The Secret Got Out! Yet Trade Secret Owner Loses IP Battle: A Lesson in the Importance of Properly Securing Trade Secrets
May 9, 2022
Trade secrets are a unique and powerful form of intellectual property. Yet, unlike the recognizable heavy hitters of copyright and patent, which come with dedicated government offices and specific time limits for protection, trade secrets emerged from the common law and can last forever. But, not infrequently, businesses fail to effectively safeguard their secrets and allow valuable information to leak, losing any possibility of relief under the law.
Such was the case for Turret Labs USA, Inc., a technology company that recently sued CargoSprint LLC and its CEO for misappropriation of a trade secret under the federal Defend Trade Secrets Act (“DTSA”) and New York common law.
This recent case teaches the importance of trade secrets and the lesson of an all-too-common pitfall that rights holders can suffer in failing to secure the assets that could well be a company’s bread and butter.
Turret Labs USA, Inc. v. CargoSprint, LLC
Turret Labs complained that CargoSprint improperly gained access to its Dock EnRoll software and reverse engineered it to create its own competing program. Dock EnRoll is described as a first-of-its-kind application that allows for payment of fees and scheduling of shipments based on synchronized real-time United States Customs release notifications.
With its software in hand, Turret Labs entered into a joint venture and exclusive licensing agreement with Lufthansa Cargo Americas and authorized Lufthansa to manage Dock EnRoll and grant access to other users. One of those users apparently was CargoSprint.
Turret Labs initially brought its case in the Eastern District of New York, and the district court dismissed the trade secret claims, ruling that Turret Labs failed as a matter of law to plead that Dock EnRoll was a “trade secret” under the DTSA and common law.
The Court of Appeals for the Second Circuit struck down its claims, affirming the district court’s ruling.
Where did Turret Labs go wrong?
The Cornerstones of Trade Secrets
First, some background on trade secret law. The law maintains a very broad definition of a trade secret—it can include almost anything that is (1) kept secret and (2) contains value. This could be any financial, business, scientific, technical, economic or engineering information, as well as marketing strategies, manufacturing plans, customer lists, etc. The list goes on.
Virtually anything you can keep secret that gives you a leg up can constitute a trade secret as long as the owner of that information has (1) taken reasonable measures to keep such information secret, and (2) the information derives independent economic value from not being generally known or ascertainable by others who could obtain value from knowing it.
It is usually not that difficult to prove the latter, that certain business information is valuable. Where many businesses go wrong is the way in which the vital information is kept secret.
While the DTSA gives little guidance on what constitutes “reasonable measures” to keep information confidential, various decisions over the last few decades teach that what measures are “reasonable” will depend on the nature of the trade secret at issue.
In situations where software is used or licensed by third parties, courts have established that the failure to execute a nondisclosure agreement or otherwise stipulate that certain software is proprietary evidences that a company has not taken reasonable measures to protect such information.
Thus, when seeking to bring a claim that another party has misappropriated a trade secret, it is necessary that the complaint contain sufficient facts to show that reasonable measures were taken, for example, the existence of confidentiality and nondisclosure agreements to maintaining secrecy. Otherwise, the law does not recognize that a “trade secret” existed for another party to misappropriate.
The Court’s Decision
Turret Labs alleged that CargoSprint gained unfettered access to Dock EnRoll by falsely presenting themselves to Lufthansa as freight forwarders. But the court stated that notably absent from the complaint was any specific allegation that Lufthansa, CargoSprint, or any other user of Dock EnRoll, was required to keep the software confidential.
Without a confidentiality agreement or other policies or practices in place for safeguarding the asserted trade secret, information shared with third parties who otherwise have no obligation to keep it confidential indicates that the trade secret owner did not take reasonable steps to safeguard its trade secrets.
Among the facts in the complaint, there were no allegations suggesting that users of Dock EnRoll were obligated to keep the software, client-facing functionality, or internal mechanics confidential. Therefore, there was nothing to stop any user from replicating the software after using it.
In its defense, Turret Labs argued that Dock EnRoll's physical servers were kept in monitored cages within a data center with restricted access and that access to the software was limited to those with usernames and passwords approved by Lufthansa. However, the court questioned the relevance of locked servers, stating that users of the software such as CargoSprint could simply be given access by Lufthansa and view and replicate Dock EnRoll's functionality.
Ultimately, the court concluded that Turret Labs failed to plead how any of its security measures might have prevented “unwanted intrusion” into its software. Turret Labs did not have confidentiality or nondisclosure agreements in place with Lufthansa or other users of Dock EnRoll, and in the absence of facts showing it took reasonable measures to keep its information secret, Turret Labs failed to show that it had a “trade secret” at all under the DTSA or New York common law. CargoSprint was free to use and learn from Dock EnRoll, reverse-engineer the software to create its own version, and compete directly with Turret Labs without misappropriating any trade secret.
* * *
Trade secrets are essential to any business, but there is more than a possibility that these valuable rights can be lost if businesses do not take the necessary steps to protect them. It is a matter of due diligence. Had Turret Labs implemented unambiguous and comprehensive confidentiality contracts to bind employees, vendors, partners, etc., from divulging information that they learn while in business together, it may have succeeded in its trade secret misappropriation claim.
The takeaway here is that contractual arrangements or declarations directed to proprietary trade secrets and confidentiality to which all users agree by their use must be put in place to properly secure and maintain trade secret rights. Businesses are well-advised to reexamine their efforts to ensure that their proprietary information stays safe.