With stories of cyberattacks and data breaches on a seemingly endless loop, businesses and governments have been doubling down on their efforts to protect digital information and assets. But, in some industries, the greatest threat might still be a pair of quick hands. For instance, in the restaurant industry, opening the kitchen doors to a new employee creates real risks. As we’ve discussed, sometimes the decision whether to print or download can have major legal ramifications. And with computer forensics technology growing in leaps and bounds, sometimes an old-school paper trail might be more enticing to would-be perps than a digital one. That said, the FBI has a track record of turning up bags of shredded documents in grocery store dumpsters.
Traditional methods of industrial espionage and theft of tangible items remain a real threat. Recognizing this risk, a new law proposed in North Carolina—the North Carolina Property Protection Act—House Bill 405, will beef up employer protections with respect to property theft, undercover surveillance, and other subjects—not only in agriculture (where so-called “ag gag” laws are fairly common), but in all industries. Among other things, the law will make it illegal to apply for a job for any reason other than a “bona fide intent of seeking or holding employment” and will make it illegal to make audio or video recordings, take photographs, or remove data, paper, records, or other material from any area that is not open to the public and use such information to breach the person’s duty of loyalty to the employer.
It remains to be seen what will come of this new law. In the meantime, however, trade secret owners must be vigilant when it comes to safeguarding all forms of trade secrets. Below are some questions that trade secret owners might want to ask themselves as part of their risk assessment:
- Are employees and third parties with access to trade secrets required to sign confidentiality agreements?
- Are employees required to re-sign confidentiality provisions upon separation from employment acknowledging that the employee is not taking and will not use confidential information?
- Is the trade secret information marked plainly and obviously as “Secret,” “Confidential,” “Restricted Access,” or with some other appropriate term?
- Are visitors, guests, and nonessential personnel restricted from areas in which secret processes or machines are developed, operated, or displayed in a way that could be considered unreasonable to a knowledgeable observer?
- Are visitors and guests allowed to visit factories or facilities where secret processes or machines are in use or operation?
- Are all visitors, including suppliers, vendors, and maintenance persons, required to sign in, state the nature of their visit, indicate with whom they are visiting, and sign out?
- Are special internal procedures in place to verify the service calls of repair and service personnel, including verifying the service person’s credentials and the purpose of the visit?
- With respect to doors and entryways leading to areas where secret processes are maintained or performed or where machinery is operated, does the company make sure that they are kept locked? Are keys issued only to those employees who need them?
- If security and alarm systems are required to protect a secret process effectively, are they installed? Are security guards used when necessary?
- Are employees instructed not to discuss secret company projects in the presence of visitors, especially suppliers and vendors?