNIFICANCE OF TRADE SECRETS.......................................................................................6

POSITION IN INDIA......................................................................................................................8

PROTECTION OF CONFIDENTIAL INFORMATION/TRADE SECRET IN THE HAND OF


EMPLOYEES..................................................................................................................................9

Non-disclosure Agreements:.......................................................................................................9

Internal Processes:.....................................................................................................................10

An Exit-Interview:.....................................................................................................................11

TRADE SECRET vis-à-vis OTHER INTELLECTUAL PROPERTY RIGHT............................11

CONFIDENTIAL INFORMATION.............................................................................................12

What is the Threat to Trade Secrets in Cyberspace?.....................................................................13

MISAPPROPRIATION OF TRADE SECRETS: LIABILITY OF THIRD PARTIES................14

CONCLUSION:............................................................................................................................15

3|Page
INTRODUCTION
In today’s globalised economy, the organization are protecting its intellectual property by
adopting the available measures in form of patents, copyright, trademark etc. but besides these
popular IP rights there are other IP rights not so popular but which are recently drawing
attentions all over the world- Confidential Information and Trade Secret.

Confidential information and trade secrets are protected under the common law and there are
no statutes that specifically govern the protection of the same. In order to protect trade secrets
and confidential information, watertight agreements should be agreed upon, and they should
be supported by sound policies and procedures. Protection of Confidential Information in the
Hands of Employees In this information age, it’s imperative that a business protects its new
formula, product, technology, customer lists, or future business plans. In the global
marketplace, Indian corporations are often required to comply with foreign laws and are likely
to be exposed to liabilities for violation of confidential information or trade secrets of their
business partners or third parties. For example, the U.S. Economic Espionage Act, 1996
imposes criminal liability (including fines and prison sentences) on any person who
intentionally or knowingly steals a trade secret, knowingly receives, or purchases a
wrongfully obtained trade secret. The standards for protection have to be tailored to address
the risks associated with rapid advancement in technology and communications. The
standards accepted today may become inadequate tomorrow. However, one constant factor is
the presence of a corporate culture imbued with information protection values. The employees
of an organization are privy to confidential information and trade secrets on a daily basis. In
the absence of any specific Indian statute conferring protection on such information in the
hands of employees, recourse has to be taken to common law rights and contractual
obligations.

4|Page
MEANING OF TRADE SECRET AND CONFIDENTIAL INFORMATION
There is no legislation in India defining term trade secret and confidential information.
However the concept has been discussed widely around the world and we can sum up under
these headings.

WHAT IS TRADE SECRET?


A trade secret refers to data or information relating to the business which is not generally
known to the public and which the owner reasonably attempts to keep secret and confidential.
Trade secrets generally give the business a competitive edge over their rivals. Almost any
type of data, processes or information can be referred to as trade secrets so long as it is
intended to be and kept a secret, and involves an economic interest of the owner. For example,
a business may have certain internal business processes that it follows for its day-to-day
operations that give it an edge over its competitors. This could be regarded as a trade secret.

The Agreement on Trade-related Aspects of Intellectual Property Rights (TRIPS) under the
auspices of the World Trade Organization lays down the following three criteria for regarding
any information as undisclosed information (or trade secrets):

• It must not be generally known or readily accessible by people who normally deal with such
type of information

• It must have commercial value as a secret

• The lawful owner must take reasonable steps to keep it secret.

North American Free Trade Agreement (NAFTA) defines a trade secret as “information
having commercial value, which is not in the public domain, and for which reasonable steps
have been taken to maintain its secrecy.”

The Uniform Trades Secrets Act, 1970 also provides for the definition of trade secrets, which
is as follows:-

5|Page
“Information, including a formula, pattern, compilation, program device, method, technique,
or process, that: (i) derives independent economic value, actual or potential, from no being
generally known to, and not being readily ascertainable by proper means by, other persons
who can obtain economic value from its disclosure or use, and (ii) is the subject of efforts that
are reasonable under the circumstances to maintain its secrecy”

Section 2(3) of Indian Innovation Bill defines Confidential Information as “Confidential


Information means information, including a formula, pattern, compilation, program device,
method, technique or process, that: (a) is secret, in that it is not, as a body or in the precise
configuration and assembly of its components, generally known among or readily accessible
to persons within circles that normally deal with the kind of information in question; (b) has
commercial value because it is secret and (c) has been subject to responsible steps under the
circumstances by the person lawfully in control of the information, to keep is secret.

However, the definition in the Innovation Bill also appears to be based (more than the US
model law) on Article 39.2 of the TRIPs agreement.

SIGNIFICANCE OF TRADE SECRETS


Trade secrets in the industrial economy have increased greatly in the past few years, for a
number of reasons. There are mainly two reasons for that, one among them is that other forms
of intellectual property like Patent, Trademark and Copyright have an element of uncertainty
as compared to Trade Secret. Secondly, trade secrets have gained importance because, in
many fields, the technology is changing so rapidly that it has surpassed the existing laws
intended to encourage and protect inventions and innovations.

Another significant factor which has enhanced the value of trade secrets is the relative ease of
creating and controlling trade secret rights. There are no bureaucratic delays and no multiyear
waits for government grants, such as those for patents. Trade secret rights, in contrast, can be
established by the explicit conduct or agreement of the interested parties. A trade secret right
starts upon the creation of the idea in some concrete form, and continues as long as secrecy is
6|Page
maintained. Protection of information such as ideas or information which does not qualify to
be protected as intellectual property within the legal framework Intellectual Property Laws of
the land can be protected by Trade Secrets. They also have the advantage of being lasting
forever, again, as long as secrecy is maintained.

Of course, trade secrets have negative aspects. They are a volatile form of property, and they
terminate when secrecy is lost. Also, they require constant vigilance to protect them.
Nevertheless, trade secrets play a major role in protecting innovations and establishing rights
to use new technology. It is thus important for the intellectual property practitioner to be alert
to the intricacies of this large body of trade secret law.

POSITION IN INDIA
The intellectual property laws in India have had an almost docile and stagnant existence ever
since they were framed. Being a signatory of the TRIPs Agreement India is under an
obligation to bring its intellectual property laws in conformity with international standards.
India has achieved this to a large extent by enacting new and amending existing legislations
on intellectual property laws. However, unlike the US and other developed countries India has
no legislation dealing with trade secrets.

In India protection of trade secrets is Common Law based. However, section 27 of the Indian
Contract Act provides some sort of limited remedy, it bars any person from disclosing any
information which he acquires as a result of a contract. There are scores of reasons for the
absence of any statute dealing with trade secrets. India has since its independence followed a
socialist pattern because of which the Indian legal system has always strived for social benefit
and public rights as a result of which private rights like intellectual property rights have not
been given any importance. Another reason for absence of any trade secret laws is the
dependence of Indian economy on agriculture. Also, with the absence of big private corporate
houses in India until recently there has hardly been any pressure on the government for
granting statutory protection to trade secrets. Protection of trade secrets is a very important

7|Page
and one of the most challenging tasks for the Indian government as this will enhance the
foreign investment in India giving a boost to the Indian economy. Foreign investors have to
be assured of the protection of their trade secrets, so that they can do business with our
country. A proper policy for trade secret protection will further enhance the security in our
own industry. Almost all the countries in the world have a policy for the protection of trade
secrets and India also being a signatory to the TRIPS is under an obligation to amend its laws
or create a new law in order to safeguard the trade secrets of various businesses. So a proper
policy for the protection of trade secrets in India is the need of the hour in order to provide a
sense of security among the foreign investors and the local businessmen regarding their trade
secrets which will further boost the Indian economy.

As mentioned above, in India, no substantive authoritative text or case laws are available to
determine the nature or ambit of trade secrets. But the Indian courts have tried putting the
trade secrets of various businesses under the purview of various other legislations in order to
protect them and also they have tried to define what a trade secret is in various cases, Trade
Secret law has gained importance in India only recently with the intensification of
competition. Coca cola’s formula has been protected for over a century under Trade Secret
law.

Evolution of Cyber Law in India

With an increase in the dependency on the use of technology, the need for cyberlaw was
necessary. Much like every coin has two sides, therefore, the dependency on technology has
its pros and cons.

The rise of the 21st century marked the evolution of cyberlaw in India with the Information
Technology Act, 2000 (popularly known as the IT Act). The objective of Information
Technology laws in India is as follows:

 To provide legal recognition for all e-transactions

 To give legal recognition to digital signatures as a valid signature to accept agreements


online

8|Page
 To give legal recognition to keeping accounting books in electronic form by bankers as
well as other organizations

 Protection of online privacy and stopping cyber crimes

The Indian IT law updated the Reserve Bank of India Act and the Indian Evidence Act.

With the evolution of cyber law almost all online activities came under scrutiny. However,
one thing about cyber law is that there are certain areas on which cybercrime laws in India do
not apply such as:

 Negotiable Instrument being other than cheque

 Power of Attorney

 Will

 The contract for Sale or Conveyance of Immovable Property

 Central Government notified documents or transactions

PROTECTION OF CONFIDENTIAL INFORMATION/TRADE SECRET IN THE


HAND OF EMPLOYEES
As businesses are growing out of their parochial moulds and going global, effective trade
secret protection is becoming a necessity. Though there is no enactment in India that affords
protection to trade secret, businesses can use the tools mentioned below to safeguard these
trade secrets:

9|Page
Non-disclosure Agreements:

Sound and concise company policies and non-disclosure agreements with the employees
protecting confidential information and trade secrets are recommended so as to provide
contractual remedy in addition to the one under the common law. Such agreements should
define “confidential information” and the exceptions to confidentiality. Agreements should
have clauses negating a grant of an implied license, restrictions on disclosure, use and copy;
restriction on use of confidential information upon termination of the employment, return of
information upon termination and right to withhold salary and emoluments till such return.

Non-compete clauses, depending upon their applicability in the Indian context, read with the
confidentiality clauses would afford an organization added protection with respect to its
confidential information. Such provisions must have a clear purpose, which is to restrict the
use of confidential information and trade secrets obtained during employment and ensure that
employees do not compete unfairly. However, non-compete provisions would need to be
reasonable, and the Indian courts may treat a tough non-compete provision as unenforceable.
In order to ensure that the rights of third parties are not violated, the non-
disclosure/employment agreement should clearly impose an obligation on the employee not to
integrate into the organization’s data or intellectual property, any confidential information of a
third party. Employees should be required to indemnify the organization in case of violation
of this clause. If the organization has not executed such agreements at the time of
employment, subsequently executed agreements should expressly cover the confidential
information obtained by the employee from the date of his employment.

Internal Processes:

Strong internal controls and processes to protect confidential information should be in place.
Employees should be educated to identify information that is confidential or in the nature of a
trade secret, to enable them to make an informed decision. They should have a clear
understanding of their responsibilities to protect confidential matter and treat this as an on-

10 | P a g e
going process that is integral to their work. Data that is confidential should be clearly
indicated as such in all communications. Appropriate security procedures must be established
and followed by the company and access to specific sensitive areas of workplace restricted or
limited to certain senior employees only. Third-party interaction and disclosures should be
channeled only through specified personnel. Wherever feasible, confidential information
should only be shared with those employees who have a legitimate need to know such
information, thus enabling the employees to perform the assigned tasks.

An Exit-Interview:

During such an interview, an employee should be reminded of his obligations with respect to
the company’s confidential information and trade secrets and should be asked to sign a
document reaffirming his obligations. If an employment agreement was signed, the document
to be signed upon termination should be attached. A copy of the signed exit-interview form,
including the employment agreement, must be given to the employee. Such an interview not
only serves as a meaningful reminder but can also be valuable evidence of employee’s
knowledge of such obligations. Success of suits for protection of confidential information and
trade secrets depends upon production of satisfactory evidence to prove confidentiality of the
information, act of disclosure and the damages caused thereby, as well as the reasonability of
such restriction.

TRADE SECRET vis-à-vis OTHER INTELLECTUAL PROPERTY RIGHT


Trade secret protection presents no conflict with the patent law, as it is consistent with the
patent policy of encouraging inventions. However, for trade secret protection, uniqueness in
the patent law sense is not required. Further, the owner of a trade secret, unlike the holder of a
patent, does not have an absolute monopoly on the information or data that comprises the
trade secret. Other companies and individuals have the right to discover the elements of a
trade secret through their own research and hard work.15 Consequently, inventors of items

11 | P a g e
that may meet the standards of patentability would prefer to seek patent protection because
such protection is far superior to the protection afforded by trade secret laws.

As far as copyright protection is concerned, there is no copyright in ideas and hence copyright
law cannot protect confidential information. Section 16 of the Copyright Act, 1957 (“the
Copyright Act”) states that nothing in the Copyright Act should be considered as restraining
an action for breach of confidence or breach of trust. There is thus no copyright pre-emption
of trade secret misappropriation claims.

CONFIDENTIAL INFORMATION
Initially, an objective test dependent on the expectations of reasonable men was adopted. A
subjective element was introduced by the decision in Thomas Marshall (Exports) Ltd. v.
Guinle where the plaintiff sought an injunction against the Managing Director who had set up
a competing business. The Court observed that information became confidential only when
the owner of the information has a reasonable belief that its release would be harmful to him
and that it was outside the public domain. This implies that the belief of the owner of the
information must be taken into account while determining whether information is
confidential.

These decisions were reviewed by the House of Lords in the famous Spycatcher case. A
British spy published a book containing confidential information he had learnt during his
career. Although the British Government sought an injunction, the action failed on the ground
that the information had lost its confidential character, as this book was available in other
countries. Hence, information must remain outside the public domain if it is to be protected.

However, the Court did not decide whether the above reasoning tantamount to allowing the
holder of confidential information to rid himself of the obligation of confidence by disclosure.
Lord Goff explained the “springboard principle” and held that disclosure by a third party does
12 | P a g e
not release the confidant from his obligations. This reluctance shown by the courts to allow a
confidant to benefit by breaching his confidence prevents an unequivocal declaration that
information, which is confidential, cannot be public. Nonetheless, where the holder of the
information himself discloses the information, no action for breach of confidence will lie. A
lapse of time may also result in breach of confidentiality.32

What is the Threat to Trade Secrets in Cyberspace?

Trade secrets in cyberspace, which involve software and digital information, can be
misappropriated or wrongfully taken and used without detection. It is also known as
“cybertheft.” For example, an online user has the capacity to view and distribute trade secrets
without detection within minutes. Online message boards allow users to post trade secrets
over the web anonymously. By concealing their identity, it is possible to steal a trade secret
without detection. Indeed, the courts continue to issue decisions that recognize individual
privacy rights in digital trade secret misappropriation cases, preventing the trade secret owner
from seeking legal remedies. Furthermore, in the past, trade secret theft was intended to
secure an economic advantage between competing companies. However, recent cases, such as
Ford Motor Co. v. Lane, illustrate that trade secrets are vulnerable to dissatisfied employees
who distribute trade secrets only to harm an employer. On a side note, hackers may even steal
and distribute trade secrets simply to show off their technical skills.

How Can an Owner Protect Trade Secrets Over Cyberspace?

Trade secret owners must act quickly to protect confidential information and prevent
infringement. To secure legal protection in the event of an unauthorized use of a trade secret,
the owner must initiate litigation immediately. This is necessary because once a trade secret
enters the public domain it loses its value and is thereby immune from legal protection.
However, an owner who diligently monitors trade secrets can seek a court order that prohibits
future use or any distribution of the secrets at the first sign of unauthorized use. Both civil
13 | P a g e
and criminal litigation may be necessary forms of legal relief. Also, the most common cases
of trade secret misappropriation involve corporate spies or employees. Therefore, it is
important for a company to implement effective data-use policies, network monitoring and
intrusion detection systems to prevent access without authority. Additionally, well-drafted
employee agreements can help employers avoid trade secret theft. Depending on the
circumstances of employment, an employer may be able to utilize non-disclosure or
confidentiality agreements to protect trade secrets.

MISAPPROPRIATION OF TRADE SECRETS: LIABILITY OF THIRD PARTIES


American courts have developed the tort of misappropriation, which imposes liability on third
parties for the use of trade secrets. This tort is not committed by a person who uses or
publishes a trade secret unless that person has used some unlawful means or breached some
duty created by contract or implied by law resulting from some employment or similar
relationship.37 It is the use of improper means to procure the trade secret, rather than the mere
copying or use, which is the basis of liability.

UTSA contains definitions of “misappropriation” and “improper means”. The American


Restatement of Laws has modernized the definition of “improper means” to include “the
unauthorized interception of communications”. This implies that even computer hacking is
included in the definition of improper means. The Restatement is clear that “improper means”
that are “either wrongful in themselves or wrongful under the circumstances of the case”
come within the tort of misappropriation.

Though English courts have not framed the issue in terms of “improper means”, the rationale
for imposing liability on third parties seems to be the same in both English and American law.
Courts have held that even if there is no contractual nexus between the parties, liability arises
if the confidentiality of the information is obvious. It must be emphasised that third parties are
liable only when the information is not only known, but also known to be confidential in
character.

14 | P a g e
The Law Commission has recommended that the duty should be broader and prevent, for
example, a company that has received information in confidence during the course of
licensing negotiations from turning that information to its own use, though without disclosing
it further.45 Thus, there is a need for reforming the law in this regard.

In India, the tort of misappropriation has not gained judicial recognition. However, Indian
courts can adopt the common law approach and grant relief.

CONCLUSION:
Cybersecurity is a hot button for all businesses these days. However, in the flurry of new
privacy regulations and the focus on protection of consumer data, many businesses are not
paying enough attention to how they could – and should – be using cybersecurity protocols to
protect valuable trade secrets.

Trade secret protections apply broadly to business, financial and technical information, so
long as: (1) the information is not generally known or ascertainable outside the owner’s
organization and control; (2) the owner derives independent economic value or business
advantage from the information not being known; and (3) the owner makes reasonable
efforts to preserve its secrecy.  The unauthorized disclosure of trade secrets can lead to loss of
strategic advantage over competitors and harm to your company’s finances and reputation.
Failing to adequately protect trade secrets could also result in losing a misappropriation case
against a bad actor.

Trade secret rights are secured and maintained solely by “reasonable efforts” to preserve their
secrecy, which must be both internal (i.e., with employees) and external (i.e. with third party
vendors).  While appropriate steps to protect trade secrets include offline actions like using
non-disclosure agreements or physically locking confidential information away, courts are
also now considering the adequacy of cybersecurity measures when they analyze reasonable
efforts.

15 | P a g e
So, in the trade secret world, what is a reasonable “cyber” effort?  Like cybersecurity
technology, case law on this issue is continuously evolving.  However, if you possess any
trade secret information that is stored or communicated electronically, we recommend, at a
minimum, the following:

1. Ensure you have appropriate access protections in place. Trade secret information should
be password protected and stored on a secure server.  Review your firewalls, encryption
procedures, anti-virus software and the like.  Stay current with software patches and
consider encryption for data at rest as well as for data in motion.  Access credentials
should require multi-factor authentication.

2. Limit the people who have access to your electronic information (think “least rights”
access). Consider limiting electronic access to those specific employees or agents who
actually need the information.  The more people who have access to trade secrets (and the
ability to share it with just the click of a mouse), the higher your risk of breach or
misappropriation.

3. Train your employees and agents on appropriate use of your electronic systems. For
example, remind them not share their passwords with anyone (even co-workers) and
educate them on using company devices (like laptops and smartphones) correctly when
they are offsite.  Consider how your employees connect to your system when working
remotely (i.e. require them to only use password protected Wi-Fi networks, and not
public Wi-Fi).  Think about limiting or prohibiting use of USB ports or other portable
drives on company computers.  Teach your employees how to recognize phishing
attempts.

4. If you allow employees to access your systems from personal devices, consider an
appropriate “BYOD” (bring your own device) policy and technology to secure the work
environment on those devices.

5. Restrict departing employees’ access to electronically stored information. Following


termination, disable access to IT systems, change passwords, and make sure company-
owned devices are returned.

16 | P a g e
6. Ensure that you are monitoring and improving your cybersecurity efforts periodically.
Consult experts about the latest developments in technology.  Conduct regular training
about appropriate use of electronic systems and advise your employees of the risks of
failure to follow protocol.

7. Revisit confidentiality agreements with third parties and consider whether they reflect
cybersecurity protocols.

Once your “crown jewels” are exposed, you cannot “recapture” them.  Be smart, be secure
and be prepared.

17 | P a g e
BIBLIOGRAPHY

 http://www.legalindia.com/protection-of-trade-secret-and-confidential-information-
india-perspective/
 http://www.ipmall.info/hosted_resources/gin/PDalal_DATA-PROTECTION-LAW-
IN-INDIA.pdf
 http://www.legalserviceindia.com/cyber/cyber.htm
 http://www.lawctopus.com/academike/cyber-crimes-other-liabilities/
 http://www.iccwbo.org/Data/Documents/Intellectual-property/Trade-Secrets-Tools-
for-Innovation-and-Collaboration/

18 | P a g e

You might also like