While you are still considering protecting a trade secret, a competitor is already luring employees, using your developments, and making money from them. Entrepreneurs often believe it is enough to sign an NDA (Non-disclosure Agreement) with an employee and sleep peacefully without worrying about possible disclosure of information. After all, documents that make up commercial secrets (CS) are reliably hidden "behind seven locks".
As practice shows, NDA is more of a preventive measure. It can act as a working tool only after introducing the enterprise's commercial secrecy regime.
An NDA alone is not enough
In Ukraine, there is only one case where it was possible to protect confidential information using an NDA. In May 2020, the court ordered the defendant to pay a fine of USD 10,000 for posting on his personal Facebook and LinkedIn pages confidential information about the ownership of the company's clients in Cyprus. The defendant was later released. The case is challenging to consider demonstrative, the defendant's lawyer did not appear and did not appeal the decision. But there is much more judicial practice where someone cannot protect information.
In Ukraine, there are several ways to make an NDA work and even more to make it not work. The most effective option is to introduce a commercial secrecy regime in the company. This will allow you not to worry that the employee may transfer the customer base to competitors, expose information to disclosure or violate the terms of the NDA.
Must-have for entering the trade secret regime
There is no trade secret code or special law in Ukraine. Only a few articles in the Commercial and Civil Codes regulate the commercial secrecy regime. To introduce this mode, it is necessary to develop local acts correctly:
The order of the head of the company on the introduction of the regime of commercial secrecy. The chairman orders the heads of departments to inform employees about the introduction of the regime of commercial secrecy
List of information that constitutes a commercial secret. With a clear list, it will be easier to protect something abstract. Everyone should know what information includes a trade secret and cannot be disclosed
Trade secret statement or privacy policy. It is a kind of "bible" for employees to protect trade secrets. Such a document should be written in detail: what the password should be, what information and to whom someone cannot transfer it, etc
Obligation contract. This document confirms that the employee is familiar with the company's regulations regarding the operation of the CS regime and undertakes to comply with them
Non-disclosure Agreement. NDA is a non-disclosure agreement that establishes obligations to protect commercial secrets and liability for violations
If the company wants to introduce a confidentiality seal, it is necessary to additionally develop an instruction on accounting for documents with a "confidentiality" seal
NDA as an effective mechanism
The NDA will become a truly effective mechanism if, in addition to introducing the KT regime, the company will resort to real penalties for violating its terms. For example, in the case "Ergon Electric v. TVK Vector-VS", the company Ergon Electric proved that another party disclosed confidential information. Ergon Electric examined and, with the help of the cyber police, seized media that proved the defendant's guilt beyond doubt
Clean table policy and clean screen policy
The court is interested in something other than the company's local acts, only their practical implementation. Usually, companies focus on ISO/IEC 27001, which is an international standard for information security. The purpose of the standard is to protect the company's information assets. Also, to protect and preserve commercial secrets and confidential information, the "clean desk policy" and "clean screen policy" are introduced:
It is a prohibition for employees leaving documents unattended on their desks
Laptops, tablets, and phones must have strong passwords. It is crucial to conduct training and explain concepts such as "passwords". For example, the NordPass website's most predictable passwords are qwerty, 12345, 123456789, date of birth, and others
Time to get rid of iron safes
One standard recommendation is to provide employees with a safe to limit access to documents. But a digital safe is a more modern solution. The Benelux Intellectual Property Office provides the most popular digital safe i-DEPOT. It is not subject to territorial restrictions and can be used as evidence anywhere in the world. European courts always take i-DEPOT into account when considering cases.
Trade secrets are the most expensive for businesses. And while you are still thinking about whether to protect it, competitors are already using your valuable information. The NDA is not a panacea and works only after introducing a trade secret regime at the enterprise.
Comments