Whether it’s the secret recipe for your gourmet cupcakes or a unique process for manufacturing your best-selling product, trade secrets are valuable company assets. When an employee leaves, there’s a risk they will take your trade secrets with them to a competitor or to start their own business. So what relief is available if you’re a victim of trade secret theft? Hawai‘i companies already can seek relief from the Hawaii Uniform Trade Secrets Act, but now there’s another tool to combat trade secret theft. On May 11, 2016, President Obama signed the Defend Trade Secrets Act (DTSA) into law, which adds a federal layer of protection for trade secrets.
Here are the highlights of the new law:
What does DTSA do? The DTSA creates a new federal remedy for trade secret misappropriation. Prior federal trade secrets law only criminalized certain misappropriations of trade secrets. The DTSA allows victims of trade secret misappropriation to sue in federal court.
Is the DTSA my exclusive remedy? No. The DTSA creates a national standard of trade secret law and gives you more options for seeking relief, but it doesn’t pre-empt state law. You may still take advantage of trade secret protections under state laws like the Hawaii Uniform Trade Secrets Act.
What’s so special about the DTSA? One feature of the DTSA is that it allows a court to grant an “ex parte seizure order.” This new remedy lets trade secret owners seek a court order to seize allegedly stolen trade secret items in the accused wrongdoer’s possession without first giving them notice. Seizure orders are granted only in “extraordinary circumstances.” To safeguard against abuse of seizure orders, the DTSA entitles victims of wrongful seizure to damages, punitive damages in cases of bad faith, and attorneys’ fees. It remains to be seen how courts will apply the ex parte seizure provisions of the DTSA and how often the remedy will be used.
What do employers need to know about the DTSA? Injunctive relief granted under the DTSA may not “prevent a person from entering into an employment relationship” and must be consistent with state law “prohibiting restraints on the practice of a lawful profession, trade, or business.” In other words, the DTSA does not override state law governing non-compete covenants. Claims under state law may need to be included in the lawsuit to enforce non-compete provisions in an employment agreement.
The DTSA also provides immunity for whistleblower employees (which the DTSA defines broadly to include independent contractors and consultants) who disclose trade secrets to any government official solely for the purpose of reporting or investigating a suspected violation of law or in a court filing made under seal. Notice of the whistleblower immunity provisions must be given in every agreement entered into after May 11, 2016 that restricts the employee’s use of a trade secret or other confidential information. The notice requirement may be satisfied by referencing the immunity provisions in a policy document (like an employee manual) rather than inserting the provisions into each employment agreement.
For more specific information on how the DTSA affects you, consult experienced legal counsel.
Since the Americans with Disabilities Act (ADA) was passed in 1990, businesses have been vulnerable to “drive-by lawsuits” alleging that their facilities are physically inaccessible to disabled customers or guests. The new trend in ADA litigation is the “surf-by” lawsuit—disabled individuals who sue under the ADA because a business website they visited was allegedly inaccessible to them. The U.S. Department of Justice also has been aggressively enforcing website inaccessibility violations even though it won’t issue regulations until 2018.
If you’re still not convinced that the threat of website accessibility lawsuits is real, consider that in March, a California trial court became the first in the nation to rule on summary judgment that a retailer’s website violated the ADA and California’s anti-discrimination law (the Unruh Act). The court determined that the website was inaccessible to visually impaired individuals. The judge slapped the retailer with $4,000 in statutory damages under the Unruh Act, ordered it to either modify or remove the website, and awarded the plaintiff its attorneys’ fees, which are estimated to be in the six-figure range.
What can business owners do to prevent being sued for website accessibility violations? Start with these steps:
- Determine if the ADA applies to you. Title I of the ADA applies to private employers with 15+ employees. Covered employers may not discriminate against employees with disabilities and must make reasonable accommodations for them. In addition, accessibility may be an issue for business websites that allow job applicants to apply online. Title II applies to State and local governments. Under Title III, the website of an organization that qualifies as a “public accommodation” must be accessible to individuals with disabilities. Courts are split on whether “pure Internet” organizations (i.e., those without a bricks-and-mortar presence) are subject to website accessibility requirements.
- Identify accessibility issues. If the ADA applies to you, determine if your website poses accessibility problems to disabled individuals. The DOJ has not yet officially adopted rules for website accessibility, but is considering two sets of standards – the Web Content Accessibility Guidelines (WCAG) 2.0 created by the World Wide Web Consortium and the Electronic and Information Technology Accessible Standards published by the U.S. Access Board for compliance with Section 508 of the Rehabilitation Act. Common accessibility barriers include lack of closed-captioning for audio and video content, a site navigation structure unfriendly to keyboard-only users, and failure to provide descriptive text for images and non-text content.
- Get expert help. Web accessibility standards are highly technical. Consider consulting an IT expert with web accessibility experience to help you identify accessibility problems and solutions. You should also consult a lawyer with ADA experience to help you evaluate and mitigate legal risk, or to devise a defense strategy if you’ve already received a demand letter threatening litigation.
One of the bombshells in the DeflateGate saga was the revelation that Tom Brady had his cell phone destroyed shortly before meeting with the National Football League’s investigators. According to the NFL’s written decision suspending Brady, Brady knew that the investigators wanted access to text messages on the phone he had when the AFC Championship was played. Even so, Brady instructed his assistant to dispose of the phone—just four months after starting to use it. The dubious circumstances surrounding the disappearance of the phone greatly hurt Brady’s credibility in NFL Commissioner Roger Goodell’s eyes, and was instrumental to his eventual decision to discipline Brady.
There are HR lessons to be learned from this story. An employee’s mobile device can contain information you need for an investigation or lawsuit. So what can you do to get access to the device or the data on it now that employees frequently use their personal devices for work?
Adopting a Bring Your Own Device (BYOD) work policy is a good start. At a minimum, a BYOD policy should reserve the company’s right to access any electronic device an employee uses for work, even if the employee owns it. The policy should also state upfront that employees have no expectation of privacy to data stored on their personal devices – that’s the tradeoff for letting them connect to the company network.
After establishing the ability to take possession of employee-owned devices, think through the steps for preserving data on the devices before it’s too late. One measure is to issue a “litigation hold” instructing employees not to destroy a device or delete data from it. Be specific about the kinds of data they need to preserve. A crucial element of a litigation hold is an instruction to suspend routine purging of data or equipment – much like Brady’s practice of destroying his old phone whenever he got a new one. The litigation hold should be issued as soon as you know that a lawsuit or investigation is coming.
Next, determine the kind of electronic information you want. Preservation and extraction methods differ depending on the kind of data. Text messages need to be preserved quickly because once they’re deleted off a phone or tablet, it’s difficult to find a copy of them elsewhere. As Brady learned when he tried accessing text messages on his missing phone through his wireless carrier, carriers don’t keep subscribers’ text messages on their servers for very long, and they typically delete the messages after delivery to the recipient. Emails have a longer shelf life, especially if they’re stored in a web-based account like Gmail or Yahoo or transmitted through company servers.
Be proactive and act quickly. Don’t let your hopes of getting the electronic evidence you need get deflated.
The Hawaii Judiciary is proposing amendments to the Hawaii Rules of Civil Procedure (HRCP) to address e-discovery issues. The deadline for submitting comments is April 17, 2014. The proposed amendments are available here.
Some of the more notable changes being proposed are:
- The addition of references to “electronically stored information” (ESI) to Rule 26 (general discovery provisions), Rule 30 (depositions), Rule 33 (interrogatories), Rule 34 (document requests), Rule 37 (discovery sanctions and motions to compel), and Rule 45 (subpoenas)
- Amended Rule 26 expressly permits discovery of ESI with the caveat that a party need not provide discovery of ESI from sources that are not reasonably accessible because of undue burden or expense. The party claiming undue burden or expense has the burden to make that showing. However, even if the showing is made, a court may still order disclosure or discovery of ESI for good cause.
- Amended Rule 34 allows document requests to specify the form in which documents or ESI are to be produced. The responding party may object to the requested form, and if it does so, it must state the form it intends to use. If a request does not specify a form for producing the requested documents or ESI, the responding party must produce the requested materials in the form in which they are ordinarily maintained or in a form that is reasonably usable. A party does not need to produce the same documents or ESI in more than one form absent showing of good cause.
- Amended Rule 37 prohibits a court from imposing sanctions for failure to provide ESI lost as a result of routine, good-faith operation of an electronic information system absent exceptional circumstances.
- Amended Rule 45 would address requests for, and production of, ESI in the context of subpoenas.
For more information on the proposed amendments, visit the Judiciary’s website. To submit comments online, click here.
Suppose an email from your company’s in-house attorney instructs you to preserve all documents relating to an ex-employee who is threatening to sue for wrongful termination. In the days before smartphones and cloud storage, this would have been a relatively limited exercise: paper documents would be set aside and files on the company server would be backed up. But work-related data can be stored in many places today, including personal devices of employees. Is a company required to preserve such data?
Costco Wholesale recently faced that issue in an employment discrimination and retaliation lawsuit. See Cotton v. Costco Wholesale Corp., 2013 WL 3819974 (D. Kan. July 24, 2013). The plaintiff asked Costco to produce text messages on the personal cell phones of two of its employees who mentioned the plaintiff or his allegations. Costco objected on the grounds that the discovery request required it to invade the privacy of its employees, and there was no indication that the employees sent inappropriate text messages or used their personal phones for work purposes. The court denied the request, determining that Costco did not have possession, custody, or control of the text messages.
Although the court in the Cotton case ruled that the employer had no duty to produce information stored on the personal devices of the employees in question, the outcome might have been different if the facts had changed even slightly. Courts in other jurisdictions might also have taken a contrary approach.
The law in this area is far from clear, but following the guidelines below will help a company address e-discovery issues in their policy on personal electronic devices. An easy way to remember the guidelines is to think of the acronym “APPS”:
- Access: Reserve the right to access personal devices that store work-related data. Access is crucial if the company is legally required to collect and produce data residing in the personal devices of an employee.
- Permission: Clearly specify what personal devices employees are authorized to use for work-related purposes, if any. Consider keeping a log of authorized personal devices and require employees to update the log whenever they start using a new authorized device or retire an existing one. Your company’s document retention policy should extend to authorized devices.
- Privacy: Notify employees that they should have no expectation of privacy to data stored on a personal device if they use the device for work purposes. This prevents the company from being liable for invasion of privacy should it need to search the contents of a personal device to respond to a discovery request.
- Segregation: If possible, segregate work-related content from personal content on personal devices. Segregation can be implemented with software solutions, but if that is not feasible, at a minimum, instruct and train employees who use a personal device for work on how to keep their personal information separate from work data stored on the device. For example, storage of work-related data in a personal cloud storage account should be prohibited.
Follow the above guidelines to avoid getting caught off-guard by e-discovery requests.