Yesterday’s headline (above) in the Sunday Times is a timely reminder to UK business about the importance of “trade secrets data” as an intellectual asset and the need for clarity as to its meaning.
Up until the Trade Secrets (Enforcement, etc.) Regulations 2018 [the new Regulations] the UK had no statutory definition for what constitutes “trade secrets data”. The common law had previously used the term in one of two ways, either for post-employment restraints legitimately imposed on former employees or meaning technical/business data imparted to the recipient under an express or implied obligation of confidentiality.
In an attempt to catch-up with legislative protection in the USA and Japan, the EU Commission introduced Directive 2016/943 on the protection of undisclosed know-how and business information (trade secrets) against their unlawful acquisition, use and disclosure. This Directive used the definition for “trade secrets data” provided for under Article 39.2 of the Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPs), implementing which the new Regulations state at Section 2 that a “trade secret” constitutes data which:-
“(a) is secret in the sense that it is not, as a body or in the precise configuration and assembly of its components, generally known among, or readily accessible to, persons within the circles that normally deal with the kind of information in question,
(b) has commercial value because it is secret, and
(c) has been subject to reasonable steps under the circumstances, by the person lawfully in control of the information, to keep it secret;” (emphasis added)
The preamble to the Directive makes clear secret “excludes trivial information and the experience and skills gained by employees in the normal course of their employment, and also excludes information which is generally known among, or is readily accessible to, persons within the circles that normally deal with the kind of information in question.” Further, that data has a commercial value, “where its unlawful acquisition, use or disclosure is likely to harm the interests of the person lawfully controlling it, in that it undermines that person’s scientific and technical potential, business or financial interests, strategic positions or ability to compete.”
However, there is no definitive guidance on what constitutes reasonable steps under the circumstances, although there would seem to be an expectation within the wider legal community that SMEs will not be put to the same legal standard as larger more resourceful corporations (see Trade Secrets – reasonable steps, published in the Journal of the Chartered Institute of Patent Attorneys October 2019 / Volume 48 / Number 10 at 18).
What is clear, however, is the new Regulations offer no protection to UK businesses under the criminal law. Whereas the U.S. Defend Trade Secrets Act 2016 may make it a federal offence to steal trade secrets data, such data is unlikely to even be considered as “property” within the meaning of the UK Theft Act 1968.