A trade secret is any confidential business information that provides a company a competitive advantage and is subject to reasonable efforts to keep it secret. Examples include formulas, processes, algorithms, manufacturing methods, customer lists, pricing strategies, product roadmaps, marketing plans and internal decision‑making processes. Unlike patents, trade secrets are not publicly disclosed and can last indefinitely so long as they remain secret and retain economic value.
Why trade secrets matter
– They can be a core source of revenue and differentiation (e.g., Coca‑Cola’s formula, Google’s search algorithm).
– Protection is often less costly and faster than patenting (no filing, prosecution or disclosure required).
– When lost, the company can lose market share, pricing power, or its business model.
Legal framework (U.S. overview)
– State law: Most U.S. states have adopted some version of the Uniform Trade Secrets Act (USTA). State courts handle many trade secret disputes (Kewanee Oil Co. v. Bicron Corp., 1974 recognized states’ role).
– Federal criminal law: Economic Espionage Act of 1996 (18 U.S.C. Chapter 90) criminalizes theft and espionage of trade secrets.
– Federal civil law: Defend Trade Secrets Act (DTSA) of 2016 (S.1890) created a federal civil cause of action for trade secret misappropriation and added remedies such as injunctions, damages, and in some cases, seizure of property and exemplary damages. DTSA also provides whistleblower immunity for certain disclosures to government officials or in connection with reporting a violation of law.
– Regulatory context: Other rules can affect protection strategies (for example, the FTC banned noncompete clauses for most workers in April 2024).
What qualifies as a trade secret
Under U.S. law (18 U.S.C. §1839), information is a trade secret if:
1. It is not generally known or readily ascertainable by proper means to persons who can obtain economic value from its disclosure or use.
2. It derives independent economic value from being secret.
3. The owner has taken reasonable measures to keep it secret.
What cannot be a trade secret
– Information that is public knowledge or easily reverse‑engineered through lawful means.
– Facts or ideas that have no independent economic value.
– Information whose owner failed to take reasonable steps to maintain confidentiality (e.g., leaving documents on a public server).
– Something disclosed in a patent application (patenting requires public disclosure in exchange for exclusivity).
– Internal knowledge that has become widespread in the industry.
How long trade secret protection lasts
Indefinitely — as long as the information:
– Continues to provide economic value because it is secret, and
– Reasonable steps are taken to maintain its secrecy.
If the secret is leaked, reverse‑engineered, independently discovered, or publicly disclosed, protection ends.
Common remedies for misappropriation
– Injunctions to stop use or disclosure.
– Monetary damages for actual loss or unjust enrichment; where necessary, a reasonable royalty.
– Exemplary (punitive) damages and attorney’s fees in cases of willful and malicious misappropriation.
– Under DTSA, extraordinary seizure orders in narrow circumstances to prevent dissemination.
Practical, step‑by‑step guide to protecting trade secrets
1. Identify and classify secrets
• Conduct a trade secret inventory or audit: list formulas, processes, algorithms, customer lists, business plans, pricing models, technical drawings, source code and other sensitive data.
• Classify by sensitivity (e.g., “Top Secret,” “Confidential,” “Internal Use Only”) and by who needs access.
2. Apply access control and need‑to‑know principles
• Limit access to employees, contractors and vendors strictly on a need‑to‑know basis.
• Use role‑based permissions for files, systems and physical areas.
• Maintain a list of who has access and why.
3. Use written agreements
• Require employees, contractors and vendors to sign confidentiality/non‑disclosure agreements (NDAs).
• Include definitions of confidential information, permitted uses, duration, return/destruction obligations, and remedies for breach.
• For key employees, use assignment‑of‑inventions clauses so the company owns developed IP. (Note: noncompete enforceability may be limited—check current jurisdictional rules, and be aware of the FTC’s April 2024 noncompete ban in the U.S.)
4. Implement physical and digital security
• Physical: locked storage for documents and prototypes, badge or key access, visitor logs, and secure printing policies.
• Digital: encryption at rest and in transit, multi‑factor authentication, endpoint protection, firewalls, data loss prevention (DLP) tools, network segmentation, secure backups.
• Mark documents clearly with confidentiality legends and watermarking when appropriate.
5. Monitor, log and audit
• Keep access logs and audit trails for sensitive files and systems.
• Monitor unusual access patterns, large downloads, or off‑hours activity.
• Perform periodic audits of who has access and whether that access is still needed.
6. Train employees and build a confidentiality culture
• Provide regular training on what constitutes a trade secret, handling procedures, phishing awareness and reporting mechanisms.
• Make confidentiality expectations part of onboarding and performance reviews.
7. Manage employee departures and third‑party relationships
• Conduct exit interviews that review confidentiality obligations and retrieve devices/materials.
• Revoke digital access immediately upon an employee’s departure.
• Use strong contractual protections with vendors and include flow‑down confidentiality clauses for subcontractors.
8. Mark when disclosure is necessary (patents, partnerships)
• If commercial strategy requires publicly disclosing an invention, consider patent protection before disclosure since patents require publication but confer time‑limited exclusivity.
• For partnerships or joint development, use tailored agreements (NDAs, joint ownership provisions, delineated usage rights).
9. Prepare an incident‑response and enforcement plan
• Establish procedures to preserve logs, devices and evidence of unauthorized access.
• Identify internal decision‑makers and legal counsel to evaluate misappropriation.
• Consider sending a cease‑and‑desist letter early, injunctive relief if needed, and whether to bring claims under state law or DTSA.
• If criminal theft or espionage is suspected, involve law enforcement.
10. Periodically re‑evaluate protection measures
• Reassess the value and classification of information, especially when processes change.
• Update security measures and legal agreements to reflect new technologies and laws.
Sample trade‑secret checklist for small/mid‑sized businesses
– Have we listed and classified all potentially secret information?
– Are NDAs in place for employees, contractors and vendors?
– Are key systems encrypted and access‑logged?
– Do we conduct employee training at least annually?
– Do exit procedures remove access and recover assets?
– Do suppliers/subcontractors have contractual confidentiality obligations?
– Are we prepared to preserve evidence and engage counsel if misappropriation occurs?
Practical tips and best practices
– Document “reasonable measures” — courts often look for objective proof (policies, training records, access logs, NDAs).
– Don’t rely solely on secrecy if a product will need broad commercial licensing or public adoption; consider patents where appropriate.
– For software, protect source code via access restrictions, code reviews, and split responsibilities where feasible.
– Be mindful of whistleblower protections: ensure compliance with laws that protect certain disclosures to government officials or in legal proceedings (DTSA’s whistleblower immunity provision).
When to involve counsel
– If you suspect theft, prepare to preserve evidence immediately and contact an attorney experienced in trade secrets and DTSA matters.
– Counsel can advise whether to seek injunctive relief, monetary damages, or an ex parte seizure (a narrow, extraordinary remedy under DTSA).
– For cross‑border issues, get counsel with international experience because other jurisdictions treat trade secrets differently.
Examples (real‑world)
– Coca‑Cola reportedly keeps its syrup formula secret and stored under tight physical security — a classic example of a long‑lived trade secret.
– Google’s search algorithm and other proprietary ranking systems are kept confidential to preserve competitive advantage.
– The New York Times Bestseller list process is an example of a process that relies on partly confidential methodology to achieve business objectives.
The bottom line
Trade secrets are a flexible, potentially long‑lasting form of intellectual property that depend entirely on secrecy and reasonable protections. Businesses should systematically identify what qualifies as a trade secret, adopt practical administrative and technical controls, use strong agreements, train staff, and be ready to enforce rights through state and federal law (including the DTSA). With clear policies and consistent practices, companies can preserve the value of their most sensitive information and respond quickly if it is threatened.
Sources and further reading
– Investopedia, “Trade Secret” (Mira Norian)
– United States Congress, S.1890 — Defend Trade Secrets Act of 2016
– Cornell Law School, Legal Information Institute, 18 U.S. Code Chapter 90 (Protection of Trade Secrets)
– Cornell Law School, LII, “Trade Secret” (definition from 18 U.S.C. §1839)
– United States Patent and Trademark Office, Trade Secrets/Regulatory Data Protection — /
– FTC, “FTC Announces Rule Banning Noncompetes” — /
– FindLaw, Kewanee Oil Co. v. Bicron Corp., 416 U.S. 470 (1974) — /
– The Coca‑Cola Company, “Is the Coca‑Cola Formula Kept Secret Because the Company Has Something to Hide?” — /
– Novlr, “The Reading Room: The New York Times Bestseller Lists Explained” — /
Editor’s note: The following topics are reserved for upcoming updates and will be expanded with detailed examples and datasets.