Recently the District Court for the Southern District of New York issued a decision that illustrates the risks of taking an informal approach to protecting confidential business information. As described below, in Pauwels v. Deloitte et al., No. 19-CV-2313 (RA), 2020 U.S. Dist. LEXIS 28736 (S.D.N.Y. Feb. 19, 2020), the court dismissed Plaintiff’s complaint, finding that the facts alleged by Plaintiff failed to give rise to a valid claim for misappropriation because (among other issues) Plaintiff failed to impose adequate protections on his alleged confidential business information.

The Plaintiff worked as an “independent advisor” to the Bank of New York Mellon (“BNYM”), earning upwards of $750,000 per year for his advice on how to optimize BNYM’s investments in alternative energy companies (e.g., wind farms).  No contract governed the relationship; instead, Plaintiff submitted periodic invoices for his advisory work. In the course of his work, Plaintiff developed an investment model as a tool for analyzing BNYM’s alternative energy investments, and in his complaint he alleged that the tool was his proprietary information. Over the course of several years, Plaintiff sent BNYM more than 100 spreadsheets showing implementations of his investment model. Eventually, BNYM retained Deloitte to provide the analyses and severed its relationship with Plaintiff. Plaintiff alleged that Deloitte improperly used his proprietary model when advising BNYM.

The court found that Plaintiff took inadequate measures to protect his investment model. The court noted that Plaintiff’s approach to protecting his investment model boiled down to (i) putting his initials on the spreadsheets to signal his authorship and (ii) sending his spreadsheets (containing his investment model) to certain select individuals within BNYM, and verbally requesting that those individuals not share the spreadsheets with others. The court explained that Plaintiff’s actions were insufficient, and that although there are no specific, set requirements for protecting confidential information, Plaintiff should have taken more formal measures to protect his spreadsheet, such as (1) putting in place a written agreement with BNYM identifying confidential information and setting out the parties’ obligations with respect to any such information, (2) labeling his spreadsheets as confidential, (3) placing specific limits on who was permitted to access his spreadsheets, and (4) protecting the spreadsheets with a password or encryption. At the very minimum, such protection measures could have served as support for the allegation that he owned a protectable trade secret.

Other factors also worked against Plaintiff. The lack of any written confidentiality agreement also undercut Plaintiff’s ability to allege that any misappropriation took place. Since no contract existed that could have been breached, the law required Plaintiff to allege that BNYM either (1) discovered the investment model by improper means, or (2) violated a “confidential relationship or duty.” But both theories failed. BNYM never improperly accessed Plaintiff’s models because Plaintiff sent them freely in exchange for payment. And while the parties had a tacit agreement that BNYM would not disseminate the investment spreadsheets, the court found no “special facts” showing a confidential relationship whose breach could give rise to a trade secret misappropriation claim. Instead the court described the parties’ relationship as a “conventional business relationship,” highlighting the fact that Plaintiff had received substantial compensation for his spreadsheets.

The Pauwels case is a good reminder that a trade secret holder should err on the side of formality when protecting their confidential information. If litigation becomes necessary later, it is useful to be able to point to formal protection measures when alleging the existence of a protectable trade secret. A “tacit agreement” not to share the information may not be enough to survive the pleadings stage.