Tips for European employers on how to protect company trade secrets.
7 to 12 years. According to an Organisation for Economic Co-operation and Development study, this is the average amount of time spent by an employee with any one European Union employer. However, in some countries, regions and sectors, employees move around more frequently than this, and the current COVID-19 pandemic will also have had an impact on these numbers.
In any event, if one of your employees leaves, you do not want your company’s trade secrets and other confidential information to leave with them.
How can you, as a European employer, protect your company’s trade secrets and other confidential information?
… at the start of employment
The EU Directive of 8 June 2016 on the protection of undisclosed know-how and business information (trade secrets) against their unlawful acquisition, use and disclosure aims to harmonize the national laws in EU member states against the unlawful acquisition, disclosure and use of trade secrets. Almost all EU member states have employment laws with rules on trade secret protection, including a prohibition on employees (and self-employed contractors) disclosing the employer’s trade secrets or other confidential information. Sometimes the EU member states even have criminal laws in place to sanction such behavior.
Notwithstanding such legal prohibitions to disclose trade secrets and confidential information, it remains of the utmost importance to include a clear, concrete and unambiguous confidentiality clause in your employment contracts with all of your EU employees. Of course, it should be verified for each EU member state concerned, whether any specific conditions apply for the clause to be valid and enforceable.
A decent confidentiality clause should include a definition of what you as a company consider to be confidential information. Make sure that the definition is adapted to your sector, your company and to the position of the employee concerned. We recommend describing as fully as possible what exactly you mean by confidential information. For example, if your company is active in the construction sector, and plans and 3D representations of projects are important, this should be specifically mentioned in the clause. Or, if your company operates in the medical sector and your employee works with test results and laboratory data, we recommend referring to this specific information in the clause.
The clause should then state that the employee expressly declares that he/she will not, either during the course of the employment agreement or after its termination, for any reason whatsoever, disclose confidential information or use it in any other way, except in so far as is necessary for the exercise of that employee’s duties.
Finally, we generally recommend – if this is enforceable under local law – referring to the sanctions that will be imposed in the event of a breach of the clause (e.g., contract termination for cause and damages (if possible, since demonstrating the actual damages is often hard, parties can agree in advance on a fixed amount that will be due in case of breach without prejudice to the company’s right to claim a higher indemnity if the damages are higher)).
You should also consider requiring interns, students, contractors, interim workers, etc. – even though they may not be employees in the strict sense – to sign a confidentiality clause or declaration. This will help you to underline the importance that your company gives to confidentiality and the protection of trade secrets. This is also in line with the definition of a trade secret under the EU Directive (the information should be subject to reasonable steps under the circumstances, by the person lawfully in control of the information, to keep it secret). Indeed, you do not want to risk that your company’s efforts in relation to employees are not valued due to a lack of measures in relation to non-employees;
For some key employees, other clauses – such as a non-solicitation clause, a non-compete clause, and an exclusivity clause – might also be appropriate. Once again, the conditions fixed by the applicable local laws should be complied with.
Finally, we generally recommend stating in the employment contract that, if the employee wishes to engage in other activities, whether or not they are remunerated, he/she must notify the employer in advance and/or be authorized by the employer to undertake those activities.
… during the course of the employment
The protection of trade secrets remains important during the course of the employment. As a first step, you should make sure your employees have access only to the data they actually need in order to properly perform their tasks and duties. For example, it may not be necessary to give all your employees, let alone all your contractors, access to the entire IT network of the company, and you should regulate access according to your company’s needs. There are various useful data loss prevention tools, and you can use encrypted USBs, etc.
From a more legal point of view, we recommend that you include a general confidentiality obligation in the company work rules, or in a policy that would also apply to contractors. Of course, these documents, and the confidentiality clauses in the individual employment contracts, should be coherent, to avoid any possible discussion as to meaning (e.g., in court).
In such work rules or policy, attention should be paid to monitoring information, e-mail boxes, laptops, etc.
Concrete example under Belgian law:
You suspect that some employees are sharing confidential information with a competitor and you want to monitor the professional e-mail boxes of these employees. Is this possible? If your policy provides for this option and you follow a proper process (e.g., a phased search where certain employees are selected, a search based on keywords, private mails are excluded, the content of the e-mails is only read if any suspicious elements are found, etc.), then there is a fair chance that this IT check will be acceptable to a Belgian court.
Your work rules or policy should also address the use of personal laptops, tablets and cell phones for professional purposes. The recent mandatory telework from home schemes imposed by many EU member states have made it all the more likely that your company would benefit from specific measures or guidelines to protect its confidential information.
In short, it’s mostly about anticipating potential problems, and you should focus both on preventing trade secrets from ending up outside your company’s walls and on making sure that you are able to gather sufficient evidence of wrong-doing, so as to be able to rely on it in court if necessary.
… on termination of employment
Finally, if either you or the employee terminates the employment contract, there are a few points to consider.
If you enter into a termination agreement subject to the conditions fixed by local law, we recommend once again that you include a confidentiality clause. You should also ensure that the employee returns all company assets and documents.
If you cannot enter into a termination agreement, but still wish to emphasize the employee’s confidentiality obligations after the termination of employment, you can remind the employee of any legal or contractual confidentiality obligations in the termination letter. Of course, such a letter is a unilateral document, but at least it emphasizes the importance that the company attaches to confidentiality (and this may be useful in any subsequent legal proceedings). In addition, such wording may have a beneficial psychological effect, acting as a deterrent.
And, of course, as soon as an employee leaves the company, don’t forget to block all electronic and physical access to confidential information, such as passwords, badges and keys!