Courtesy of CEB, we are bringing you selected legal developments in areas of California business law that are covered by CEB’s publications. This month’s feature is from the November 2020 update to Trade Secrets Practice in California. References are to the book’s section numbers. The most significant legal developments since the last update include developments in such important topic areas as trade secrets protection during the pandemic, workplace issues, trade secrets misappropriation, and ownership and disclosure issues.
Trade Secrets Practice in California
The first case to reject a trade secret claim on grounds that the information was nonsecret was Avocado Sales Co. v Wyse (1932) 122 CA 627; the rule has been applied many times since. See, e.g., Amgen Inc. v California Correctional Health Care Servs. (2020) 47 CA5th 716 (company disclosed information to registered purchasers and others). See §1.7.
In both the California Uniform Trade Secrets Act (CC §§3426–3426.11) and the federal Defend Trade Secrets Act of 2016 (DTSA) (Pub L 114–153, 130 Stat 376), an issue arises as to ownership if the trade secret has not been clearly identified. When defending against an allegation of trade secret misappropriation in a case where the plaintiff has not identified the trade secret “with sufficient particularity,” attacks should be considered against both ownership and the existence of a justiciable trade secret. See Lamont v Krane, (ND Cal., May 14, 2019, No. 5:18-cv-04327-EJD), 2019 US Dist Lexis 81451. See also CleanFish, LLC v Sims, (ND Cal., Mar 17, 2020, No. 19-cv-03663-HSG) 2020 US Dist Lexis 46191. See §2.1C.
In Techno Lite, Inc. v Emcod, LLC (2020) 44 CA5th 462, the court held that Bus & P C §16600 does not apply during employment; however, an employer is entitled to rely on the employees’ duty of loyalty owed to the employer. There is no statutory authorization or public policy that would allow employees to compete with their employer during employment. An employee who does so could be liable for fraud for false promise. See §§2.32, 4.6., 6.21., 11.90, 11.102.
Another area in which proof of trade secret ownership issues arise is where independent contractors are used to write computer programs. In the case of Citcon USA, LLC v RiverPay Inc. (ND Cal, May 31, 2019, No. 18-cv-02585-NC) 2019 US Dist Lexis 91630, the defendant moved for summary judgment claiming that the plaintiff had no ownership rights to the trade secret source code. The defendant claimed that it programmed the source code, not the plaintiff, and therefore, the defendant was the rightful owner. However, the plaintiff was able to provide documents showing that its employees as well as a second contractor company had also programmed parts of the source code. This was sufficient to raise an issue of fact, and the plaintiff prevailed against the summary judgment motion. See §2.32H.
The U.S. Copyright Office is a public entity, and the mere filing of a copyright registration application with that office constitutes a disclosure of the filed materials to the public. Filing may have the effect of destroying ownership of a trade secret because the information in the filed materials is no longer secret. See Patel Burica & Assocs. v Lin (CD Cal, Dec 19, 2019, No. 19-CV-01833 CAS) 2019 US Dist Lexis 218533, *14 (“defendants are correct that a plaintiff who discloses his trade secret information to the public by registering it with the copyright office extinguishes his right to protect that information from misappropriation as a trade secret.”). In Patel Burica, the court found that “the alleged trade secret materials (i.e., the CAD files and coded spreadsheets) are not the same as the materials that PBA claims to have filed publicly with the copyright office.” 2019 US Dist Lexis 218533, *14. The court then allowed the misappropriation of trade secrets case to proceed. See §2.34.
Even inadvertent or unintentional disclosure of trade secrets to the public, whether generally or only to a limited external audience of industry insiders or investors, destroys the “secret” status of the subject information and thus trade secret protection for such information. See, e.g., Amgen Inc. v California Correctional Health Care Servs. (2020) 47 CA5th 716, 734 (company previously disclosed information at issue to over 170 registered purchasers who were pharmacy benefit managers, who in turn were required by statute to inform their “large contracting public and private purchasers.” The information at issue was therefore not a trade secret. See §§4.2, 4.10, 10.31.
In Food Mktg. Inst. v Argus Leader Media (2019) 588 US___, 139 S Ct 2356, the U.S. Supreme Court held that where commercial or financial information is both customarily and actually treated as private by its owner and provided to the government under an assurance of privacy, the information is “confidential” within the meaning of the fourth Freedom of Information Act (FOIA) (5 USC §552) exemption. See §§4.27, 5.14, 17.9.
In February 2020, the U.S. government reported that the FBI is investigating over 1000 cases of Chinese theft of US-based technology, in all 56 of its field offices, spanning almost every industry and sector. See https://www.fbi.gov/news/speeches/responding-effectively-to-the-chinese-economic-espionage-threat. See §4A.1A.
The importance of a trade secret audit to ensure that trade secrets are adequately protected cannot be overemphasized, as high-profile cases of alleged trade secret theft continue to be reported on a regular basis. See, e.g., Niskayuna Man Pleads Guilty to Stealing Trade Secrets from GE (May 28, 2020), at https://www.justice.gov/usao-ndny/pr/niskayuna-man-pleads-guilty-stealing-trade-secrets-ge; Former Uber Self-Driving Car Executive Signs Agreement To Plead Guilty To Theft Of Trade Secrets From Google (Mar. 19, 2020), at https://www.justice.gov/usao-ndca/pr/former-uber-self-driving-car-executive-signs-agreement-plead-guilty-theft-trade-secrets. See §4A.2.
On May 13, 2020, the Federal Bureau of Investigation (FBI) and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) issued a joint Public Service Announcement (PSA) about a threat to academic institutions and business entities engaged in COVID-19-related research and development entitled People’s Republic of China (PRC) Targeting of COVID-19 Research Organizations. In the PSA, the FBI and CISA warned that PRC-affiliated cyber actors and nontraditional collectors may try to steal intellectual property and public health data related to COVID-19 vaccines, treatments, and testing. According to the PSA, “[t]he potential theft of this information jeopardizes the delivery of secure, effective, and efficient treatment options for our citizens.” The FBI and CISA issued the following recommendations:
- Assume that press attention affiliating your organization with COVID-19 related research will lead to increased interest and cyber activity;
- Patch all systems for critical vulnerabilities, prioritizing timely patching for known vulnerabilities of internet-connected servers and software processing internet data;
- Actively scan web applications for unauthorized access, modification, or anomalous activities;
- Improve credential requirements and require multifactor authentication; and
- Identify and suspend access of users exhibiting unusual activity.
See People’s Republic of China (PRC) Targeting of COVID-19 Research Organizations (May 13, 2020), at https://www.cisa.gov/news/2020/05/13/fbi-and-cisa-warn-against-chinese-targeting-covid-19-research-organizations. See §4A.7.
The COVID-19 pandemic led to a dramatic rise in the number of employees working remotely. Many corporate information technology (IT) departments have suddenly been stretched to capacity as they support a newly-remote workforce. Internal IT departments, working together with management in a thoughtful manner, can pivot their focus after the pandemic to shoring up their technical infrastructure for employees who continue to work remotely by doing the following:
- Researching and determining which data storage and transfer, videoconferencing, communications, presentation, and monitoring software and platforms are both secure and user friendly (so that employees actually utilize them and don’t look for workarounds that seem more convenient ).
- Implementing administrative safeguards on existing systems and databases, such as multitiered password protection, to ensure access is granted only to those employees who truly need such access, and setting up reminders that pop up every time an employee logs into the company’s systems, or into a particular database or program, of their obligation to maintain confidentiality.
- Maintaining and regularly checking logs monitoring access to sensitive data for unauthorized access, perhaps even setting up alerts for activities that raise red flags.
- Providing and requiring the use of company-issued computers and devices, or at the very least personal computers and devices that meet certain security standards and have protocols that permit the employer to lock and/or remotely wipe company data and have built in protections against hacking or other cyberthreats.
- Reinstituting or strengthening any security measures that were relaxed during the time of COVID-19 in the name of convenience or efficiency.
- Taking the time to perform a thorough trade secret audit to identify trade secrets, detect weaknesses in security, and implement effective technical protections, as well as policies and protocols for storing, accessing, using, and transferring data in a secure manner.
The California Public Records Act (CPRA) (Govt C §§6250–6276.48) provides that public records are open to inspection by members of the public unless exempted by law. See Govt C §§6253(a), (b), 6254. “‘In other words, all public records are subject to disclosure unless the Legislature has expressly provided to the contrary.'” American Civil Liberties Union Foundation v Superior Court (2017) 3 C5th 1032, 1038; Amgen Inc. v California Correctional Health Care Services (2020) 47 CA5th 716, 731. See §5.21.
The exemptions in Govt C §6254 “are permissive, not mandatory: They allow nondisclosure but do not prohibit disclosure.” Marken v Santa Monica-Malibu Unified School Dist. (2012) 202 CA4th 1250, 1262. See Govt C §6254, next to last paragraph (“This section does not prevent any agency from opening its records concerning the administration of the agency to public inspection, unless disclosure is otherwise prohibited by law”). Thus a government agency has discretion to invoke an exemption under Govt C §6254, but it is not required to do so, and a party bringing a reverse-CPRA action must show disclosure is “‘otherwise prohibited by law,'” that is, that the government agency lacks discretion to disclose. Amgen Inc. v California Correctional Health Care Services (2020) 47 CA5th 716, 732. See §§5.21, 5.22.
General and basic knowledge that is anticipated by prior art cannot be the subject of patent protection. See 35 USC §102; Internet Law and Practice in California, chap 2 (Cal CEB); California Business Litigation, chap 8 (Cal CEB); Rosenberg, Patent Law Fundamentals §§1.04, 7.00 (2d rev ed 2004). Also excluded from patent protection are laws of nature, physical phenomena, and abstract ideas. Mayo Collaborative Servs. v Prometheus Labs., Inc. (2012) 566 US 66, 132 S Ct 1289, 1293; Illumina, Inc. v Ariosa Diagnostics, Inc. (Fed Cir 2020) 952 F3d 1367, 1371 (claims at issue were not “directed to” a natural phenomenon but rather to a patent-eligible method that utilized it). See §10.30.
In Lange v Monster Energy Co. (2020) 46 CA5th 436, the court found an arbitration agreement to be unconscionable and unenforceable as it required the employee to waive punitive damages for all nonstatutory claims, allowed the employer to obtain an injunction without proving essential elements, and had a predispute jury trial waiver. See §11.12.
In Zehia v Superior Court (2020) 45 CA5th 543, 554, the court held that a substantial connection to California arose under the effects test from a nonresident’s alleged intentional conduct in sending targeted private social media messages directly to California residents, with knowledge that they were California residents, intending to disrupt their relationships with each other and to cause reputational injury in California through defamatory and harassing conversations, which was sufficient to establish purposeful availment of the forum’s benefits. See §11.13.
In MGA Entertainment, Inc. v Mattel, Inc. (2019) 41 CA5th 554, 565, the court held that a manufacturer’s misappropriation of trade secrets claims accrued when it suspected that a competitor was gaining knowledge of its trade secrets, and that the competitor’s alleged concealment of the nature and scope of misappropriation of trade secrets claims did not toll the statute of limitations. See §§11.21, 11.24.
Until the California Supreme Court’s decision in Ixchel Pharma, LLC v Biogen, Inc. (Aug. 3, 2020, No. S256927) ___C5th___, 2020 Cal Lexis 4876, it was uncertain whether Bus & P C §16600 extended beyond the employment setting to contractual restraints on business operations. In Ixchel, the California Supreme Court held that §16600 is best interpreted not to render void per se all contractual restraints on business dealings, but rather to subject such restraints to a rule of reason. The court found that it had a long history of applying a reasonableness standard to contractual restraints on business operations and commercial dealings. The court emphasized that it did not disturb the holding in Edwards and other cases that invalidated noncompetition agreements following the termination of employment or sale of interest in a business, but that those cases did not cast doubt on the applicability of a reasonableness standard to contractual restraints on business operations and commercial dealings. See §§11.90, 11.94.
Carefully drafted nonsolicitation-of-employees clauses may still be enforceable, although they will be closely scrutinized by the courts. See W.R. Berkley Corp. v Niemela (D Del, Oct. 24, 2019, No. 17-32 (MN)) 2019 US Dist Lexis 183772, **8 (acknowledging split in California authority addressing validity of antirecruitment covenants). See §11.94.
In Colucci v T-Mobile USA, Inc. (2020) 48 CA5th 442, 453, the court held that given the low to moderate range of reprehensibility of T-Mobile’s conduct, a 1.5-to-one ratio between punitive and compensatory damages was the federal constitutional maximum. See §12.22.
Because CD-ROMs are becoming obsolete and most software is distributed electronically online, click-wrap licenses, discussed in §16.41, are becoming the most common method for software distribution. A form of click-wrap license agreement has been added in §16.41A. This form is designed for a software company that may offer multiple products and refers out to a product description and licensee’s account online for some specific terms such as pricing and scope of use, i.e., how many license-seats are purchased. This form contemplates that the licensed software will be downloaded and run locally and that the licensee will need a product key to activate the software. See §§16.41, 16.41A.
In In re Global IP Holdings LLC (Fed Cir 2019) 927 F3d 1373, 1376 (citations omitted), the court explained that
This written description requirement is met when the specification clearly allows persons of ordinary skill to recognize that the inventor “invented what is claimed.” . . . . In other words, the test for sufficiency is whether the specification “reasonably conveys to those skilled in the art that the inventor had possession of the claimed subject matter as of the filing date.” . . . This test involves an inquiry into the four corners of the specification from the perspective of a person of ordinary skill. . . . Determining whether a patent complies with the written description requirement is a question of fact that necessarily varies depending on the context. . . . “[T]he level of detail required to satisfy the written description requirement varies depending on the nature and scope of the claims and on the complexity and predictability of the relevant technology.”
In Ariad Pharm., Inc. v Eli Lilly & Co. (Fed Cir 2010) 598 F3d 1336, the Federal Circuit affirmed the court’s prior decisions that 35 USC §112 requires that the written description of the specification “demonstrate possession” as well as enablement of the invention. See §16.61A.
The basic reason given by the Supreme Court for the exclusion of laws of nature, physical phenomena, and abstract ideas from patentability under 35 USC §101 is that laws of nature and natural phenomena are in essence manifestations of nature (i.e., not “new”), free to all, and reserved exclusively to none. Software, however, is not considered a law of nature or natural phenomenon. See, e.g., Uniloc USA, Inc. v. LG Elecs. USA, Inc. (Fed Cir 2020) 957 F3d 1303, 1306 (“[i]n cases involving software innovations, [patentability] often turns on whether the claims focus on specific asserted improvements in computer capabilities or instead on a process or system that qualifies an abstract idea for which computers are invoked merely as a tool. . . . We have routinely held software claims patent eligible under Alice step one when they are directed to improvements to the functionality of a computer or network platform itself”). See §§16.63, 17.11.
In Amgen Inc. v California Correctional Health Care Services (2020) 47 CA5th 716, the court held that a pharmaceutical manufacturer was not entitled to a preliminary injunction preventing a state agency from disclosing a drug price increase notice as a public record because the manufacturer did not show that confidentiality had been maintained after its disclosure to registered purchasers and others and thus did not meet its burden of proof under Govt C §6254(k) in asserting the trade secret privilege. See §17.9.
In Ajinomoto Co., Inc. v International Trade Commission (Fed Cir 2019) 932 F3d 1342, the Federal Circuit held that a “sufficient description of a genus … requires the disclosure of either a representative number of species within the scope of the genus or structural features common to the members of the genus so that one of a skill in the art can ‘viusalize or recognize’ the members of the genus. See §17.12.