Trade secrets are a valuable asset — guard them or die

Most startups aren’t doing enough to identify and keep trade secrets safe. Don’t be like most startups.

There’s a place for patents in your intellectual property (IP) strategy, but there’s a glaring problem right at the heart of the patent process: In order to apply for a patent, you have to describe, in excruciating detail, whatever it is you are patenting.

A trade secret is the secret sauce that makes your company special

To many software-heavy tech startups, algorithms — whether they run as part of your firmware on a device, or as software in the cloud — are a critical part of the value of the business. Protecting them appropriately is crucial. Unfortunately, many companies I’ve worked with take the notion of trade secrets lightly or, worse still, pay them no attention at all.

So, what’s a trade secret? Basically, it’s the secret sauce that makes your company special —the things you do that nobody else does, and ultimately what makes your product valuable to your customers. Trade secrets are the things that can’t be easily reverse-engineered by picking apart your hardware or looking at the front-end code of your site.

We asked Peter Miller, partner at the Run8 patent group, for his advice on the best ways for startups to keep their trade secrets safe. Here’s what he suggested for best practices:

Step 1 — Identify your trade secrets

Your startup’s broader intellectual property strategy will eventually have a number of different elements. Let’s use Apple, which guards its IP as fiercely as anyone, as an example.

Apple trademarks the names of its products and their features. It patents hardware and software technologies to protect those innovations from infringement. Apple also uses copyright law to safeguard original works, like the iOS source code. To lay legal claim to any of the above, Apple makes public filings. You can see examples here, here and here.

The outlier is the trade secrets. Apple owns multiple patents for its Siri voice assistant that explain her purpose and functionality, but not a single one reveals explicitly how Siri processes voice requests and conjures up an answer. That behind-the-scenes wizardry is a trade secret.

To Patent or to keep a Trade Secret? That’s the question.

Purely mechanical innovations are usually pretty easy to copy or reverse-engineer. In those instances, you’ll want to shackle up your IP thoroughly.

There may not be a definitive answer for whether you should hide your innovations away in the darkness of a trade secret or patent them in the glaring spotlight of the patent process. Ask yourself: If a competitor were to copy your tech, would you be able to tell? If the answer is yes, you’re probably looking at a patent. If not, it’s a trade secret.

“Is your technology exposed at some level of abstraction? Can your methods be easily inferred? Is it possible to tear down your hardware or and see exactly how it works?” asks Peter Miller from Run 8. “If the answer is yes, the technology should be protected by a patent application — a trade secret wouldn’t stand the test of time under those circumstances.”

If there is no easy way to reverse-engineer your product, you potentially have a trade secret worth protecting. If potential competitors can see the data that goes in and the data that comes out, but not how it is manipulated inside your software, you should guard that trade secret closely. Google makes an excellent example: There’s an excellent reason why the company hasn’t patented its search algorithms. For one thing, the algos themselves are are in constant flux, but more importantly, filing a patent would be to surrender a gargantuan competitive advantage.

It’s also important to consider your timeline. A patent offers protection for just 20 years. Do you believe your unique means and methods will continue to be profitable beyond two decades? That may nudge you towards ticking the trade secrets box. In the Google example, had the company gone the patent route, the contents of that filing would be legally free for anyone to use… right about now.

You don’t have to decide now.

If you’re unsure which category your innovation falls into, there’s no need to decide immediately. Filing a provisional patent application gives you 12 months to make up your mind. During this time, the patent remains unpublished by the United States Patent & Trademark Office (USPTO), and you can continue evaluating the strategy.

After 12 months, you reassess. Is this idea still valuable to your company? Does it seem to fall most squarely in the patent bucket? If so, move forward with a non-provisional patent application. Still not sure? File a non-provisional patent application, with a non-publication request to delay publication of that application until after it issues as a patent. If it looks like this technology should be a trade secret, you can let the provisional expire, and the Patent Office will shred it as if it never existed. However, that doesn’t mean the resources spent on the provisional application were wasted — that provisional application can now be used as internal trade secret documentation for your company.

“Going through the official process helps you to encapsulate your concepts. The resulting documents can also be used internally to communicate to new employees the information you consider to be secret,” says Miller. “Rather than just saying, ‘Don’t talk about this,’ you can hand them the patent application and have them sign off on it.”

Which brings us to protection…

Step 2 — Defining your trade secrets

It’s important to run the “need-to-know basis” test. Who in your company really needs to know the secret recipe, to do their job to the fullest of their ability? If so, do they need to know the entire blend?

If you fail to clearly ring-fence your trade secrets, it makes them next to impossible to defend in court.

You need to have a document that clearly describes which parts of your product are trade secrets. When you’ve decided what the secrets are, and who needs to have access to these secrets, ensure everyone on that list signs a non-disclosure agreement (NDA). Your employees probably already have one as part of their employment contract — and if they don’t, perhaps they should — but the key is to cover any trade secrets comprehensively. The NDA is a legally-binding document preventing unauthorized sharing of confidential information.

“It is crucial that there’s zero room for interpretation,” says Peter Miller. “The reason for that comes up later in the process — if you fail to clearly ring-fence your trade secrets, it makes them next to impossible to defend in court.”

Step 3 — Marking your trade secrets

Mark each of your trade secrets whenever people need to interact with them. Any internal document, project folder, email correspondence, or element of source code should be marked as CONFIDENTIAL. Wherever possible, password-protect access to those items. All of the major cloud storage services offer password protection. Here’s how to do it on Dropbox, for example. If you use GitHub, consider having your trade secrets locked down in a different access group than the main code repositories.

If possible, “black box” your trade secret source code and data. Abstracting the software as services, accessible via secure APIs, for example, means that only a subset of your developers needs access to the sensitive materials. Of course, this does increase the overhead somewhat, but reducing the number of people who interact with the secret sauce recipes is very helpful.

Finally, if an employee moves on to a new company, their exit interview is your final opportunity to impress upon them exactly what was agreed when the NDA was signed. Remind them in no uncertain terms what’s on the line if they breach the trust you’ve placed in them, and the repercussions of doing so.

Step 4 — Keeping your trade secret regime current

Trade secrets are atemporal. Google’s search algorithm has altered continuously since the very first version was taken in use 20 years ago — and your company’s special sauce will as well. As you grow, you’ll also develop new secrets to keep under lock and key, while adapting the ones you have to account for new developments.

Stay on top of communicating your developing trade secret landscape with your employees. Update the documents we mentioned above and ensure those who need to know are informed. As a matter of habit, carve out some time at regular company meetings to ensure any changes are discussed.

Step 5 — Cross your fingers that you never have to enforce trade secrets…

Let’s recap with a checklist:

  • Identify your trade secrets clearly, and ring-fence them in a different way than you would company patents.
  • Carefully choose with whom you share the trade secrets internally.
  • Protect the secrets with non-disclosure agreements and through exit interviews with departing staff.
  • Mark documents and files as confidential and limit access as far as possible.
  • Continually update those documents to reflect changes to/newly identified secrets.
  • Communicate those changes with relevant stakeholders accordingly.

By ticking the boxes in that checklist, you’re hedging your bets in the hope that you never have to experience the pain of trade secret misappropriation. Once that genie is out of the bottle, it’s never going back in.

Should a former employee attempt to take your trade secrets to a competitor, you won’t always be able to rely on good corporate citizenry (like this) to rumble the plot — corporate espionage is rare in the startup world, but it is not unheard of for someone to try to poach key employees specifically to obtain trade secrets.

Let there be comeuppance…

The Defend Trade Secrets Act of 2016 grants the owner of a trade secret the power to file a private civil suit alleging theft or misuse of trade secrets. While we’ve endured endless instances of patent infringement litigation in recent years, far fewer cases pertain to the alleged theft of trade secrets. It could be that instances are less common, undetected or unenforced — but two high-profile lawsuits do spring to mind: Jawbone vs. Fitbit and Waymo vs. Uber.

In the case of Waymo (Google’s autonomous car division) vs. Uber, the former alleged that a single employee had taken trade secrets from Waymo to Uber, which allegedly used them to help build a rival technology. This case was settled during the trial, with no guilt determined. Uber agreed to hand Waymo 0.34% of its equity (at the time worth $245m) and pledged not to use Waymo’s trade secrets in developing its own self-driving car fleet.

Prior to Jawbone’s demise, it alleged broad theft of trade secrets by former employees, even claiming that some of its technology appeared within Fitbit’s devices. A civil suit found no evidence of misappropriation in 2016. However, in June 2018, six current and former Fitbit employees were indicted by federal investigators on criminal charges of trade secret theft. That case is ongoing.

Such cases could eventually discourage anyone from running off with that confidential folder on a thumb drive. However, there’s no precedent for financial compensation or punitive measures that make the loss of company’s most closely guarded secrets anywhere close to worth it. It’s unlikely there ever will be.

The onus is on you: Keep your patents close, and keep your trade secrets closer.

VP of Marketing
Haje is Bolt's VP of Marketing. Before joining the world of venture capital, he was a serial entrepreneur and a journalist. You can find Haje on LinkedIn and on Twitter.

Bolt invests at the intersection of the digital and physical world.