A few weeks ago, Cartier announced a lawsuit against Tiffany & Co for unfair competition. The French jewelry house accuses its rival of trying to inappropriately obtain confidential information about her activities in the United States through a former employee. The legendary firm on Fifth Avenue in Manhattan has been quick to deny it. The plot of this battle in the luxury market could well serve as a movie script. And it is that business secrets are many times more valuable than the diamonds that the protagonist of Breakfast at Tiffany’s (Breakfast with diamonds). Therefore, it is vital for companies to protect them and know the legal weapons they have.
The Coca-Cola formula is perhaps the most sought after secret. But the list is very long: hidden ingredients, production techniques or knowledge, client lists, algorithms, market studies… In short, Pablo Sanz, Professor of Commercial Law at Comillas ICADE, summarizes, “all confidential and valuable information economic impact on the competitive advantages of a company’s products or services.
In Spain, these assets are protected by Law 1/2019, of February 20, on Business Secrets. The rule provides the general framework that supports a claim for unfair competition or, where appropriate, a lawsuit for industrial espionage. Knowledge that is kept secret (by applying “reasonable measures” for this purpose) and has “business value”, whether real or potential, falls under its umbrella. In 2015, for example, the Provincial Court of Madrid denied commercial value to the chips with the dye applied to the clients of a hairdressing salon. On the other hand, although the law also guarantees the protection of industrial secrets, Sanz points out, “it should not be confused with patents and utility models.” These inventions have to be officially registered, so they are no longer secret.
In practice, companies safeguard their secrets through confidentiality agreements. The plan goes through inventorying their intangible assets and deciding which innovations they will leave under lock and key. The key, emphasizes Eric Maciá, lawyer and consultant in the Privacy and Information Security area of PONS IP, “is that it is aligned with the business strategy: that what is protected makes sense and serves to meet its objectives”. He points out a basic criterion: “Do not treat as a secret what can be deduced by reverse engineering”. In other words, it is not worth preserving a product that can be easily replicated from the original model. It would be preferable to patent it, adds Sanz; thus “they will not be able to use it without the permission of the owner”.
Quite a few cases of violations of business secrets are carried out by turncoat workers who take the information to the competition. However, applying confidentiality clauses indiscriminately, explains Antonio Pedrajas, managing partner of Abdón Pedrajas Littler, “can be counterproductive.” If the entire staff knows the secret, it can lose its confidential nature. For this reason, Maciá points out, it is necessary to apply “a life cycle management methodology for this information, that is, who should access it, when…”. Thus, pacts of silence will be included with certain employees, but also with partners, suppliers, clients… In the workplace, emphasizes Pedrajas, “confidentiality is a duty inherent to contractual good faith that persists even after the contract has expired. ”. For this reason, unlike exclusivity or non-competition agreements when leaving the company, “it does not require financial compensation”.
He knows in depth all the sides of the coin.
In principle, recruiting a competitor’s staff is not in itself an act of unfair competition. A different issue, points out Cristina Mesa, a partner in the Industrial and Intellectual Property department at Garrigues, is “wanting to obtain confidential information through its employees”. As in the operation denounced by Cartier, in which the former employee allegedly delivered sensitive material to the executives of her new company.
When a business considers that its secrets have been violated, Mesa points out, “the first thing it has to prove is that the data to which it has had access is confidential, which is not always easy.” Therefore, the most “usual” way to defend against a lawsuit, she says, “is to claim that the information in question was not secret.”
Next, Mesa explains, “it must also be proven how the company’s secrets have been violated.” That is, if there has been an unauthorized access, direct use or sale of the information to a third party. Workers, it indicates, may be held liable “if they have breached their confidentiality and/or non-competition obligations.” In addition, selling this material to the adversary, says Pedrajas, “would be punishable by dismissal.” According to León Vidaller, a senior associate in the Criminal Law area at Garrigues, the employee “could even become criminally liable for the crime of disclosing business secrets”. As Vidaller explains, criminal proceedings are reserved for the most serious anticompetitive conduct, considered criminal, among which industrial espionage stands out. In Spain, he points out, there has been some conviction for this crime, “but they are very rare.” Many cases are shelved, he explains, “due to the difficulty of technically proving the meddling and seizure of company secrets.” However, he points out, in recent years these practices “have experienced great growth.”
In short, to avoid serious damage, companies must protect all their secrets. You never know when they may be before an invention like Coca-Cola.
Litigation for misappropriation of business secrets sometimes runs aground in the expert opinion on the confidential nature of the violated material. As prevention, points out Eric Maciá, lawyer and consultant in the Privacy and Information Security area of PONS IP, companies can use blockchain technology, which allows proof of the existence of information to be created and “can be admitted by the courts as expert evidence. However, it still does not enjoy the legal backing of “qualified time stamps” which, in accordance with the eIDAS Regulation, have a presumption of the accuracy of the date and time they indicate and the integrity of the linked data.