The Sedona Conference, Working Group 12 on Trade Secrets, has released for public comment its guidance on the governance and management of trade secrets. This valuable Commentary outlines the inherent challenges in developing a trade secret protection program that aligns with a business’s goals and measurable objectives.

The Commentary recommends businesses focus on the following factors to evaluate trade secret protection programs:

  • The size, maturity, industry, and location of the business;
  • The nature and value of a business’s trade secrets;
  • How the business can leverage its trade secrets to commercialize new services and extract additional value, maintain its competitive advantage, and incentivize innovation;
  • The different measures available to protect the business’s trade secrets and their varying effectiveness; and
  • The extent and cost of measures taken and the rationale for measures not taken.

In the end, the Commentary advocates an “integrated enterprise” approach to trade secret governance in order to accommodate multiple and potentially conflicting corporate interests. This approach requires several steps:

  • Articulate the value of the program and its return on investment.
  • Identify all potential stakeholders.
  • Identify the company’s trade secrets.
  • Conduct an internal assessment of valuation and business impact; risk management; and company structure, systems, workflows, and culture.
  • Use the initial assessment to choose measures to protect particular categories of trade secrets, considering their impact value, risks, existing controls, and company functions. Craft an incident response plan that includes prompt steps to secure trade secrets, procedures for conducting comprehensive investigations, and corrective measures like evaluating potential employee discipline or legal action.
  • Leverage the company’s existing functions, processes, technology, and workflows, such as onboarding and ongoing training programs, to implement a trade secret protection program that aligns with the company’s business objectives.
  • Emphasize the business advantages of new measures when launching the program and focus initially on training to raise awareness of the company’s workforce. Encourage a culture of confidentiality and compliance.
  • Document the program and implementation.
  • Manage and assess program compliance through mechanisms such as audits, IT threat monitoring, contracts and processes review, metrics, monitoring of third parties and publicly available information, and systems testing.
  • Adapt, update, and improve the program as necessary over time.

Businesses should study the Commentary and assess their company’s trade secrets, business objectives, and risk environment. Courts often rely on Sedona Conference materials, and the Conference’s recommendations likely will influence how courts analyze the reasonableness of trade secret protection programs.