201-896-4100 info@sh-law.com

Protecting Your Business Data in a Social Media World

Author: Scarinci Hollenbeck|July 24, 2015

Mind Your Trade Secrets – Protecting Your Business Data in a Social Media World

Protecting Your Business Data in a Social Media World

Mind Your Trade Secrets – Protecting Your Business Data in a Social Media World

Facebook users spend more than 700 minutes per month on the site. Meanwhile, Twitter registers 230 million tweets per day.

Given the proliferation of social media, it is safe to assume that your employees —from corporate executives to sales staff to manufacturing line workers— spend at least some time using sites like Twitter, Facebook, LinkedIn, and Instagram. In addition to personal use, many businesses encourage employees to use social media to tout products, recruit clients and otherwise promote the company.

Social Media Poses IP Risks

While social media can be a useful business tool, it is also fraught with peril, particularly when it comes to intellectual property (IP) and trade secrets. For instance, a rogue employee could use it to deliberately disseminate a customer list to a competitor. Even more likely, an innocent employee could unknowingly tweet a picture with a top-secret project in the background. In either case, disclosure through social media can destroy valuable trade secret protection.

Under the Uniform Trade Secret Act, a “trade secret” is defined as:

Information, including a formula, pattern, compilation, program, device, method, technique, or process, that: (i) derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable by proper means by, other persons who can obtain economic value from its disclosure or use, and (ii) is the subject of efforts that are reasonable under the circumstances to maintain its secrecy.

Once proprietary business data is no longer secret, the protection of trade secret law disappears. Moreover, it generally does not matter whether the disclosure was intentional or accidental.  Importantly, if you do not take reasonable steps to protect your trade secrets, the law won’t protect your trade secrets either.

Social Media Policies Must Establish Clear Guidelines

To prevent sensitive business data from being disseminated with the click of a button, it is important to have a comprehensive social media policy in place. While every policy should clearly state that employees are required to maintain the confidentiality of the employer’s trade secrets and other confidential information, it is important to explain exactly what that means in the context of your business.

Thus, the most important part of any social media policy will clearly explain to employees what they are authorized to share online and what is off limits. This is best accomplished by providing concrete and numerous examples of prohibited disclosures, such as information regarding the development of new products, internal reports, and customer lists.

For company social media accounts, employers can impose more specific restrictions regarding ownership and use. For example, the policy should state that the employer is authorized to monitor the accounts, mandate password and privacy settings, and direct employees to remove content that may threaten IP. In addition, the policy should clearly state that the account belongs to the company, and employees forfeit access to the accounts once the employment relationship ends. In the absence of such provisions, an employee could walk away with valuable “followers.”

Don’t Create It and Forget It

Finally, simply having a policy in place is often not enough to protect trade secrets, customer lists, and other confidential information from dissemination via social media. Businesses must continually communicate and reinforce their policies through training and enforcement. Employees should understand that the goal of the policy is not to restrict their activities but to support a company-wide culture of protecting intellectual property and key business information.

 

Do you have any feedback, thoughts, reactions or comments concerning this topic? Feel free to leave a comment below for Fernando M. Pinguelo and follow the twitter accounts @CyberPinguelo and @eWHW_Blog for timely comments on related issues. If you have any questions about this post or would like assistance with your legal needs, please contact me or the Scarinci Hollenbeck attorney with whom you work.

To learn more about data privacy and security, visit eWhiteHouse Watch – Where Technology, Politics, and Privacy Collide (http://ewhwblog.com).

Protecting Your Business Data in a Social Media World

Author: Scarinci Hollenbeck

Facebook users spend more than 700 minutes per month on the site. Meanwhile, Twitter registers 230 million tweets per day.

Given the proliferation of social media, it is safe to assume that your employees —from corporate executives to sales staff to manufacturing line workers— spend at least some time using sites like Twitter, Facebook, LinkedIn, and Instagram. In addition to personal use, many businesses encourage employees to use social media to tout products, recruit clients and otherwise promote the company.

Social Media Poses IP Risks

While social media can be a useful business tool, it is also fraught with peril, particularly when it comes to intellectual property (IP) and trade secrets. For instance, a rogue employee could use it to deliberately disseminate a customer list to a competitor. Even more likely, an innocent employee could unknowingly tweet a picture with a top-secret project in the background. In either case, disclosure through social media can destroy valuable trade secret protection.

Under the Uniform Trade Secret Act, a “trade secret” is defined as:

Information, including a formula, pattern, compilation, program, device, method, technique, or process, that: (i) derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable by proper means by, other persons who can obtain economic value from its disclosure or use, and (ii) is the subject of efforts that are reasonable under the circumstances to maintain its secrecy.

Once proprietary business data is no longer secret, the protection of trade secret law disappears. Moreover, it generally does not matter whether the disclosure was intentional or accidental.  Importantly, if you do not take reasonable steps to protect your trade secrets, the law won’t protect your trade secrets either.

Social Media Policies Must Establish Clear Guidelines

To prevent sensitive business data from being disseminated with the click of a button, it is important to have a comprehensive social media policy in place. While every policy should clearly state that employees are required to maintain the confidentiality of the employer’s trade secrets and other confidential information, it is important to explain exactly what that means in the context of your business.

Thus, the most important part of any social media policy will clearly explain to employees what they are authorized to share online and what is off limits. This is best accomplished by providing concrete and numerous examples of prohibited disclosures, such as information regarding the development of new products, internal reports, and customer lists.

For company social media accounts, employers can impose more specific restrictions regarding ownership and use. For example, the policy should state that the employer is authorized to monitor the accounts, mandate password and privacy settings, and direct employees to remove content that may threaten IP. In addition, the policy should clearly state that the account belongs to the company, and employees forfeit access to the accounts once the employment relationship ends. In the absence of such provisions, an employee could walk away with valuable “followers.”

Don’t Create It and Forget It

Finally, simply having a policy in place is often not enough to protect trade secrets, customer lists, and other confidential information from dissemination via social media. Businesses must continually communicate and reinforce their policies through training and enforcement. Employees should understand that the goal of the policy is not to restrict their activities but to support a company-wide culture of protecting intellectual property and key business information.

 

Do you have any feedback, thoughts, reactions or comments concerning this topic? Feel free to leave a comment below for Fernando M. Pinguelo and follow the twitter accounts @CyberPinguelo and @eWHW_Blog for timely comments on related issues. If you have any questions about this post or would like assistance with your legal needs, please contact me or the Scarinci Hollenbeck attorney with whom you work.

To learn more about data privacy and security, visit eWhiteHouse Watch – Where Technology, Politics, and Privacy Collide (http://ewhwblog.com).

Firm News & Press Releases