Embed Size (px)
DESCRIPTION
Citation preview
TRADESECRETSINCLOUDCOMPUTING
[FINALTHESISPAPER]
KHYATIDHULIA
UNIVERSITYOFWASHINGTONSCHOOLOFLAW
SPRING2010
ADVISOR:PROF.G.ROBERT
2
TableofContents
I. ABSTRACT...................................................................................................................................... 3
II. INTRODUCTION ............................................................................................................................ 3
III. BASICINTRODUCTIONTOCLOUDCOMPUTING........................................................................... 5
IV. OVERVIEWOFTRADESECRETLAW.............................................................................................. 8
V. THEPROBLEM:TRADESECRETLAWAPPLIEDTOCLOUDCOMPUTING ........................................ 30
VI. MEASURESTOBEADOPTEDBYENDUSERTOSAFEGUARDTRADESECRETUNDERREASONABLE
STANDARDTEST................................................................................................................................. 36
VII. CONCLUSION ........................................................................................................................... 41
3
I. Abstract
Trade secrets provide protection against the misappropriation of undisclosed information
whichhas economic value andwhich theowner has taken reasonable steps to protect from
disclosure. The paper analyzes and discusses the legal issues of hosting data in the cloud in
contextoftradesecret law. Itstartswithbasic introductiontocloudcomputingandexplains
thedifferenttypesofservicesofferedtotheenduserbythecloudserviceprovider.Itdiscusses
in detail the reasonable standard test under the doctrines of various judicial principles and
enumerates the steps, which the various courts have regarded as reasonable. It lists all
measuresthattheenduserofcloudcomputingservicescantaketosafeguardthetradesecret
under reasonable standard test. The discussion goes on further to understand the various
jurisdictional issues that arise because the data in the cloud might be stored in different
locations. At the end, it provides a checklist that could help the end user to leverage the
benefitsofcloudcomputingwithoutlosingthetradesecretstatusofdataorapplication.
II. Introduction
“Ifnaturehasmadeanyonethinglesssusceptiblethanallothersofexclusiveproperty,itisthe
actionofthethinkingpowercalledanidea,whichanindividualmayexclusivelypossessaslong
ashekeeps it tohimself;but themoment it isdivulged, it forces itself into thepossessionof
everyone,andthereceivercannotdispossesshimselfofit”1.
1Deborah Azar, Method to protect computer programs: the integration of copyright, trade secrets, andanticircumventionmeasures. Utah L. Rev. 1395 (2008) Original Citation: Letter from Thomas Jefferson toIsaacMcPherson (Aug. 13, 1813), 13, THEWRITINGSOFTHOMAS JEFFERSON326, 333–34 (Albert ElleryBerghed.,1907).
4
Thequintessenceofheartofthetradesecretlaw2isthattheinformationisprotectedaslong
as, it iskeptasecret.Oncetheinformationisexposed, it losesthesecrecycomponentandis
available for use to the rest of the world. Information technology is rapidly changing the
mechanism in which information is acquired, processed, organized and stored in various
applications.Thisexplosivegrowthintheexchangeofinformationbringsnewchallengestothe
relevanceandapplicationoftradesecretlaw3.
Moreover, theemergenceof the Internetanddigitalizationareposingnewchallenges to the
oldandestablishedprinciplesoftradesecretlaw.TheadventofInternetanddigitalizationhas
a lasting impact inthemanner,weprotectandsafeguardourtradesecrets.Tradesecret law
has not changed in last twenty years, and therefore emergence of electronic storage and
disseminationof company’smostprizedbusiness strains the law’s ability toprotect valuable
information.4.The new technological breakthrough in the arena of technology is cloud
computing.Whencompaniesusecloudcomputing,they,nolongerhavetostoredataintheir
owndatacentersbutinsteadstoreitincloudandleveragetheeconomiesofscaleandresulting
costsavings.Informationstoredinsafetyofone’shouse,office’sprivateserverorharddiskin
comparisonwithstorageinthirdparty’sremotedatacenterposesquestionnotonlyaboutthe
securityoftheinformationbutalsoaboutprotectionaccordedunderregimesoflawliketrade
secret.Tradesecretlawisoneofthemostelusiveanddifficultconceptsinthelawtodefine5
2RobertC.Dorr&ChristopherMunch,ProtectingTradeSecrets,Patents,CopyrightsandTradeMarks,§2.01[B],ThirdEdition,WileyLawPubns(1980)3Arbi.B.Good,TradeSecretsandtheNewRealitiesoftheInternetAge2.Marq.Intell.Prop.L.Rev.51(52‐54)(1998)4BabraaL.Moore.ProtectingtradesecretsontheInternet.ExecutiveCounsel,http://www.eapdlaw.com/files/News/44bbfbfe‐67c9‐407c‐a160b3da02488307/Presentation/NewsAttachment/26a05ae8216c4dc983f5bc4b3d016c99/Protecting%20Trade%20Secrets_Barbara%20Moore.pdf5LearSiegler,Inc.v.Ark‐EllSprings,Inc.,569F.2d286,288(5thCir.1978)
5
andhenceitsapplicabilityandadaptabilitytothisvirtualizedworldofcomputingiscomplicated
to comprehend. Storage of the valuable information in the far realms of the remote data
centershasseveral legal implications,which isoutsidethescopeofthispaper.However, this
paper will focus on cloud computing specifically in the context of reasonable standard test
undertradesecretslaw.
III. BasicIntroductiontoCloudComputing
Innovationfosterstechnologyandtechnologychallengestheoldschoolofthoughtoflegalities.
Fosteringinnovationisthegenesisofintellectualpropertylaw.Inthepastera,therehavebeen
number of technological changes that have changed the way we live today. Themanner in
whichmassproductionofelectricity inasingleunithaschangedtheeconomicsofscale, ina
similar fashion, cloud computing is changing the way in which companies store their data
and/orhostapplications.NicholasCarrofBigSwitchemphaticallystatesthat“Now,wearein
midstofanotherepochaltransformation.Whathappenedtothegenerationofpowerofcentury
agoisnowhappeningtotheprocessingofinformationinformofcloudcomputing”6.Typically,
the cloud computing infrastructure resides in a large data center and ismanaged by a third
party,whoprovidescomputingandstorageresources,anywherewithanInternetconnection7.
InCloudComputing, thecustomersdonotownthephysicalhardwarebut instead“rent” the
resources thatareprovidedby thecloud serviceprovider.Cloudcomputinghas changed the
6NicholasCarr,TheBigSwitchRewiringtheworldfromEdisontoGoogle,W.W.Norton&Company;Reprintedition(January19,2009)7PaulT.Jaeger,JimmyLin&JustinM.Grimes,CloudComputingandInformationPolicy:ComputinginaPolicyCloud?ForthcomingintheJournalofInformationTechnologyandPolitics.(unpublished)ForthcomingintheJournalofInformationTechnologyandPolitics.
6
economics of scale for large and small enterprises by eliminating the upfront capital
expenditure(CapEx)onhardware,software,andservicesastheyonlypayforwhattheyuse8
Cloud Computing has been defined by National Institute of Standards and Technology, as
“Cloudcomputing isamodel forenablingconvenient,on‐demandnetworkaccess toashared
pool of configurable computing resources (e.g., networks, servers, storage, applications, and
services) that can be rapidly provisioned and released with minimal management effort or
service provider interaction. This cloud model promotes availability and is composed of five
essentialcharacteristics,threeservicemodels,andfourdeploymentmodels9”.
A computing model has five different layers‐ applications, software environments, software
infrastructure, software kernel, and hardware10. At the bottom of the stack, is physical
component of the system (hardware). Above that layer is the cloud application layerwhich
normally the end users accesses through web‐portals. The third layer is cloud environment
layer. The users of this layer are cloud application developers. The cloud service provider
suppliesdeveloperswithaprogramming‐language‐levelenvironmentwithasetofwell‐defined
APIs to facilitate the interaction. This system or layermay also be termed as software as a
service.Abovethatlayeris,thecloudsoftwareinfrastructurelayerwhichprovidesfundamental
resources to other higher‐level layers, which in turn can be used to construct new cloud
softwareenvironmentsorcloudapplications11.
8http://en.wikipedia.org/wiki/Cloud_computing9http://csrc.nist.gov/groups/SNS/cloud‐computing/10http://blog.bluelock.com/blog/5‐layer‐model11LamiaYouseff&MariaButrico,DilmaDaSilva,TowardaUnifiedOntologyofCloudComputing (explainingthedifferentlayersincloud)(http://docs.google.com/viewer?a=v&q=cache:vyTr8TfjRjYJ:www.cs.ucsb.edu/~lyouseff/CCOntology/CloudOntology.pdf/
7
There are different types clouds computing models available to the end user to suit their
businessneeds:publicclouds,privatecloudsandhybridclouds.
PublicClouds: Apubliccloudisonebasedonthestandardcloudcomputingmodel,inwhich
thecloudserviceprovidermakesresources,suchasapplicationsandstorage,availabletothe
enduserovertheInternet12.
PrivateCloud:Inthiscomputingmodel,theresourcessuchasapplicationandstorageareonly
accessiblefromwithinthecompanyfirewallandisavailabletoonlythecompanyemployees.
HybridCloud: Inthiscomputingmodel,theenduserwillmanagesomeresourcesin‐houseor
privatecloudandsomeinthepubliccloud.
CommunityCloud:Inthismodel,theresourcesareavailableandaccessibletoaselectedgroup
oftrustedpartners.Thecloudserviceprovideroffersdifferentkindsofcomputingservicesto
theendusers.These services include Infrastructureasa service (IAAS),PlatformasaService
(PAAS)andSoftwareasaservice(SaaS).
12http://searchcloudcomputing.techtarget.com/sDefinition/0,,sid201_gci1356516,00.html
8
InfrastructureasaService (IaaS): Whenthecloudserviceprovideronlyoffers thecompute,
storage and networking infrastructure, typically a hosted virtualization environment as a
service,itisofferingInfrastructureasaService13.
Platform as a Service (PaaS): When the cloud service provider is offering an integrated
platformtotheendusertobuild,test,anddeployandautomaticallyscaleapplications14, it is
offeringPlatformasaService.PaaSprovidesahigherlevelabstractionoverIaaS.
SoftwareasaService(SaaS):Whenthesoftwareisofferedasaservicebythecloudserviceto
theenduser,itisofferingSoftwareasaService.Thisserviceprovidesrichfunctionalityofthe
applicationandwherethecustomerdoesnothavetheneedtoinstall,operateormanagethe
applicationbutinsteadsubscribestoserviceandpaysbytheuser.
TheCloudServiceProviderisdifferentfromthetraditionalhostingservicesbecauseitprovides
theendusersmorecontrolthroughasetofwell‐definedAPIstofacilitatetheinteractionwith
thecloudresources.
IV. OverviewofTradeSecretLaw
Theprivilegetocompetewithothersincludesaprivilegetoadopttheirbusinessmethods,ideas
or processors of manufacture. However, such privilege has certain limitations imposed by
intellectualpropertylaw.IntellectualPropertylawregimeservestopromoteprogressofuseful
art and science. Patents and copyrights extend protection to the originator15 for a limited
periodoftimeonconditionofitsdisclosuretothepublic.
13http://en.wikipedia.org/wiki/Cloud_computing14http://en.wikipedia.org/wiki/Cloud_computing15 RogerMMilgrim,MilgrimonTrade Secret ,Vol. 1, §1.01[1],MatthewBender andCompany Inc. (Updated2009)
9
Tradesecret lawisananomaly in intellectualproperty law16.TradeSecret isany information,
whichhasaneconomicvalueandprovideseconomicadvantageoverthecompetitors17.Trade
Secretonlyprotectsvaluableinformation,whichhasbeenreasonablysafeguarded.Incontrast
tothepatentandcopyrightregimes, theprotectionextendedtosuchvaluable information is
notconfinedtolimitedtimeperiod.Thetradesecretprotectionenduresaslongas,thetrade
secretstatusisvaluableandhasnotbeendisclosedtothepublic.
The significant difference of fact between trade secret law and these diverse intellectual
protectionregimesisthatknowledgeofthedevicesandprocesseswhichnotprotectedasthe
tradesecrets, isavailabletothecopierwithoutimpropermeansfromthepublicdisclosureof
the information. The employment of impropermeans to procure trade secret is thebasis of
liabilityunderthisbranchoflaw18.
Trade secret protects wide range for information, which drives the economic growth of the
industry.Tradesecretisoneofthemostvaluableassetsofthecompanyandthesurvivalofthe
companymaydependonitsabilitytoprotecttradesecrets.ItispertinenttonotethatUnited
Statespubliclytradedcompaniesownsanestimated$5trillion intradesecret information19.
Prior to obtaining patent protection, virtually all inventions are covered by trade secret
protection20.
16RobertG.Bone,ANewLookattheTradeSecretLaw:DoctrineinSearchofJustification,86Calif.L.Rev.241.(1998)17Rowe,ElizabethA., ContributoryNegligence andTechnologyandTrade Secrets,University of FloridaLevinCollegeofLawResearchPaperNo.200806.(May01,2009).http://ssrn.com/abstract=116116618RobertG.Bone,ANewLookattheTradeSecretLaw:DoctrineinSearchofJustification,86Calif.L.Rev.241.(1998)19Rowe,ElizabethA., ContributoryNegligenceandTechnologyandTradeSecrets,UniversityofFloridaLevinCollegeofLawResearchPaperNo.200806.(May01,2009).http://ssrn.com/abstract=116116620Rowe,ElizabethA,Rethinking“ReasonableEffort”toprotectTradeSecretInADigitalWorld(2008)
10
If thetradesecretofonecompanyweremisappropriated,then itwould leadgreateconomic
lossforthecompany.JudgePosnernotedintheleadingopinionofRockwellGraphicSystems,
Incv.DEVIndustries,Inc21thatthetradesecretlawencouragestheactorstodevelopvaluable
informationalresourcesbyprotectingthemfromimproperacquisitionbyothers22.Moreover,
tradesecretlawcloselyregulatesstandardofcommercialethics,guidesofmoralityofbusiness
worldandunderscoresfairdealing23.
Ifthecompetitorhasderivedtradesecretinformationbyimpropermeansorunderbreachof
confidentiality relationship, the trade secret owner would be entitled to remedies for
misappropriationoftradesecret.Tradesecretlawdoesnotimposealiabilityformerecopying
of the data; others are free to inspect the publically available data to reverse engineer to
procuresecretinformationfromit24.
Tradesecretlawimposesaliabilityonlywhenthedataisobtainedbyimpropermeans.Ifsome
oneknows the trade secret lawfully, theyhave the trade secret rightsof theirownprovided
theytookeeptheinformationsecret‐atleastuntiltoomanypeoplediscovertheinformation25.
A. CommonLawOriginofTradeSecretLaw
21RockwellGraphicSystems,Incv.DEVIndustries,Inc,925F.2d174(7th.Cir.1991)22RogerESchechter&JohnRThomas.IntellectualProperty, theLawofCopyrights,PatentsandTrademark,WestPublishingCompany(April2003)23 A. Elizabeth Rowe, Saving Trade Secret Disclosures on the Internet through Sequential Preservation, 42WakeForestL.Rev.1(Spring2007)24BoardofTradev.DowJones&Co.,98III.2d.109(1983)25KewaneeOilvBriconCorp.416U.S.470(1974)26 Robert G. Bone,A New Look at the Trade Secret Law: Doctrine in Search of Justification, 86 Calif.L.Rev.241.(1998)27ChristopherRebelJ.Pace.TheCaseForAFederalTradeSecretsAct.8Harv.J.L.&Tech(1995).28A.ElizabethRowe,Saving TradeSecretDisclosuresonthe InternetthroughSequentialPreservation, 42WakeForestL.Rev.1(Spring2007)29Peabodyv.Norfolk,98Mass.452(1868)30 Robert G. Bone,A New Look at the Trade Secret Law: Doctrine in Search of Justification, 86 Calif.L.Rev.241.(1998)31Peabodyv.Norfolk,98Mass.452(1868)
11
Thetradesecretlawhasoriginatedfromcommonlaw.Sinceitsemergenceinthemiddleofthe
nineteenth century, trade secret lawhasdevelopedprimarily asa creatureof state common
law26. The cause of action for trade secret misappropriation was imported from English
commonlawtoAmericancommonlawinaseriesofmid‐nineteenthcenturydecisionsbythe
highestcourtsofseveraleasternstates27.
Themainissuesduringthattimewerewhetherthecourtsofequityhadthejurisdictiontogrant
injunctive relief and whether the agreements not to use or disclose were void as unlawful
restraints of trade28. In 1968, Massachusetts Supreme Court in Peabody v. Norfolk29,
expoundedthetradesecretlawinUnitedStates30.Hestatedinhislandmarkopinionthat“ifa
32TaylorvBlanchard36Mass.523(1837)33O.&W.ThumCov.Tloczynski,114Milch.149,72N.W.140(1987)34StonevGoss,65N.J.Eq.756,55A.736(1903)35PressedSteelCarCov.StandardSteelCarCo,210,Pa.464,60A.4(1904)36DonaldChisum&MichealAJacobs,UnderstandingIntellectualPropertyLaw,§3B[3],Lexisnexis/MatthewBender(October30,2004)37JamesW.Hill,TradeSecrets,UnjustEnrichment,andtheClassificationofObligations,4Va.J.L.&Tech.2(Spring1999)38RogerE.Schecter&JohnRThomas,IntellectualProperty,theLawofCopyrights,PatentsandTrademarks,§24.2,WestPublishingCompany(April2003)39DonaldChisum&MichealAJacobs,UnderstandingIntellectualPropertyLaw,§3B[3],Lexisnexis/MatthewBender(October30,2004)40JamesW.Hill,TradeSecrets,UnjustEnrichment,andtheClassificationofObligations,4Va.J.L.&Tech.2(Spring1999)41PiperJulie,Ihaveasecret?ApplyingtheUniformTradeSecretsActtoconfidentialinformationthatdoesnotrisetotheleveloftradesecretstatus.Marq.Intell.Prop.L.Rev.(2008).OriginalCitation14A.M.JUR.3d.ProofofFacts619,§6(2006)42HenryH.Perritt,Jr,TradeSecrets:A PractitionersGuide,PractisingLawInstitute(PLI);2ndedition(January1,2005)43 Andrew Beckerman‐Rodau, Trade Secrets‐The New Risks to Trade Secrets Posed by Computerization,RutgersComputer&Tech.L.J.Vol.28(2002)44HenryH.Perritt,Jr,TradeSecrets:APractitionersGuide,PractisingLawInstitute(PLI);2ndedition(January1,2005)45RestatementofTorts(Commentb)
12
manestablishesandmakesitvaluablebyitsskillandattention,thegoodwillofthatbusinessis
recognizedbythelawasproperty.”31
In Taylor v Blanchard32, the court accredited the principle that “public has no right to “a
businessman’s trade secrets and that a contract for their exclusive use is not a restraint of
trade..”TheotherhistoricalsignificancecasesincludeO.&W.ThumCov.Tloczynski33,Stonev
Goss34andPressedSteelCarCov.StandardSteelCarCo35weremostsignificantcontributorsto
thebodyofprecedent thatwasprimaryauthority forUnitedStates trade secret law inearly
1930’s.36
RestatementofTorts
As part of the early 20th century, the American law Institute’s 1939 Restatement Of Torts
included two sections on trade secrets.37 However, trade secretswere not addressed in the
1978SecondRestatementofTorts.TheAmericanLawInstituteconcludedthattradesecretlaw
had grownmoredependent on Tort law than itsmanyother general fields of lawandupon
statutorydevelopments38
UniformTradeSecretsAct
Inthe1980’sthestatesbegantoadopttheNationalConferenceofCommissionsUniformTrade
SecretAct(UTSA).UTSA,largelycodifiedthecommonlaw39.UTSA,isenactedinthemajorityof
states. UTSA, follows the Restatement of Torts, but also relies on subsequent case laws to
provide more and useful definitive legal standards40. National Conference of Commissions
Uniform Trade Secret recognizedwhen drafting UTSA, that “trade secret protection ismore
13
important now because there has been an unprecedented growth in computer,
biotechnologicalandcommunicationsindustries”41
TheRestatement(Third)ofUnfairCompetition
In1994,theAmericanLawInstitutepublishedtheRestatement(Third)ofUnfaircompetition42.
Under theRestatement (Third)ofUnfairCompetition,a tradesecret is “any information that
canbeusedintheoperationofabusinessorotherenterprisethatissufficientlyvaluableand
secrettoaffordanactualorpotentialeconomicadvantageoverothers.”
TheEconomicEspionageAct
TheEconomicEspionagecreatesa federalcrime for theftof tradesecrets43. Itprotects trade
secretsundertwoprovisionsnamely,18U.S.C.§1831(a)whichcriminalizesthetheftoftrade
secretstobenefitforeignpowersand18U.S.C.§1832,criminalizestheirtheftforcommercial
oreconomicpurposes44.
B. DatathatQualifiesasaTradeSecret
Theendusermaystorewiderangeofdatainthecloudrangingfromstatistics,formulas,sales
records,customerinformation,pricinginformation,andsourcecode.However,notallofthem
would comewithin the ambit of trade secret protection. It is necessary for the purpose of
analysis to scrutinize theguidelinesunder respectivedefinitionsofRestatementof Torts and
UniformTradesecretsAct.Thesedefinitionshavelaidouttheprerequisitesforqualificationof
data/orinformationastradesecret.
14
A exact definition of trade secret is not possible under the Restatement”45 and hence it
contains list of factors that are determinative for purposes of ascertainingwhether the data
wouldqualifyasatradesecret46.
According to the definition under the Restatement, the trade secret would include “any
formula,patternordeviceorcompilationofinformationwhichisusedinone’sbusinesswhich
would give him a competitive edge, if such process or device for is continuously used in
operatingthebusinessratherthenforasingleuseorephemeralevents”47
TheRestatementcontainssixfactorswhichinclude“(a)theextentofinformationknowntothe
outside business, (b) known by employees and other people involved in business, (c)
reasonablemeasurestaken,(d)amountofmoneyexpandedindevelopingtheinformationand
theeaseandthe(e)valueoftheinformation(f)difficultywithwhichtheinformationcouldbe
properly acquired or duplicated by others“48 to be considered in determiningwhether given
information is trade secret or not. In otherwords in order to qualify as a trade secret, the
subjectmattermustescape fromthemundaneand theordinary49. Inaddition to thesubject
matterbeingmundane,reasonableeffortsmusthavebeenmadeforsecrecy50.
Under, Uniform Trade Secrets Act, a trade secret is any information including a “formula,
pattern, compilation, program, device, method, technique or process which has an
independenteconomic valueandwhich isnot generally known to thepublic and reasonable
46 Donald Chisum & Micheal A Jacobs, Understanding Intellectual Property Law § [3C][1][a],Lexisnexis/MatthewBender(October30,2004)
47Restatement§757(Commentb)48RestatementofTorts49MilgrimonTrade Secrets,RogerMMilgrim ,DefinitionalAspects, §1.01[3] , 1‐223.Original Citation:EdNowogroskiInc,vRucker,50U.S.P.Q2d1268137Wash.2d,427,971,P.2d936,942‐945(1999)
50RogerMMilgrim,MilgrimonTradeSecret ,Vol.1,§1.01[3] ,MatthewBenderandCompany Inc. (Updated2009)OriginalCitation:Buffets,IncvKlinke,73,F3d965(9thCir.1996)
15
methodshavebeenundertakentosafeguardit.”51Thelegislatorshavedraftedthedefinitions
of UTSA and Restatement of Torts to be inclusive in their approach which enable them to
encompassvariousother typesofnew informationand/ordata resultantofnew innovations
and technological advances. However, whether particular information constitutes a trade
secretisaquestionoflawinsomejurisdictionsandaquestionoffactinothers52.Thetypesof
information/data that has been accorded the trade secret status are scientific data such as
chemicalprocess53, formulas54,manufacturingmethods55, businessplansandprofits and loss
accounts56, customer lists57, computer programs58 employee knowhow59, pricing distribution
andmarketingplans60.
C. ReasonableStandardRequirementUnderTradeSecretlaw
“Solongastheoriginatororpossessorofthenakedidea…keepsittohimself,itishisproperty,
but it ceases tobehis ownwhenhepermits it topass fromhim…..Ideasof this sort, in their
relationtopropertymaybelikenedtotheinterestwhichapersonmayobtaininbeesandbirds
andfishinrunningstreams,whichareconspicuousinstancesofferaenaturae”.Iftheclaimant
keepsthemonhisownpremises,theybecomehisqualifiedproperty,andabsolutelyhissolong
astheydonotescape.Butifhepermitsthemtogohecannotfollowthem”.Apersonreduces
informationto“captivity”bykeepingitsecretandimplementingprecautionstoprotectagainst
51UniformTradeSecretsAct§152SecureServersTechIncvTime&SpaceProcessingInc,722FSupp.1354(E.DVa1989)53SmithKlineBeechamPharmaceuticalsCovMerk&Co.,766A.2d422,488(Del.Super.Ct.200)54JointStockSoc’yvUDVN.Am.,104F.Supp.2d390,409(D.Del2000)55CobotCorpvThaiTantalum,Inc.25USPQ2d1619(Del.Ch.1992)56AmericanTotalisatorCov.AutototeLtd.,No.7268,1983WL21374(Del.Ch.Aug18,1983)57DelmaraDrillingCov.AmericanWellSys,Inc,No8221,1988WL7396(Del.Ch.Jan,26,1988)58 American Totalisator Sys. v Automatic Totalisators (U.S.A) Ltd, No. 5562, 1978WL 4479 (Del. Ch.Apr.20,1978)59BernardPersonnelConsultants,IncvMazarella(No.11660,1990WL124969(Del.Ch.Aug28,1990)60PepsiCo,Incv.Redmond54F.3d1262(1995)
16
disclosure and diffusion61. The principal gatekeeper to trade secret status is that the
information must have been subjected to reasonable efforts to maintain secrecy62. The
reasonable efforts standard is probably themost important factor in determiningwhether a
tradesecretholderownsaprotectabletradesecret63.
Thetenetofreasonablenessrequirementisreflectingfromthefollowingjudgmentsofvarious
courts.
InJ.T.Healey&Son,Inc.v.JamesA.Murphy&Son,Inc.,64thecourtreaffirmedtheprincipleby
statingthat, “[I]f thepersonentitledtoa tradesecretwishestohave itsexclusiveuse inhis
ownbusiness,hemustnotfailtotakeallproperandreasonablestepstokeepitsecret...‘’
The corresponding trade secret laws of different states have established a generic rule of
applicationofreasonableeffortstodeterminetradesecretstatus.UnderAlabamalaw,among
otherfactors,reasonableefforttomaintainsecrecy isusedasabenchmarktodeterminethe
tradesecretstatus65.(UnisourceWorldwide,IncvSouthCentralAlabamaSupply,LLC66).Under
FloridaLaw, itwasheld that toconstitutea tradesecret, the tradesecretownerhas to take
reasonableeffortstomaintainsecrecy.(MerrillLynch,Pierce,Fenner&Smith,Inc.vDumm67).
61RobertG.Bone,TradeSecrecy,Innovation,andtheRequirementofreasonablesecrecyprecautions.62Roger,E Schecter, Intellectual Property, the Law of Copyrights, Patents andTrademarks,West PublishingCompany,April2003.63 Rowe A. Elizabeth. Contributory Negligence, Technology and Trade Secrets, (2009)http://works.bepress.com/elizabeth_rowe/5andMBL(USA)Corp,Diekman,445N.E2d418,425(III.App.Ct1983) (“Althoughmany factors shouldbeconsidered todetermine if a tradesecretexists,what isprimaryimportanceiswhetherandhowanemployeractstokeeptheinformationsecret”)64J.T.Healey&Son,Inc.v.JamesA.Murphy&Son,Inc.,357Mass.728,737‐39(1970)65BrianMMalsberger,Trade Secets: A state by state Survey, BNA Books (Bureau of National Affairs) (July1997)66UnisourceWorldwide,IncvSouthCentralAlabamaSupply,LLC199F.Supp.2d1194,1211(M.DAla.2001)67MerrillLynch,Pierce,Fenner&Smith,Inc.vDumm,191F.Supp.2d1346,1351(M.D.Fla.2002)
17
UnderKentuckylaw,itwasheldthatwhen,plaintiffexercisesnoeffortstomaintainsecrecyof
thetradesecret,thenheloseshisrighttothetradesecretstatus.(RogersvDesaInt’l,Inc68).
UnderLouisianalaw,plaintiffhastoundertakereasonableeffortstomaintainsecrecy(Reingold
v Swfitships, Inc69.) Similarly under the provisions of Ohio law, it is required that the trade
secretownertakehastoundertakereasonablestepstomaintainitssecrecy.(ValcoCincinnati
Incv.N&DMachiningServ., Inc70).Mostlyall thestateshavesummeduptherequirementof
reasonablenessascertainingthetradesecretstatus.
Though,reasonableness,whichisacommonlegaltest,iseasytostatebuthardtodefine.71To
meet the reasonableness test, the law requires the trade secret owner to undertake actual
efforts to theextent that theyare rigorousenough to forceanother touse, improper, illegal
andunethicalmeanstodiscoveratradesecret72.
One of the factors listed in the Restatement, which is considered in determining whether
particular informationisatradesecret, is“theextentofmeasurestakenbyhim(tradesecret
owner)toguardthesecrecyoftheinformation.
UTSA requires that efforts to maintain secrecy “be reasonable under the circumstances”.
UTSA’scommentapprovinglysummarizesthecommonlawrequirementasfollows73:
“[R]easonablemeasures tomaintain secrecyhavebeenheld to includeadvisingemployeesof
theexistenceof the tradesecret, limitingaccess to tradesecreton“need toknowbasis”and
68RogersvDesaInt’l,Inc,183F.Supp2d955,958(E.D.Mich.2002)69ReingoldvSwfitships,Inc,126F.3d645,640,44USPQ.2d1481(5thCir1997)70ValcoCincinnatiIncv.N&DMachiningServ.,Inc,492N.E.2d814,819(Ohio1996)71RobertG.Bone,TradeSecrecy,Innovation,andtheRequirementofreasonablesecrecyprecautions.72Slaby,DavidW.;Chapman,JamesC.;O'Hara,Gregory,TradeSecretProtection:AnAnalysisoftheConceptEffortsReasonableundertheCircumstancestoMaintainSecrecy,5SantaClaraComputer&HighTech.L.J.321(1989)73UniformActComment§1.
18
controlling plant access. On the other hand public disclosure of information through display,
tradejournalpublications,advertising,orothercarelessnesscanprecludeprotection.74
Hence, It is indeed important that careful efforts to preserve the trade secrecy would be
requiredby theenduser to retainhis rights in the trade secret afterhostinghis data in the
serverofthecloudprovider.Howeverthelevelofsecrecyandreasonablenessrequiredisnot
reflectedintheprovisionsofthelawofeitherUTSAorRestatementofTorts.Itisthedutyof
thetradesecretownertoprotectitstradesecrets.Theburdenofprovingthatreasonablesteps
havebeentakenfallsontheplaintiff75. Thecourtsthroughtheirdecisionshavemadeitclear
that the tradesecretowner,who isnotvigilantaboutsafeguarding its tradesecrets, cannot
expect others to hold a higher obligation to preserve the secret.76 The level of reasonable
efforts taken isdirectly relative to the finding that themisappropriaterhasderivedthe trade
secretthroughimpropermeans.
The courtshave throughnumerous verdicts createdhomogenous yardstick todetermine the
levelofreasonablenessrequiredformaintainingthestatusoftradesecret.Anentitythathas
taken reasonable steps to protect valuable business information only knows with certainty
whetheracourtwillagreethattheinformationisindeedatradesecretwhenthecourtactually
makes thedetermination77.Theprimary ruling in thevariouscasesdiscussedhereinbelow is
thatthethresholdoflevelofreasonablenessisnotveryhighandstringent.
74UniformActComment§1.75FisherStovesInc,vAllNighterStoves,Inc626F.2d76FisherStovesInc,vAllNighterStoves,Inc626F.2d77Slaby,DavidW.;Chapman,JamesC. ;O'Hara,Gregory ,TradeSecretProtection:AnAnalysisoftheConceptEffortsReasonableundertheCircumstancestoMaintainSecrecy,5SantaClaraComputer&HighTech.L.J.321(1989)
19
1. E.IduPontdeNemorus&Companyv.Christopher78
The courtnoted that the lawdoesnot requireunreasonableprecautions toprevent another
fromdoingthatheoughtnottodoinfirstplace.
2. TubularThreading,Inc.v.Scandaliato79
Thecourtstatedthat“theeffortsrequiredtomaintainsecrecyarethosereasonableunderthe
circumstances,andcourtsdonotrequireextremeandundulyexpensiveproceduresbetaken
toprotecttradesecrets”80.
3. Sheetsv.YamahaMotorsCorp81
The court stated, “that the trade secret owner needs to take steps that are reasonably
necessaryunderthecircumstancestomaintainsecrecy.
4. RockwellGraphicsSystems,Inc82
The court stated, “Reasonableness is to be evaluated by comparing the costs of precautions
withthebenefits”.
5. CompuserveCorpv.SerenaSoftwareInt’lInc83
The court In this case held that “[o]ne need not make every conceivable effort to protect
secrecy”84.
AsJudgePonserhasexplained,“abalancebetweenvigilanceandpracticalitymustbeachieved:
“[T]he question is whether additional benefit in security could have exceeded [the]cost of
contemplatedprotection.”
78E.IduPontdeNemorus&Companyv.Christophe,431.F.2d1012(5thCir.1970)79TubularThreading,Inc.v.Scandaliato,443So.2d712,714(La.Ct.App.1983).80TubularThreading,Inc.v.Scandaliato,443So.2d712,714(La.Ct.App.1983)81Sheetsv.YamahaMotorsCorp,849F.2dat18382Sheetsv.YamahaMotorsCorp,925F.2dat179‐18083CompuserveCorpv.SerenaSoftwareInt’lInc,77F.Supp.2d.816,82284CompuserveCorpv.SerenaSoftwareInt’lInc,77F.Supp.2d.816,822
20
Hence, in the lightof thecases, itcouldbeemphaticallystated, that thecourtshavetakena
view thatextremeandundulyexpensiveproceduresarenot required tobe taken toprotect
tradesecretsagainstflagrantindustrialespionage85.
In determining that the trade secret owner has exercised reasonable diligence number of
factorsaretaken intoconsideration86.AsUTSAorRestatementofTortshasnotprovidedany
guidanceonthereasonableeffortsrequirement,hencethesufficiencyofthesecrecyisjudged
inthelightofthecircumstances,includingthecaselawsandindustry.
Theseunderlyingdecisionsof the courtsunderpin theguiding standards to theenduserson
how to determine, if the reasonable standard test has beenmet. The test for determining
reasonableness standard is not consistent by the courts. However the courts look into the
followingaspects (a)confidentialityagreements (b)controlaccesstothedata (c) information
generallyknownoutside (d)expenditure tokeep the informationconfidential (d)affirmative
stepstobetaken
(i) ConfidentialityandNon‐DisclosureAgreements
Courtshaveheld that informationmayremaina tradesecreteven if theownerdiscloses the
information to its licensees, vendors, or third parties for limited purposes87. If the end user
disclosesinformationtothecloudserviceproviderunderthetermsofconfidentialityandnon‐
disclosureagreements,thenthedatamightnotloseitstradesecretstatus.Courtshaveheld
that informationmayremainatradesecreteveniftheownerdisclosestheinformationtoits
85UniformActComment§186UniformTradeSecretsAct,The;Klitzke,RamonA.64Marq.L.Rev.277(1980‐1981)87RogerM.Milgrim,MilgrimonTradeSecrets,§1.04,MatthewBender,(1984)
21
licensees,vendors,orthirdpartiesfor limitedpurposes88.Whetheratransferoftradesecrets
toacloudserviceproviderextinguishesthetradesecrethasyettoberuledupon.
Datathat isdisclosedbytheendusertothecloudserviceprovider isunderthetermsofthe
confidentialityandnon‐disclosureagreements.Theseagreementscreatearelationshipofduty
ofconfidencebetweenthepartiesandthecloudserviceproviderisboundbythetermsofthe
agreements not to disclose or use the data of the end user. The decisions of the courts in
SaltmanEngineeringCoyLd.v.CampbellEngineeringCoy.Ld89affirmthatifinformationisgiven
byonetradertoanotherincircumstanceswhichmakethatinformationconfidential,thenthe
secondtrader isdisentitledtomakeuseoftheconfidential informationforpurposesoftrade
bywayofcompetitionwiththefirsttrader90.
Similarly,thecourts inLacMineralsLtd.v. InternationalCoronaResourcesLtd., 91andCocov.
A.N.Clark(Engineers)Limited,92heldthat“Adutyofconfidenceariseswhenapersonacquires
knowledge of confidential information, including trade secrets, under circumstances inwhich
thepersonhasnoticeoragreedthattheinformationisconfidential”93.ThecourtinCocovA.N
Clark (Engineers)suggested,a test todetermine if thedutyofconfidencearisesbetweenthe
parties.Itstatedthat“itisanobjectiveone(test):whetherareasonablepersonstandinginthe
shoesoftherecipientoftheinformationwouldhaverealizedthattheinformationwasgivenin
confidence”.
88RogerM.Milgrim,MilgrimonTradeSecrets,§1.04,MatthewBender,(1984)89SaltmanEngineeringCoyLd.v.CampbellEngineeringCoy.Ltd,(1948)90SaltmanEngineeringCoyLd.v.CampbellEngineeringCoy.Ltd,(1948)91LacMineralsLtd.v.InternationalCoronaResourcesLtd,[1989]2S.C.R.57492Cocov.A.N.Clark(Engineers)Limited,[1969]R.P.C.41(Ch.D.)93Cocov.A.N.Clark(Engineers)Limited,[1969]R.P.C.41(Ch.D.)
22
TheDelawareCourtofChanceryinDataGeneralCorp.v.DigitalComputerControls,Inc94,held
thatDataGeneralhadtakenadequatemeasurestoprotecttheconfidentialityofthediagrams,
stating,"disseminationisnotsignificantifinconfidence.”
Itistobenotedthat,breachofconfidentialitygivesrisetotwoindependentlegalclaims:one
formisappropriationoftradesecret;theotherforbreachofcontract95.
The following are the summary of cases, which reflect the principal of confidentiality
relationship.
a. TechniconDataSys.CorpvCurtis1000,Inc96
Technicon,wasadeveloperofhospitalrecordsystemandthedefendant,Curtis1000reversed
engineeredtheinterfaceofacomputerizedsystemforstoringhospitaldata.Thecourtgranted
preliminary injunction on the ground that various techniques were used by the plaintiff to
achievesecrecy,whichincludedtheuseofconfidentialityagreements97
b. BaystateTechs.,Incv.BentlySys.,Inc98
BaystateTechnologiesfiledacomplaintagainstBentleySystems,Incallegingmisappropriation
of trade secrets in violation of M.G.L. c. 42 and copyright infringement99. Bently
misappropriatedcertaintradesecretsinBaystate’sCADsoftware.Oneofthefactors,thecourt
usedfordeterminingwhether,theplaintiff’sactionsandpoliciesconcerningthetreatmentof
94DataGeneralCorp.v.DigitalComputerControls,Inc,357A.2d105,188U.S.P.Q.(BNA)276(Del.Ch.1975)95RogerM.Milgrim,MilgrimonTradeSecrets,§1.04,MatthewBender,(1984)96TechniconDataSys.CorpvCurtis1000,Inc,224U.S.P.Q.286,290,1984‐2CCH.97RogerM.Milgrim,MilgrimonTradeSecrets,§1.04,MatthewBender,(1984)98BaystateTechs.,Incv.BentlySys.,Inc,946F.Supp.1079,1092(D.Mass.1996)99BaystateTechs.,Incv.BentlySys.,Inc,946F.Supp.1079,1092(D.Mass.1996)
23
itstradesecretweresufficienttoprotectitsclaimedsecrecywastheexistenceorabsenceofan
expressagreementrestrictingdisclosure100.
c. ElectornicDataSys.Corp.v.Heinemann101
Inthiscase,thecourtheldthatthevindicationofconfidentialityagreementsisoneofthepolicy
considerationscourtshaverecognizedasreasonsfortradesecretprotection.
d. J.T.Healy&Son,Inc.v.JamesA.Murphy&Son,Inc.&Ors102.
Thecourtstatedinthiscase,“onewhoclaimsthathehasatradesecretmustexerciseeternal
vigilance.Thiscallsforconstantwarningstoallpersonstowhomthetradesecrethasbecome
knownandobtainingfromeachanagreement,preferablyinwriting,acknowledgingitssecrecy
andpromisingtorespectit”103.
e. HollomanvO.Mustad&Sons(USA),Inc104.,
Thecourt in thiscase,heldthat thetradesecret lawacquiredthroughbreachofconfidential
relationship or discovered through improper means to be the proper subject of a
misappropriationclaim105.
TerminationofConfidentialityandNon‐DisclosureAgreements
Cloudserviceprovidermaytakecertainstepsforsecurityofdata.Howeverthesestepsmight
create a hurdle, later when the agreement between them is terminated. If the agreement
between the cloud serviceprovider and theenduser is terminated,would the cloud service
100BrianMMalsberger,TradeSecets:AstatebystateSurvey,BNABooks,93,(BureauofNationalAffairs)(July1997)101ElectornicDataSys.Corp.v.Heinemann,493S.E2d132,134‐35(Ga.1997)102J.T.Healy&Son,Inc.v.JamesA.Murphy&Son,Inc.&Ors,357Mass.728(1970),260N.E.2d723103J.T.Healy&Son,Inc.v.JamesA.Murphy&Son,Inc.&Ors,357Mass.728(1970),260N.E.2d723104HollomanvO.Mustad&Sons(USA),Inc,196F.Supp.2d450,459(E.DTex.2002)105HollomanvO.Mustad&Sons(USA),Inc,196F.Supp.2d450,459(E.DTex.2002)
24
provider, be still bound by the terms of confidentiality and non‐disclosure agreements to
safeguardtheoriginaldataaswellascopiesofdata?
ThedecisionofthecourtinCadburySchweppesv.FBIFoodsLimited106wouldprovidea
guiding light to this dilemma of combination of technology and law. The facts of the case
pointed out, that a licensor revealed to the licensee, under license, confidential information
abouta recipe fora tomatococktailwithclambroth.After receivingnotice to terminate the
license, the licensee used the confidential information to develop a competing product. The
courtheld the licenseewasunder anobligation toprotect the trade secret and the licensee
evenaftertermination107.
DeletionofMultipleCopiesAfterTerminationofConfidentialityandNon‐DisclosureAgreements.
Redundancy data would have a major impact after termination of the agreement(s).
Redundancyofdatacreatesahurdlebecausethecloudserviceproviderhascreatedmultiple
copiesofthedataforsecurityofdataineventdataislost.A pertinent glitch would arise, for
enduserswhomightlaterwanttomigratetheirdatafromthecloud,andtheuseragreement
doesnotautomaticallyprovidefordeletionofdatafrommultiplelocations.
Henceitisimportantfortheinterestsoftheendusers,thatthecloudserviceuseragreements,
shouldcreateaprovisiontotheeffectthat“therightsandthedutiesundertheagreementwill
surviveevenaftertheagreement”.Further,aprovisionshouldbeadded“thatthecopiesofthe
datawouldbeautomaticallydeletedafterthetermination”
106CadburySchweppesv.FBIFoodsLimited,[1999]1S.C.R.142107CadburySchweppesv.FBIFoodsLimited,[1999]1S.C.R.142
25
Itisalsoimportanttonotethatitmightnotbepossibletofullydeleteallthecopiesofthedata,
sincefulldatadeletionisonlypossiblebydestroyingadisk,whichalsostoresdatafromother
clients.Whenarequesttodeleteacloudresourceismade,thismaynotresultintruewipingof
the data (as with most operating systems)108. Where complete data wiping is required, the
cloudserviceprovider,shouldadheretospecialproceduresforcompletewipingofthedata.
(b) ControlAccesstotheData
The tradesecretowner is required toundertake reasonable steps toascertain that thedata,
which is sought to be protected under the doctrine of trade secret law, is only accessed by
relevantpeople.Ifthecloudserviceproviderauthorizesthedatatobesharedbyotheruserson
thesharedserver,thedatamightloseittradesecretstatus.
Moreover, the data of the end user is stored on a hypervisor of the cloud service provider,
whichrunsmultipleoperatingsystemsonasingleserver.Thisenablesmultipleuserstooperate
on single server. Due to this multi‐tenancy factor of cloud, the end user might not have
completecontrolovertheaccessofhisdata.Moreoverthedata,mightbefrequentlyappended
orupdatedor logs couldbe created for thebillingpurposesof thedata.Hence, if the cloud
serviceproviderdoesnotexecuteahighcontrolaccessregime,thenthecourtmayconsider,
thisasadefaultonthepartofthecloudserviceprovider.
Even though there isabusinessarrangementby thecloudserviceproviderand theenduser
and although, confidentiality and non‐disclosure agreements between the parties define the
contours of confidential relationship, end the user however should never simply leave the
details of the protection up to the Cloud Service provider without confirming that they are
108EuropeanNetworkandSecurityAgency,CloudComputing,Benefits,RisksandAssessment,(Nov2009).
26
robust109. InCarboline Co v. Lebeck110, the court held that the trade secret owner had not
taken reasonable measures to maintain secrecy where, among other things, it took no
measurestoprotectinformationinthehandsofsuppliersorcustomers111.
Aanotherproblemthatcouldarisefortheenduser is thatthedata,couldbereplicatedand
stored in diverse geographical locations, hence, itmight be very difficult for the enduser to
have complete control access to thedata, ashemaynotbeawareabout the locationofhis
datastorage.
LimitedControlAccessDuetoDataRedundancy
Toensuredurabilityandreliabilityoftheenduserdata,thecloudservicesproviderresortsto
dataredundancy.Theystoremultiplecopiesofthesamedata inmultiple locationssothat in
eventofhardwarefailureorwhendisasterstrikesadatacenter,theenduserdataalwayshas
accesstothedata.Dataredundancysystemisadheredforthemotivetocombatsystemfailure
and consequential loss of data. Cloud service provider achieves client data redundancy by
replicatingfullcopiesondifferentstoragenodes112.
Data redundancy can be employed with technique of erasure‐correcting code to further
tolerate faults or server crash as user’s data grows in size and the original data from being
retrievedbytheuser113.Thesystemhasbeenengineeredinsuchawayastocontinuetofully
functionalevenintheeventofamajorservicedisruptionwithinadatacenter.Thisredundancy
109 Vicotria A Cundiff,ReasonableMeasures to Protect Trade Secret in a Digital Enviourment, Franklin LawReview(2009)110CarbolineCov.Lebeck,990F.Supp.762,767,‐68(E.D.Mo.1997)111CarbolineCov.Lebeck,990F.Supp.762,767,‐68(E.D.Mo.1997)112RanjitNayak,CloudFilesIntroductionDocumentationRelease1.1.0.113RanjitNayak,CloudFilesIntroductionDocumentationRelease1.1.0.
27
could be achieved at the following levels – Data Replication, Business Data Replication and
ServerImageDataReplication114
LevelI:DataReplication
Cloud service providers use database management systems, usually with a master/slave
relationshipbetweentheoriginalandthecopiestoreplicatedata115.Inthissystem,twocopies
ofdataarestoredinthecloud.Theoriginalcopyofthedataisthetermedasmasterfileand
thecopyofdataistermedastheslavecopy116.
Level2‐BusinessDataReplication
Businessdata replication involves replicationofonlybusinessdatawithoutoperating system
andotherapplications117.
Level3‐ServerReplication
Inserverreplication,thedatastoredinthecloudisreplicatedalongwiththeapplicationsand
theoperatingsystem118.
Duetodatareplication, theendusermight losecontroloverhisdata.Theeffectofmultiple
replicatedcopiesinthelightonreasonablestandardmeasurehastobeascertainedforpurpose
ofsafeguardingtherightsofthetradesecretholder.Inamisappropriationclaim,theenduser
wouldhavetoprovethatdata,hasnotlostthetradesecretstatusbythevirtuelimitedcontrol
access to the copies of the data. I propose, that end user should undertake reasonable
measurestoensurecontrolovercopiesofdatatopreventdisclosure.Thereasonablestepsmay
includeencryptionofallcachedcopiesstoredindifferentgeographiclocations.114CloudStation,WhitePaper:Hybrid&FeaturedCloudManagement.115http://en.wikipedia.org/wiki/Replication_(computer_science)#Database_replication116CloudComputingPanel,Portland(2010)117CloudStation,WhitePaper:Hybrid&FeaturedCloudManagement118CloudStation,WhitePaper:Hybrid&FeaturedCloudManagement
28
(c)Expendituretopreservesecrecy
Theamountofexpenditure incurredbytheenduserforcreatingastrongerwalltopreserve
the secrecy of the data, is one of the determinative factors under reasonable standard test.
Highexpenditure incurred inusing latest technology forencryptionor installationof firewalls
woulddefinitelyfavortheenduser.
(d)Informationgenerallyknownoutside
It is axiomatic that publicly available information cannot qualify for trade secret status.119.
Information couldeasily lose its trade secret status throughpublicdisclosure. Evenanactof
allowingabusinessvisitortoseeasecretplantprocessduringaplanttourmaybesufficientto
destroytradesecrecy120.Hencethefirsthurdlefortheenduser,ineventthathistradesecret
storedinthecloudismisappropriatedwouldbeprovingthatinformationstoredbyhimhasnot
lostitstradesecretstatusbyvirtueofthestorageinthismedium.
InSteinbergMooradDunnv.Dunn,Inc121,itwasheldthat,oneoftheelementsoftradesecret
misappropriationclaimisthattheinformationmustnothavetobegenerallyknown.
InRuckelshausv.MonsantoCo.122,itwasheldthat“Informationthatisofpublicknowledgeor
thatisgenerallyknowninanindustrycannotbeatradesecret.”123,Similarly,inKewaneeOilCo.
v.BicronCopr.,124,itwasheldthat“thesubjectofatradesecretmustbesecret,andmustnot
119A. Elizabeth Rowe, Saving Trade Secret Disclosures on the Internet through Sequential Preservation, 42WakeForestL.Rev.1(Spring2007)120G.PeterAlbert,WhiteselLaff,&SaretLaff, IntellectualPropertyLawinCyberSpace,Whitesel&SaretLtd,(PrecisionMoulding&Frame,IncvSimpsonDoorCo.,77Wash.App.20,888P.2d1239(1995)121SteinbergMoorad&DunnvDunnIncWL3196234122Ruckelshausv.MonsantoCo,467U.S.986,1002(1984)123Ruckelshausv.MonsantoCo,467U.S.986,1002(1984)124KewaneeOilCo.v.BicronCopr,416U.S.470,475(1974)
29
beofpublicknowledgeorofageneralknowledgeinthetradeorbusiness.”125
However, it does not necessarilymean that, “generally known” equates to be knownby the
general public. The comments in the UTSA clarify this perplexity to indicate that “generally
known”doesnotnecessarilymeanknownbythegeneralpublic126.Iftheprincipalpersonswho
can obtain economic benefit from information are aware of it, there is no trade secret127.
ReligiousTechnologyCtr.v.NetcomOn‐LineCommunicationServs128., Inc.&DVDCopyControl
Ass’n Inc. v. Bunner129, reinstate that even if one person knows about the trade secret that
couldderiveeconomicbenefitfromit,thenthedatacouldloseitstradesecretstatus.
Applyingunderlyingprinciplesof theabovecases, tocontextof cloudcomputing, could itbe
impliedthat,cloudserviceproviderderiveseconomicbenefitfromthedataandthereforethe
dataisheldtobegenerallyknown?RipostetothisquandaryliesintheprovisionsoftheUTSA,
whichprovideanumbrellaprotectiontothedatasharedwithcloudserviceprovider.Dutyof
confidenceimposedbyconfidentialandnon‐disclosureagreementsprotecttheenduser. It is
theprinciplerightofthetradesecretownertograntaccesstothesecrettootherssubjectto
contractual duty not to use or disclose it [Milgrim on Trade Secrets, Roger Migrims, §4.01]
Hencethedisclosuremadetothecloudserviceproviderunderconfidentialitytermswouldnot
tantamounttodisclosurewhichwouldenablethetradesecrettobegenerallyknown.
(e) Affirmativestepstobetakentoprotecttradesecret
Thetradesecretowner is requiredtoundertakeaffirmativestepstoprotecthis tradesecret.
125KewaneeOilCo.v.BicronCopr,416U.S.470,475(1974)126A. ElizabethRowe,Saving Trade SecretDisclosures on the Internet through Sequential Preservation, 42WakeForestL.Rev.1(Spring2007)127UniformActComment§1128ReligiousTechnologyCtr.v.NetcomOn‐LineCommunicationServs,10Cal.Rptr.3d(2004).129DVDCopyControlAss’nInc.v.Bunner,1997U.S.Dist.LEXIS23572,(N.D.Cal.Jan.3,1997)
30
Thisprincipleisenumeratedinthecasesmentionedhereinbelow.
a. IncaseIncvTimexCorp130
TheFirstCircuitCourtofAppealsstatesthatinordertoprotectatradesecret,affirmativesteps
must be taken to preserve its secrecy regarding a party against whom misappropriation is
claimed.
b. InMetallurgicalIndusIndus.IncvFouretek,Inc131
Thecourt inthiscasestatedthat,“effortstoprotectsecrecyarealsotiedtotherequirement
thattradesecretshavevalueindeed,whetherornotacompanytookadequatestepstoprotect
a secret is anevidenceof subjectivebelief that the informationwas a trade secret and thus
worthyofprotection”.
V. TheProblem:TradeSecretLawAppliedtoCloudComputing
Themoderndevelopmentoftechnologysignificantlyimpactsintellectualproperty132.Therehas
beenincrediblechangeinthetechnologyofcomputinginthepastyears.CloudComputinghas
beenenvisionedas thenext‐ generationarchitectureof ITEnterprise133. The revolution from
storingdata in thepersonal servers to theeraof cloud computinghas changed theway,we
havelooked,understoodandusedinformationtechnology.
130IncaseIncvTimexCorp,488F.3d46,52‐53,83U.S.P.Q.2d1032(IstCir.2007)131MetallurgicalIndusIndus.IncvFouretek,Inc,790F.2d.1195.1199‐1200(5thCir.1986)132 Andrew Beckerman‐Rodau, Trade SecretsThe New Risks to Trade Secrets Posed by Computerization,RutgersComputer&Tech.L.J.Vol.28(2002)133CongWang,QianWang,&KuiRen,EnsuringDataStorageSecurityinCloudComputing,ComputerSecurity–ESORICSSpringer(2009)
31
Incontrasttotraditionalsolutions,wheretheITservicesareunderproperphysical,logicaland
personnel controls, Cloud Computing moves the application software and databases to the
largedatacenters134.
Moving data into the cloud offers great convenience to users since they don’t have to care
aboutthecomplexitiesofdirecthardwaremanagement.135Thebusinesshavenowstartedto
rethinkthewaytheyuse,buyandstoreinformationtechnology.Ratherthandevotingalotof
cashforpurchasingservers,theyarepluggingintothenewgrid‐CloudComputing136.However
this recent typeofparadigmshift to cloudcomputing imposesnewchallenges to intellectual
propertylaw.
Oneof thechallenges,whichare imposedby this computingplatformshift, is the traditional
outlook of trade secret law for protection of valuable data,which has a fixedmechanismof
managingandusingvaluabledata.Thenewmediumofstoringvaluabledatainthevirtualized
remoteserversmayentailriskoflossintradesecretstatusandtheunderlyingprotectionunder
thevariousprovisionsofthetradesecretlaw.
The Cloud Service Provider stores the data of the end user in virtual servers in remote data
storage units. If such data qualifies for a trade secret protection under the Restatement of
TortsandUTSA,thenitmayhavelegalimplicationstotheeffectthat,ifreasonablemeasuresto
protectthedatafromdisclosure,arenotundertaken,itwouldceasetobeatradesecret.The
pertinent issue would be whether the current trade secret legal framework, appropriately
134CongWang,QianWang,&KuiRen,EnsuringDataStorageSecurityinCloudComputing,ComputerSecurity–ESORICSSpringer(2009)135CongWang,QianWang,&KuiRen,EnsuringDataStorageSecurityinCloudComputing,ComputerSecurity–ESORICSSpringer(2009).136NicholasCarr,TheBigSwitchRewiringtheworldfromEdisontoGoogle,W.W.Norton&Company;Reprintedition(January19,2009)
32
addresses the consequences of such disclosure. It is to be noted that even if the data is
accidentlyaccessedbythecloudproviderorthethirdparty,itmightloseitstradesecretstatus.
InKewaneeOilCo.v.BicronCorp137,thecourtstatedthatevenabonafidetradesecretisnot
protectedagainstdiscoverybyfairmeans,includingaccidentaldisclosure.
A,cloudprovidercanaccessthevirtualmachine,wherethedataoftheenduserisstoredand
they could also install backdoor log in to access the data. An end user is aware of these
underlyingrisksofstoringhisdataonthecloud.Ifstilltheenduser,isoptingtostorehisdatain
the cloud, could it be concluded, that he hasmigrated from the safety zone of trade secret
protection?Intheearlycaseof1982,PalinMfgCovWaterTechnologyInc138,thecourtheld
thatonewhohasdisclosedhis tradesecret tootherswithoutappropriatesafeguardscannot
claimthereafterittobeatradesecret.
Consequently,ifsuchdataismisappropriatedbythecloudserviceproviderorunrelatedthird
party, then theprotectionaccorded to theenduser,under theprovisionsofunderlying law,
wouldnotbeaccorded.
Additionally, inthismodel,thedataisdistributedindiversegeographicalregionsforensuring
thesecurityofdata.Thismay imposesignificant jurisdictional limitationsontheutilizationof
legalremediestoprotectthedata,sincelegalredressunderoursystemisgenerallybasedon
thegeographic locations139. However,all thedatastoredbytheendusermaynotqualifyas
trade secrets under Uniform Trade Secrets Act and Restatement. It is important for the
137KewaneeOilCo.v.BicronCorp,416U.S.470(1883)138PalinMfgCovWaterTechnologyInc,982F.2d1130(1992)139AndrewBeckerman‐Rodau, TradeSecretsTheNewRiskstoTradeSecretsPosedbyComputerization,Rutgers
Computer&Tech.L.J.Vol.28(2002)
33
purposesoftheanalysis,tofirstdemarcatebetweendataprotectableastradesecretfromthe
datathatisnotprotectedastradesecret.
A. QualificationofDataAsTradeSecretInContextofCloudComputing
Thekindsofinformation/datastoredinthecloudvariesfromindustrytoindustry.Duetothe
dynamicnatureofscalabilityofthecloud,anumberofdevelopersaredeployingtheirsoftware
applications in the cloud140. The software applications deployed in the cloud might contain
sourcecodes,whichthedevelopermightwanttoindividuallydocumentandstoreinthecloud
forbuildingnewerversionofapplicationsinthecloud.Henceitisimportanttoinquirewhether
thesesoftwareprogramscouldbeprotectedastradesecrets.
SoftwarePrograms/Applications:ProtectionAsTradeSecrets
Theenduserwill deploy softwareprograms in the cloud.These softwareprogramscouldbe
protected as trade secrets. A computer program is considered as a trade secret under the
Florida law141. InLibertyAm.Ins.Group, Incv.WestpointUnderwriters,L.L.C142, thecourtheld
that“thesubjectsoftwarehasindependenteconomicvaluebecauseit isnotknowntoandis
notreadilyascertainablebyotherpersonswhocouldderiveeconomicvaluefromitsdisclosure
andtheplaintiffhadtakenreasonablemeasurestomaintainsecrecyofthesoftwareincluding
itssourcecode”andhencethesoftwarecouldberegardedastradesecret.
140The Social and Economic Impact of the Cloud, Cloud Computing Panel Discussion Code Camp,Portland.(May22,2010)
141 BrianMMalsberger,Trade Secets: A state by state Survey, BNABooks (Bureau of National Affairs) (July1997)
142LibertyAm.Ins.Group,Incv.WestpointUnderwriters,L.L.C199F.Supp.2d1271,1302(M.D.Ga.1992)
34
The software codewas comfortably found to bewithin the definition of trade secret
underMassachusetts law143. Thedesign, technologyandmarketingplansof a softwarewere
alsoheld tobe trade secrets inAltaAnalytics, Inc v.Muuss144 on similar factorsdiscussed in
LibertyAm.Ins.Howeverthecourt inHoganSys., IncvCybersourceInt’l, Inc145 divertingfrom
thedecisioninBernardPersonnelConsultants,IncvMazarella146(whichheldthattheemployee
knowhow could be protected as trade secret) stated that “[g]eneral knowledge, skill and
experienceinthecomputersoftwareindustrydonotconstituteastradesecret”.
ApplicationsintheCloudContainingOpenSourceElements
In the cloud, various software applications are deployed on many instances and the cloud
provider would provide not only the necessary storage capacity but also computing
infrastructure to run the application in cloud. These software programs and/or applications
mayhavecertainelementsinthesourcecodederivedfromopensourcesoftware.Theissuein
thisscenario,wouldbe,whether,suchapplicationscouldbeprotectedastradesecretsbecause
certainelementsofcodearealreadydisseminatedtopublicviaopensourcemedium.Thisissue
wasresolvedbyUnitedStatesCourtofAppealsfortheTenthCircuitin,RivendellForestProds.
v.Georgia‐PacificCorp147,whereinitwasheldthat"atradesecretcanincludeasystemwhere
the elements are in the public domain, but there has been accomplished an effective,
143BrianMMalsberger,Trade Secets: A state by state Survey, BNA Books (Bureau of National Affairs) (July1997)OriginalCitation:HarvardApparatus,IncvCowen130.F.Supp.2d.161(D.Mass.2001)
144AltaAnalytics,Incv.Muuss,75.F.Supp.2d773,785,(S.DOhio1999)145HoganSys.,IncvCybersourceInt’l,Inc,158F.3d.319,32448U.S.P.Q.2d.1668(5thCir.1998)146BernardPersonnelConsultants,IncvMazarella,1990WL124969147RivendellForestProds.v.Georgia‐PacificCorp,28F.3d1042(10thCir.1994)
35
successful andvaluable integrationof thepublicdomainelementsand the trade secret gave
theclaimantacompetitiveadvantage..."
ThecourtinfurtherinEssexGroupvSouthwireCorp.,148statedthat“thetradesecretcanexist
inacombinationofcharacteristicsandcomponents,eachofwhichisinpublicdomain,butthe
unified process design and operation ofwhich in unique combination, affords a competitive
advantageandprotectivetradesecret”.
Under the New York law, a combination of public domain elements may be a trade secret
within themeaning of Restatement of Torts § 757. In Softel Inc v. DragonMed.& Scientific
Communications, Inc149, the court held that the combination of public domain elements of
plaintiff’scomputersourcecodewasheldtobeatradesecret.Henceevenifthedatastoredby
theenduserinthecloud,hasopensourceelementsinit. Itcouldstillbeaccordedthetrade
secretstatus.
B. TradeSecret:JurisdictionIssues
Cloud computingmeans thatdatamayalwaysbe in transit," said Teppler, "never anywhere,
alwayssomewhere."150Acloudserviceproviderstoresmultiplecopiesofthedataindifferent
geographicalregionsandconsequentlythedataisdispersedacrossandstoredinmultipledata
centersallovertheworld151.Thiscouldraisejurisdictionalissue.
Thetradesecretmisappropriationcasesariseunderthecommonlawofmanystatesand
UTSA inmany states, accordingly the subject‐matter jurisdiction lies in state courts inmany
148EssexGroupvSouthwireCorp,269Ga.553,501S.E.2d501(1998)149SoftelIncv.DragonMed.&ScientificCommunications,Inc,118F.3d955,968,43U.S.P.Q.2d1385(2ndCir.1997)150http://www.enterprisestorageforum.com/continuity/news/article.php/3814821/Cloud‐Computing‐Poses‐E‐
Discovery‐Legal‐Risks.htm151DavidNavetta,LegalImplicationsofCloudComputing‐PartOne(theBasicsandFramingtheIssues)(2009)
36
cases.152. If theenduser, filesatradesecretmisappropriationclaimagainstthecloudservice
provider, itcouldraisean issue,whereaparticularstatecourt,haspersonal jurisdictionover
thecloudserviceprovider,onthesolereasonthatthecopyofthetradesecret,wasstoredin
the data center in that state. This quandary in the system of cloud computing distributed
channelwouldarise this complication inpersonal jurisdictionarena.Hence in their interests,
thecloudserviceprovidershouldcomprehendbeforehand, thebenefitsof storingacopyof
usersdatainaparticulardatacenterlocatedinastateversusotherstate.
It is to be noted that, the multiple data copy issue, could have a important legal
consequence for end user, as application of data protection rules could also follow from
locationchoices153.Fore.gastatewheretheenduser’sdataismoreprotectivethaninstatein
comparisonwithanotherstate,wherealsothecopyofthestored.Tocombatthissituation,the
endusershouldcarefullypickuptheforumswherethecloudserviceprovidermayhavedata
centers,wherehigherlevelofdataprotectionisgrantedbythecourtsinthatstate.
VI. Proposals: Measures to be adopted by End User to safeguardTradeSecretunderReasonableStandardTest
Thelawdoesnotrequirethetradesecretownertobuildanimpenetrablefortressaroundthe
around its trade secret154, the end user should however take into account in designing a
reasonable protection programwhichwill ensure him the protection under the trade secret
law.Thesemeasuresinthelightofthecourtsdecisionarediscussedhereinbelow
152HenryH.Perritt,Jr.,TradeSecretsPractitioner’sGuide,(2ndEdition),PracticingLawInstitute(2004)153RobertGellman,PrivacyintheCloud:RisksandConfidentiality,WorldPrivacyForum.154Vicotria A Cundiff,ReasonableMeasures to Protect Trade Secret in a Digital Environment, Franklin Law Review(2009)
37
I. EncryptionAsaPrecaution
Cryptographymightbeoneof the technology tools for theenduser toprotecthisdata.The
goalofencryption is to scrambleobjects so that theyarenotunderstandableorusableuntil
theyareunscrambled.Thetechnical termsforsuchprocessareencryptinganddecrypting155.
Encryption is also used to protect data in transit andwhen data is stored. There have been
numerousreportsofdataintransitbeinginterceptedinrecentyears156.
Current cryptosystems come in two basic configurations. The first is a "shared single key
cryptology"whichrequiresthesamekeytoencryptanddecryptthemessage157.Thesecondis
a "public key cryptography," which uses two keys; one to encrypt the message and one to
decryptit158.
The cloud providerwill always encrypt datawhen it is at transit, however datamay not be
encrypted it is at rest (stored). Existing cloud serviceprovidersmayprovidebasic encryption
keyschemestosecurecloudbasedapplicationdevelopmentandservices,ortheymayleaveall
suchprotectivemeasuresuptotheircustomers159.
Theenduserhasdiscretionofencryptingdatawhenitisatrest.Itispertinenttonotethatthe
keyusedforencryptiontothedatastoragecouldalsobewiththeprovider.
155Computer Science and Telecommunications Board Commission on Physical Sciences, Mathematics, and
Applications, TheDigital Dilemma, Intellectual Property in the Information Age. National Academy Press,WashingtonD.C(2000)
156FiberOpticNetworksVulnerable toAttack, InformationSecurityMagazine,November15,2006, SandraKayMiller
157Henderson,CharlesP,Encryption,keyrecovery,andCommercialTradeSecretAssets:AProposedLegislativeModel.RutgersComputer&Tech.L.J.(1999)
158Henderson,CharlesP,Encryption,keyrecovery,andCommercialTradeSecretAssets:AProposedLegislativeModel.RutgersComputer&Tech.L.J.(1999)
159CloudSecurityAlliance ,SecurityGuidance for CriticalAreasofFocus inCloudComputing (Version2.1)(December2009)
38
If the encryption and decryption key is the with the cloud provider, there would be a
substantial,riskofaccessofthedatatothecloudprovider.Thisproblemmightbeeliminated
by a recent technological development in the field of cryptography, whereby homomorphic
encryption thatwould allow applications to compute directly on encrypted data, and return
encryptedresultstotheenduser. Thiswouldenablecouldprovidertocomputeinthecloud
withoutactuallygivingthecloudprovideraccesstothedata160.
The courts have taken diverse opinions regarding whether encryption of the data could be
adequatetomeettherequirementsofreasonablestandardtestunderthedoctrinesoftrade
secretlaw.
ThecourtinHeartlandHomeFin.,Incv.AlliedMortgageCapitalCorp161,heldthat“theuseof
an encrypted email to transmit the alleged trade secret and the password protection were
insufficienttomeettherequirementgiventhelackofothersecuritymeasures”162.
Inanothercase,InTwinVisionCorpvBellSouthCommc’nSys.,163thecourtdidnorprovideany
lightorguidance,onwhetherencryptionalonewouldbesufficientevidencethattradesecret
ownerhastakenreasonableefforttopreservethetradesecretstatus.
However, only encryption of the data may not constitute reasonable protection under the
principlesofLiebertvMazur164wherein, thecourt stated thatsimplyby restrictingcomputer
160HomomorphicEncryptionBreakthroughAvailableathttp://www.schneier.com/blog/archives/2009/07/homomorphic_enc.ht(July9,2009)161HeartlandHomeFin.,Incv.AlliedMortgageCapitalCorp,No1:05CV2659,2007U.SDist.LEXIS8882162HeartlandHomeFin.,Incv.AlliedMortgageCapitalCorp,No1:05CV2659,2007U.SDist.LEXIS8882163TwinVisionCorpvBellSouthCommc’nSys,No97‐55231,1998U.SApp.LEXIS13607164LiebertvMazur,827N.E.2d909(III.App.Ct.2005)
39
access to customer lists by requiring a password is not sufficientmeasures to provide trade
secretprotectiontotheinformation165.
In Aetna, Inc. v. Fluegel166, the court commenting on commenting on plaintiff’s use of
encryption for somedocuments as evidenceof its reasonablemeasures tomaintain secrecy,
recognized the use of encryption as evidence of the trade secret owner’s efforts to protect
tradesecrets.Howeverthecourtshasthusnotyetreachedapointwherefailingtousesuch
encryptionas amatterof course constitutes aper se failure to take reasonablemeasures to
preservesecrecy167Henceiftheenduserisconcernedaboutstoringsensitiveandconfidential
datainthecloud,theendusershouldencryptthedata(individualfiles)beforeuploadingitto
thecloud168.
II. ConfidentialityAgreementsandNon‐DisclosureAgreements
Oneofthemeasurestheendusercouldadopttosafeguarditstradesecret istoenter intoa
Non‐DisclosureagreementandConditionalityAgreement.Theseagreementswillcontractually
createonobligationontheendusertoprotectthetradesecret. Ifthecloudserviceprovider
misappropriates the trade secret, it couldhave legal consequences for breachof contract as
wellasmisappropriationunderUTSA.§41oftheUTSAimposesthedutyofconfidencetothe
cloud service provider and hewould be liable under §40 ofUTSA for appropriation of trade
secret,ifthereisaConfidentialityAgreementandNon‐DisclosureAgreementssignedbetween
thepartiesand thecloudserviceproviderhasacquired the tradesecretby impropermeans.
165LiebertvMazur,827N.E.2d909(III.App.Ct.2005)166Aetna,Inc.v.Fluegel,No.CV074033345S,2008WL544504(2008)167VicotriaACundiff,ReasonableMeasurestoProtectTradeSecret inaDigitalEnvironment,FranklinLaw
Review(2009)168JineshVaira,CloudArchitectures,AmazonWebServices.
40
Theseagreementsmustbeinexistenceatthetimewhentheenduserishostshisdatainthe
cloud169. The language of the agreements must be clear and unambiguous170 and more
importantlyitsshouldcreateadutyofconfidentiality171
III. ContractuallypreventReverseEngineering
An end user may store his trade secret in the cloud, the end user or third party may be
restricted under the doctrines of the trade secret law to access or use the trade secret.
However the trade secret lawwon’t protect the enduser’s trade secret, if the cloud service
provideror the thirdpartygainsaccess to the tradesecretbymeansof reverseengineering.
The court in Kewanee v. Bicron172 stated that “While trade secret law does not forbid the
discovery of the trade secret by fair and honestmeans e.g., independent creation or reverse
engineering173”
Itisthereforeimportantfortheendusertocontractuallyprohibitthecloudserviceproviderto
reverseengineerthetradesecret.ThecaselawsPaintonCovBourns,Inc174,DiodesvFranzen175
reflect a general consensus that a contractual prohibition against reverse engineering is
enforceable176
IV. ChecklistfortheEndUser
169RTECorpv.CoatingsInc,267N.W.2d.226,232(Wis1978)170DioneevvSoutheastFoamConverting&PackagingInc.,397S.E.2d110,112(Va.1990)171WanbergvOceanSprayCanberries.,Inc194U.S.P.Q350,352,1977,WL22790(N.D.1II.1977)&172Kewaneev.Bicron,416U.S.470,476(1974)173RogerMMilgrim,MilgrimonTradeSecret ,Vol.1, §1.01[1],MatthewBenderandCompany Inc. (Updated2009)174PaintonCovBournsInc,442F.2d216,223(2dCir.1971)175DiodesvFranzen,260Cal.App.2d224,250,67Cal.Rptr.19(1968)176RogerMMilgrim,MilgrimonTradeSecret ,Vol.1, §1.05[5],MatthewBenderandCompany Inc. (Updated2009)
41
CHECKLISTFORTHEENDUSER
Data/applicationstobehostedinthecloudqualifyasatradesecret.Ref:QualificationofdataasTradesecret
Confidentiality Agreement or NDA between the End user and CloudServiceProviderRef: Measures to be adopted by End Users in safeguarding their tradesecrets
Inwhichstate(location)mydatastored?
Ref:DataisalwaysinTransit:JurisdictionsIssues
CanIhavecontrolaccesstomultiplecopiesstoredinthecloud?
Ref:Reasonablestandardrequirement.
Agreementswillsurvivetheterminationoftheagreement.Ref: Measures to be adopted by End Users in safeguarding their tradesecrets
CompletewipingofallthecopiesstoredinthecloudRef: Measures to be adopted by End Users in safeguarding their tradesecrets
Anti‐ReverseEngineeringprovisionintheAgreementRef: Measures to be adopted by End Users in safeguarding their tradesecrets
DataEncryptionRef: Measures to be adopted by End Users in safeguarding their tradesecrets
VII. Conclusion
Astechnologyevolvesitchallengestheintellectualpropertylaw177.Thetradesecretlawmust
adjusttothenewrealitiesoftheeraoftechnologicaldevelopment.Themannerinwhich,the
tradesecrethasevolvedtoadjusttonewchallengesboughtbytheadventof internet. Itwill
also have to adjust to the new boom of cloud computing. Once the trade secret law177RogerMMilgrim,MilgrimonTradeSecret,Vol.2,MatthewBenderandCompanyInc.(Updated2009)
42
accommodatescloudcomputingwithinitsambit,newandinterestingdevelopmentsinthelaw
will takeplace.CloudComputingandother technologieswon’tprove tobe thedeathof the
tradesecret,insteadthesewillpaveawayfornewtechnologiesinthefuturetobeadaptedby
the law.Howeverwhatmighthavebeena reasonableprecaution tenyearsago toprotect a
tradesecretisnotnecessarilyreasonabletodayinthelightofchangedcircumstancestoday178.
Thisshortchecklistmightenabletheendusertohosthisdataonthecloudwithoutlosinghis
tradesecretstatus.
178Rowe,ElizabethA.,ContributoryNegligenceandTechnologyandTradeSecrets,UniversityofFloridaLevin
CollegeofLawResearchPaperNo.200806.(May01,2009).http://ssrn.com/abstract=1161166
