A federal judge in Chicago recently taught a painful lesson to an Illinois employer: even if information is sufficiently sensitive and valuable that it could qualify as a “trade secret,” it won’t unless the owner of the information took adequate steps to protect its secrecy.
In a thorough opinion issued in the case, Abrasic 90 Inc., d/b/a CGW Camel Grinding Wheels, USA v. Weldcote Metals, Inc., Joseph O’Mera and Colleen Cervencik, U.S. District Judge John J. Tharp, Jr. of the Northern District of Illinois explained that “there are two basic elements to the analysis” of whether information qualifies as a “trade secret”: (1) the information “must have been sufficiently secret to impart economic value because of its relative secrecy” and (2) the owner “must have made reasonable efforts to maintain the secrecy of the information” (internal quotation omitted).
According to Judge Tharp’s opinion in Abrasic 90 Inc., when the long-time president of grinding disc manufacturer CGW Camel Grinding Wheels (“CGW”) left CGW to start a competing business, Weldcote Metals, Inc. (“Weldcote”), he took with him a flash drive with information about CGW’s pricing, customers, and suppliers. He later hired another former CGW employee to join him at Weldcote and she, too, brought with her CGW information that she believed “might be helpful to her at Weldcote.” Some of this CGW information was uploaded to Weldcote’s computers and used “as a general reference point and a benchmark when determining some of Weldcote’s initial needs,” and some of the CGW information was shared with Weldcote sales reps, who were “instructed” to “target key CGW distributors.”
With these facts, CGW no doubt thought it had a compelling claim for trade secret misappropriation and that it was likely to receive injunctive relief. But Judge Tharp denied CGW’s request for a preliminary injunction under the federal Defend Trade Secrets Act and the Illinois Trade Secrets Act, in large part because he found that CGW had taken “almost no measures to safeguard the information that it now maintains was invaluable to its competitors.” In fact, Judge Tharp wrote that CGW’s data security “was so lacking that it is difficult to identify the most significant shortcoming.”
According to Judge Tharp, the following were among the data security measures that CGW could have taken, but did not:
- entering into non-disclosure and confidentiality agreements with employees;
- enacting a policy regarding the confidentiality of business information “beyond a vague, generalized admonition about not discussing CGW business outside of work”;
- training “employees as to their obligation to keep certain categories of information confidential”;
- asking departing employees whether they possessed any confidential company information, and if they do, instructing them to return or delete it;
- adequately training CGW’s IT manager about data security practices;
- restricting access to sensitive information on a need-to-know basis; and
- as appropriate, labelling documents “proprietary” or “confidential.”
And so, the moral of this story is that if a company wants to claim that its information is a statutory trade secret, it needs to employ information security measures reasonably consistent with that claim. Companies which ignore the lesson taught by Judge Tharp do so at their own peril.