Category Archives: Noncompete/Trade Secret

September 2, 2015

Utah Supreme Court: Misappropriation of Trade Secrets Presumes Irreparable Harm

A Utah employer has dodged a $229,482 fee award and can continue its lawsuit against a former employee for misappropriation of company trade secrets and violation of a non-disclosure agreement. The Utah Supreme Court recently revived InnoSys, Inc.’s claims against a former engineer, Amanda Mercer, holding that the company established a prima facie case of trade secret misappropriation that gave rise to a rebuttable presumption of irreparable harm. The divided Court reversed the grant of Mercer’s summary judgment motion, allowing the company to take its claims to trial. InnoSys, Inc. v. Mercer, 2015 UT 80.

Employee Copied Sensitive Company Information to Thumb Drive and Personal Email Account

During her employment as an engineer for InnoSys, Mercer forwarded confidential company emails to her personal Gmail account. On the day that she was terminated for poor performance, Mercer copied the company’s confidential business plan onto a thumb drive.

Following her termination, Mercer filed a claim for unemployment benefits with the Utah Department of Workforce Services. After her claim was denied, she appealed, submitting a number of protected documents, including the confidential business plan and protected emails, into the administrative record. At that point, InnoSys began asking for details as to when and how she gained access to the confidential materials. Mercer then deleted all of the emails and InnoSys files. InnoSys filed a complaint in court, alleging that Mercer had breached her non-disclosure agreement (NDA), misappropriated company trade secrets in violation of the Uniform Trade Secrets Act (UTSA) and breached her fiduciary duty to the company.

Employee Changed Her Story But Still Won Judgment From Lower Court

Throughout discovery, Mercer changed her story regarding the use of her Gmail account and the timing of her acquisition of the company’s confidential business plan. Despite first claiming that she had IT’s permission to transfer company emails to her personal Gmail account, Mercer later admitted that she did not have anyone’s permission to do so. As to the business plan, Mercer initially testified in her deposition that she had copied the business plan onto a thumb drive because she had been asked to review the plan the day before her termination and was unable to access it via the company’s secure remote network. She later admitted that she copied it on the day of her termination and did not have it in her possession the day before she was fired.

Despite Mercer’s inconsistent statements regarding how she obtained the company’s confidential information, the district court ruled in Mercer’s favor on all of InnoSys’s claims. It did so after concluding that “there was no objectively reasonable basis to believe that Mercer had harmed InnoSys or was threatening to do so.” In addition to dismissing all of InnoSys’s claims against Mercer, the lower court also granted Mercer’s motion for sanctions against InnoSys and to collect attorneys’ fees as the prevailing party. The court ordered InnoSys to pay Mercer $229,481.58. InnoSys appealed.

Evidence of Harm

At the crux of the appeal was whether InnoSys needed to provide sufficient evidence of harm or threatened harm as a result of Mercer’s misappropriation and/or disclosure of company trade secrets to avoid summary judgment and proceed to trial. The lower court had found that InnoSys had not presented sufficient evidence that it had been harmed by Mercer’s admitted taking and disclosure of confidential company information and therefore, could not support its claims.

The Utah Supreme Court disagreed, holding that where a company establishes a prima facie case of misappropriation of trade secrets under the UTSA, it is entitled to a presumption of irreparable harm. The company was not required to produce evidence of financial damages as it also sought an injunction to prevent Mercer from further disclosing or using its confidential information.

The presumption of irreparable harm, as well as affirmative evidence of threatened harm, was also enough to keep alive the company’s claim for breach of the NDA. By reversing the grant of summary judgment in Mercer’s favor, the Court overturned the award of sanctions and attorneys’ fees against InnoSys.

Lessons Learned

First, put procedures in place to retain all signed employee agreements and documents. InnoSys initially could not find the NDA that Mercer had signed when her employment began. The lower court was hard on the company for that failure, and did not want to accept a copy of its standard NDA as evidence of what Mercer signed. The company eventually found the NDA signed by Mercer but the turmoil caused by its absence highlights the importance of strict record keeping for important employee agreements. Be certain to keep your signed agreements and acknowledgments in a secure location. You never know when you might need to enforce them.

Second, when employment ends for any reason, take steps to ensure that the departing employee returns all company information and property without retaining any copies. It is unclear from the opinion whether InnoSys asked Mercer for the return of any company materials when she was fired but it appears that it learned she had confidential company information after she submitted the company documents as part of her unemployment appeal. Don’t wait until after there has been a disclosure or further misappropriation but instead, proactively cut off access to company materials and seek the return of all company property. And remind departing employees of their continued obligations under confidentiality policies and NDAs.

Finally, enforce your NDAs to ensure continued protection of your company trade secrets and other proprietary information. Allowing a former employee to retain or disclose confidential information will undermine your future chances of arguing that such information is indeed a trade secret. You must continually guard that information or it will lose its protected status.

Click here to print/email/pdf this article.

November 17, 2014

When Key Employees Go To A Competitor

By Mark Wiletsky

Your executives and top salespeople have access to your most valuable business strategies, sales contacts, growth plans and innovations. What do you do when one (or more) of your key employees leaves to work for a competitor? Without the correct agreements in place to protect your proprietary information, you may have little recourse.

Don’t Rely on a Court to Protect Your Business Information

When a key employee leaves to go to a competitor, the former employer often scrambles to seek a court injunction to prevent the employee from working for the competitor and to stop the employee from disclosing or using trade secrets and confidential information. But courts are not always willing to prevent an employee from moving on, especially if the company does not have a reasonable and otherwise enforceable non-compete agreement in place.

In a recent case in Colorado, a high level executive used his company-issued laptop to send an email containing his business contacts to his personal email address as he began negotiating to work for a competitor. He also downloaded some business information onto a personal external hard drive and thumb drive and kept physical copies of certain business documents in a box in his car. About three weeks later, the competitor hired the executive.

There was no evidence that the competitor requested or obtained from the executive any confidential information, the executive had signed only a nondisclosure agreement with his former employer, and the executive agreed to an injunction preventing him from using his former employers confidential information or trade secrets. Nevertheless, the former employer asked the federal court in Colorado to prevent the executive from working as the competitor’s President for one year, arguing that he had threatened or would inevitably disclose its trade secrets in his new job. Despite the executive’s decision to transfer information to his personal devices just before leaving the company, the court denied the company’s request, citing a lack of evidence that the executive had or would use his former company’s trade secrets to its competitive disadvantage. Cargill Inc. v. Kuan, No. 14-cv-2325 (D.Colo. Oct. 20, 2014). The judge noted that enjoining the executive from working for the competitor would, in effect, afford his former employer something it could have obtained or bargained for: a covenant not-to-compete.

Employment-Related Agreements to Consider

Keeping proprietary information confidential can be key to the future prosperity and competitiveness of your business. You can help protect that information from walking out the door by having key employees sign one or more of the following agreements:

Non-compete agreement: the restriction on working for a competitor must be reasonable in time and geographic scope, and comply with other applicable state law requirements;
Confidentiality agreement: requires employees to keep secret your company’s trade secrets and other proprietary information;
Non-solicitation agreement: restricts an employee from soliciting customers (who must be defined in the agreement) or from soliciting other employees to go to work elsewhere; and
Assignment of inventions: any products, inventions, innovations and other developments created during the worker’s employment are assigned to and owned by the company.

Depending on the circumstances, you may want to incorporate some or all of these provisions into a single agreement, and you may need to address varying state law requirements (or choice of law and venue issues) depending on where your employees are located. However, be careful to tailor your agreements to each type of key employee. For example, the non-compete for your CEO or general manager may need different restrictions than a similar agreement for your Regional Sales Manager. And be sure not to use a non-compete with all employees—including lower level ones who have no need for such post-employment restrictions—because it will diminish your justification for asking a higher-level employee to sign the same or similar agreement.

The bottom line is that you need to be proactive in protecting your vital assets, including your confidential information and your key employees. Taking steps now to implement proper agreements will go a long way in protecting your business down the road when key employees decide to depart.

Click here to print/email/pdf this article.

February 26, 2013

Who Owns Your Employees’ LinkedIn Profiles? The Answer Might Surprise You.

By Mark B. Wiletsky

If your employees use LinkedIn to establish and maintain contacts for business purposes (such as sales), what happens to those accounts—and contacts—when the employee quits or is fired? Can an employer who has access to an employee’s LinkedIn profile change her password and replace information in her profile following her termination? No, says at least one federal judge in Pennsylvania recently, though that case is not yet over. As explained below, employers should be careful before assuming that they own their employees’ LinkedIn profiles.

Employer Access to High Level Executive Profiles

Edcomm, Inc., a banking education company, strongly urged its employees to create LinkedIn accounts using their company email addresses as a business networking tool. It had employee policies governing online postings and specified that if employees identified themselves as an Edcomm employee, they needed to use a specific template that contained pre-approved content about the company and referred to the company’s website. The company provided a photographer to take professional photos for employee use on their LinkedIn accounts. It also allowed some Edcomm employees to access, develop and administer the LinkedIn accounts of senior management, such as responding to invitations, inviting new contacts and researching good news stories to include on their LinkedIn pages.

After being acquired by another company, Edcomm, Inc. terminated its company president and founder, Linda Eagle, as well as several other top executives. After her termination, Edcomm locked Eagle out of her LinkedIn profile by changing her password. It then changed the information on the profile to that of the new acting CEO.

Company Argues LinkedIn Account was Akin to a Client List

Eagle sued Edcomm alleging numerous violations of state and federal law, including invasion of privacy by misappropriation of identity, misappropriation of publicity, identity theft and conversion. Edcomm argued that the LinkedIn accounts were used to contact new clients and promote the company’s services. As such, the company claimed that its take over of Eagle’s account was similar to the company keeping possession of a client list after an employee is terminated.

The Judge didn’t buy it. At a recent hearing, Judge Ronald Buckwalter stated that Edcomm likely had no right to change Eagle’s LinkedIn password and change her profile information. He noted that the company had no internal policy that would hand over ownership of employee profiles when employees left the company and that the LinkedIn accounts belonged to the individual employees.

Be Prepared For An Employee’s Departure

Although it is wise to implement a social media policy to address employee use of company information on personal or company-sponsored social media accounts, you need to be wary of who owns the rights to such information. First, as indicated in the Edcomm case above, you risk potential invasion of privacy and other claims. Second, the employee might have rights to the account independent of the employer, as established in an agreement between the service provider and the employee. At a minimum, consider implementing specific policies that address these issues up front, and consider what services your employees are using to establish and maintain connections with clients. The fact that contacts are connected through LinkedIn, Facebook, or some other social media site can significantly impact an argument that such contacts are protectable trade secrets. Lastly, don’t forget that forcing access to employees’ social media can be risky. Four states have enacted legislation to prohibit or restrict employers from asking for social media access and many other states are currently debating similar restrictions.

July 30, 2012

Court Narrows CFAA

By Mark Wiletsky

In today’s digitized workplace, it is easier than ever for employees to steal information. Whether through a thumb drive, external hard drive, e-mail, or other means, employees can easily transfer reams of information in mere seconds, often without detection until it is too late. Because such information is often incredibly valuable–and potentially harmful when improperly used by a competitor or another–organizations sometimes are forced to sue an employee and/or the employee's new employer for misappropriating such information. At times, law enforcement may be involved. But often, it is up to the employer to initiate a civil action.

Although a variety of claims may be asserted in such circumstances, employers sometimes turned to the Computer Fraud and Abuse Act (or CFAA) for relief. The CFAA is a federal statute that provides civil and criminal penalties when an employee, among other things, intentionally accesses a computer without authorization, or exceeds authorized access to a computer and obtains anything of value or causes damage. On its face, the statute appears to prohibit an employee from using his or her access to a computer to misappropriate his employer’s trade secrets or other confidential information. A recent decision by the Fourth Circuit Court of Appeals, however, concluded otherwise.

In WEC Carolina Energy Solutions LLC v. Miller, the employee (Miller) allegedly downloaded WEC’s proprietary information, at the direction of a competitor, and then used the information to help the competitor solicit a customer. WEC sued Miller under a variety of theories, including conversion, tortious interference with contractual relations, civil conspiracy, misappropriation of trade secrets—and violation of the CFAA. The district court dismissed the CFAA claim and remanded the remaining claims to state court. On appeal, the Fourth Circuit affirmed the dismissal of the CFAA claim.

Because the CFAA contains criminal penalties, the Fourth Circuit adopted a narrow interpretation of the CFAA. It distinguished situations in which an employee exceeds his access to information—which may violate the CFAA—from those in which the employee merely uses his authorized access to misappropriate information. For example, an employee “accesses a computer ‘without authorization’ when he gains admission to a computer without approval” and he “‘exceeds authorized access’ when he has approval to access a computer, but uses his access to obtain or alter information that falls outside the bounds of his approved access.” In WEC, the court concluded that Miller had authorization to access to the information at issue, despite WEC’s policies preventing the improper use of such information. Thus, even though Miller had no authority to download and/or transfer it for another’s use, he was not liable under the CFAA. The court noted that a contrary interpretation could result in criminalizing otherwise innocent conduct, such as when an employee violates a policy against downloading information so that he can work at home.

Interestingly, the Fourth Circuit sided with the Ninth Circuit on this issue, adding to the Circuit split. The Seventh Circuit previously reached a contrary result. It held that an employee may be liable under the CFAA when he accesses a computer or information on a computer in a way that is adverse to his employer, as doing so terminates his agency relationship and any authority he otherwise has to access such information. Int’l Airport Ctrs., LLC v. Citrin, 440 F.3d 418, 420-21 (7th Cir. 2006).

The Fourth Circuit’s narrow interpretation of the CFAA, if adopted by other courts or, eventually, by the Supreme Court, is disappointing to those who seek to hold rogue employees accountable for misappropriating confidential or proprietary information. The CFAA allows employers access to federal courts in these types of situations, which at times may be the preferred venue, and contains other stiff penalties. Still, and as noted in WEC, employers have other options at their disposal, including a variety of state law claims that can be very effective.

Practical Tips

Even though the Fourth Circuit held that Miller did not violate the CFAA by his actions, it is a good idea to review and potentially update your computer use policies, especially if you have not done so in a while. Technology changes so rapidly that policies may be out-of-date soon after they are issued. At a minimum, be clear about the confidential and sensitive nature of information available on your systems, and permissible uses of such systems. If employees have limited access to certain databases or areas, be sure to emphasize such limitations and the potential penalties for violating those limitations. Also, don’t forget to remind employees that they have no expectation of privacy when using or accessing your organization’s computer resources. You may not always be able to prevent an employee from misappropriating confidential or proprietary information, but strong policies and practices are a good deterrent and a strong tool to use if you have to sue an individual who engaged in such conduct.