employees may be transferring trade
secrets completely by mistake simply by
owning a smartphone. Storing confidential
information and/or trade secrets on cloud
storage services can pose serious risks to
the protection of that information.
Typical sources of cloud computing
include Google Drive, Apple's iCloud,
Dropbox, Amazon Web Services and
Google's Chromebook. Data in the cloud,
for the most part, is stored in privately
owned or third-party data centers that
may be located anywhere in the world.
ability to store your data on remote servers
maintained by the service provider. This
means that the data is not solely within
your control, and that some unknown
person could be looking at your data.
The threat of a cyber-attack is
particularly concerning. Information thefts
and security breaches to the cloud are
becoming increasingly common. After
information is uploaded to the cloud,
it is a potential target for hackers and
others with illicit motives. In the event
of a cyber-attack, this could expose your
company's most valued trade secrets.
In light of the potential exposure of
confidential information being exposed
in the cloud, a business should consider
using cloud storage for non-confidential
information, while storing all confidential
information on locally controlled devices.
Despite taking this precaution, an
employee could still inadvertently violate
a confidentiality agreement without
knowing it. For example, it is common for
employees to conduct business on their
smartphones. An employee may respond
to emails or text messages on their phone,
and the content of those messages may
contain confidential information such
as trade secrets or customer lists. Once
those messages are obtained on a cellular
device, those messages are stored in
the cloud by a third-party provider and
the business no longer has control of
the information. The transfer of this
information generally occurs without
the user even knowing it or taking into
consideration what information is being
sent to the cloud. For example, the
cellular device will have an automatic
backup without the user being notified
that the transfer has occurred.
turned off to avoid such a problem.
However, the newest updates from cell
phone hardware companies require the
use of cloud storage. In addition, cell
phone hardware companies also have
a voluminous terms and agreement
requirement for the use of the newest
software, including the use of the cloud.
The person accepting those terms agrees
to them on a take-it-or-leave-it basis.
Consequently, the user has no choice
but to accept the terms of the agreement
which may allow the transfer of trade
secrets to the cloud.
This potential issue does not
necessarily end with smartphones. Trade
secrets may also be exposed to the cloud
on a personal computer through the same
process described above automatic
backup. For example, with the best of
intentions, an employee can access highly
confidential trade-secret information in
the cloud from his/her home computer.
Though the information is otherwise
secure, once the employee accesses that
information from his/her home computer, a
copy of that file resides on the employee's
computer and is no longer controlled
by the company. This setup could even
be known to the company. But once
information is stored in the cloud, there is
an increased risk of unauthorized access
and use of that information to potential
hackers. Of course, an employee also
could obtain the information for dishonest
purposes.
Whether a company took adequate
measures to protect the information is
generally the critical issue in trade secret
litigation. If a court finds a failure to
adopt reasonable measures to safeguard
Spicer Rudstrom PLLC. He serves as the firm's
lead attorney for research and writing, including
dispositive motions and pretrial motions with
an emphasis on appellate briefs for all of the
firm's attorneys. He works with domestic and
international companies, providing them with
in-depth analysis of often very complex issues
arising under Tennessee law and surrounding
jurisdictions.
414 Union Street, Suite 1700
Nashville, Tennessee 37219
spicerfirm.com