Language selection


Trade secrets and location where data is stored

Disclaimer: The information provided in this factsheet is meant as an educational resource only and should not be construed as legal advice.

  1. Trade secrets include business information that has commercial value because of its secrecy - they are valuable assets to many companies.
    • The secret must be information with economic value due to not being known.
    • The secret must have value to those who cannot obtain the information on their own.
    • the secret must be subject to reasonable efforts to maintain its secrecy.
  2. Trade secrets protect all forms and types of financial, business, scientific, technical, economic, or engineering information, including patterns, plans, compilations, program devices, formulas, designs, prototypes, methods, techniques, processes, procedures, programs, or codes.
  3. Trade secrets are not to be confused with personal information. Personal information is information that can be used to identify an individual, and which is protected by Privacy Laws. Under the US Patriot Act, FBI agents may obtain, without a Court’s approval, personal information, including phone records, computer records, credit history, and banking history. If trade secrets are by chance included in the information provided, Government Agencies are prohibited under the Freedom of Information Act from disclosing private parties trade secrets, imparted under privileged or confidential circumstances. However, the trade secrets must be properly identified as such.
  4. The fact that some or all the components of the trade secret are public or well-known does not preclude protection for a combination, compilation, or integration of the individual elements, as a trade secret. Trade secrets may therefore consist of a compilation of data, public sources or a combination of proprietary and public sources.
  5. Trade secret protection is generally suited for matters that are not reverse engineerable by others. In case the trade secret becomes discovered independently, it obviously loses its value. In case it is more likely that an invention is able to be reverse engineered, other IP protection is preferable (e.g. patents).

Example 1:  Trade secret protection can be preferable for algorithms and codes, since it is difficult to reverse engineer unless accessed illegally. However, in case of hardware, this may be taken apart by a competitor to review how it works and then be reverse engineered. Obtaining patent protection may then be preferable for innovative hardware.

  1. “Negative trade secrets” are intended to protect a company’s secret know-how gained from extensive research investment about what does not Any company seeking to protect this type of IP should sufficiently narrow the negative trade secrets so it doesn’t overlap with an entire field or industry, otherwise a Court would be reluctant to recognize it as trade secrets. For a negative trade secret to succeed a company needs to identify specific documents or data that included negative knowledge.
  2. In Canada and the United States, there is no formal registration process for obtaining protection for a trade secret. However as described above the owner is subject to reasonable efforts to maintain it’s secrecy. In Canada, there are no robust statutes for enforcing trade secrets (except for the provision in the Criminal Code for violating or unlawfully communicating a trade secrets) and protection of trade secrets remains governed largely by judicial precedent. In the United States Enforcing the protection of your trade secret may be sought through:
    • The Economic Espionage Act of 1996, which criminalizes trade theft.
    • The Defend Trade Secrets Act of 2016, which is an amendment to the Economic Espionage act, and provides trade secret owners with a reliable way to protect their trade secrets anywhere in the US.
    • US Courts may protect a trade secret by ordering that misappropriation be stopped, by ordering that the secret be protected from exposure to the public, or by seizing a misappropriated trade secret.
    • Courts can award damages, court costs, etc. to the victim of trade secret theft, if warranted.
  3. In Canada and the US, companies must do their due diligence to ensure that their trade secrets are protected. Considerations include:
    • Limiting the number of people with access to information on the trade secret and documenting who specifically has access to what information.
    • Ensuring that employment Agreements contain non-disclosure, confidentiality, and non-compete clauses, and should specifically refer to the non-disclosure of trade secrets.
    • Business agreements: If a trade secret must be shared with another party, ensuring that the other party has first signed a confidentiality or non-disclosure agreement (NDA).
    • Securing your trade secrets by implementing at least the following measures:
      • Physically secure printed copies under lock and key and keep a record of who has access to the information.
      • If you store your data online (for example on the cloud), being aware of cybersecurity threats is critical when it comes to protecting trade secrets. here are useful standards and guidelines for addressing enhanced security requirements, such as those published by the National Institute of Standards and Technology (NIST).
      • Wherever you store your data, make sure it is secure: data breaches and hackers can target your business, gaining access to your patent portfolio and beyond.
    • Marking trade secrets as “Confidential”.
    • Securing your online IP information should include data encryption or investing in enhanced IT security.

Example 2: In the Courtcase Yellowfin Yachts, Inc. v. Barker Boatworks LLC, the Court affirmed that the information was not protected as a trade secret because of insufficient reasonable efforts to maintain secrecy. The employee who allegedly stole the trade secret refused to sign employment agreement which stated that the employee would keep all trade secrets in confidence. Despite this refusal, the employee was still given access to the information and encouraged to store information on a personal laptop and phone, and did not receive instructions to secure the information on his personal devices. Moreover, the company failed to mark the information as confidential and the employee was never asked to delete the information from his personal devices after he left the company.

Key considerations for Canadian companies:

Additional information:

Date Modified: