December 9, 2022

The Defend Trade Secrets Act and Whistleblowers

As Freedom to Tinker readers know, I’ve been an active opponent of the federal Defend Trade Secrets Act (DTSA). Though my position on the DTSA remains unchanged, I was both surprised and pleased to see that the revised Defend Trade Secrets Act now includes a narrow, but potentially useful, provision intended to protect whistleblowers from trade secret misappropriation actions.

As attendees at yesterday’s wonderful CITP talk by Bart Gellman were fortunate to hear, whistleblowing remains a critical but imperfect tool of public access to the internal operations of our institutions, from corporations to government. Trade secrecy operates in the opposite direction, and has the robust ability to thwart regulation, limit public accountability, and criminalize whistleblowing. I’ve regularly called trade secrecy the most powerful intellectual property law (IP) tool of information control, as it prevents not just use of, but access to and even knowledge about the very existence of information. Indeed, it surpasses other IP law in that power by a wide margin. Thus, if the DTSA is moving forward, the inclusion of even a limited whistleblower exception in the DTSA is a good thing.

Nonetheless, it is very important to recognize what this provision won’t achieve. As written, the provision prevents liability under federal and state trade secret law for “the disclosure of a trade secret that … is made … in confidence to a Federal, State, or local government official, either directly or indirectly, or to an attorney; and … solely for the purpose of reporting or investigating a suspected violation of law; or … is made in a complaint or other document filed in a lawsuit or other proceeding, if such filing is made under seal.” Thus, as written, the provision does not appear to immunize sharing trade secret information with the press or the public at large. As Gellman’s work has shown, the press is often the first and only avenue for access to critical information about our public and private black boxes.

[Read more…]

Updating the Defend Trade Secrets Act?

Despite statements to the contrary by sponsors and supporters in April 2014, August 2015, and October 2015, backers of the Defend Trade Secrets Act (DTSA) now aver that “cyber espionage is not the primary focus” of the legislation. At last month’s Senate Judiciary Committee hearing, the DTSA was instead supported by two different primary reasons: the rise of trade secret theft by rogue employees and the need for uniformity in trade secret law.

While a change in a policy argument is not inherently bad, the alteration of the core justification for a bill should be considered when assessing it. Perhaps the new position of DTSA proponents acknowledges the arguments by over 40 academics, including me, that the DTSA will not reduce cyberespionage. However, we also disputed these new rationales in that letter: the rogue employee is more than adequately addressed by existing trade secret law, and there will be less uniformity in trade secrecy under the DTSA because of the lack of federal jurisprudence.

The downsides — including weakened industry cybersecurity, abusive litigation against small entities, and resurrection of the anti-employee inevitable disclosure doctrine — remain. As such, I continue to oppose the DTSA as a giant trade secrecy policy experiment with little data to back up its benefits and much evidence of its costs.

New Professors' Letter Opposing The Defend Trade Secrets Act of 2015

As Freedom to Tinker readers may recall, I’ve been very concerned about the problems associated with the proposed Defend Trade Secrets Act. Ostensibly designed to combat cyberespionage against United States corporations, it is instead not a solution to that problem, and fraught with downsides. Today, over 40 colleagues in the academic world joined Eric Goldman, Chris Seaman, Sharon Sandeen and me in raising a variety of concerns about the DTSA in the following letter:

Professors’ Letter in Opposition to the Defend Trade Secrets Act of 2015.

Importantly, this new letter incorporates our 2014 opposition letter. As we explained,

While we agree that effective legal protection for U.S. businesses’ legitimate trade secrets is important to American innovation, we believe that the DTSA—which would represent the most significant expansion of federal law in intellectual property since the Lanham Act in 1946—will not solve the problems identified by its sponsors. Instead of addressing cyberespionage head-on, passage of the DTSA is likely to create new problems that could adversely impact domestic innovation, increase the duration and cost of trade secret litigation, and ultimately negatively affect economic growth. Therefore, the undersigned call on Congress to reject the DTSA.

We also call on Congress to hold hearings “that focus on the costs of the legislation and whether the DTSA addresses the cyberespionage problem that it is allegedly designed to combat. Specifically, Congress should evaluate the DTSA through the lens of employees, small businesses, and startup companies that are most likely to be adversely affected by the legislation.”

I will continue to blog on the DTSA as events warrant, and encourage Freedom to Tinker readers to contact their members of Congress and urge them to vote against the DTSA.


The Defend Trade Secrets Act Has Returned

Freedom to Tinker readers may recall that I’ve previously warned about legislation to create a federal private cause of action for trade secret misappropriation in the name of fighting cyber-espionage against United States businesses. Titled the Defend Trade Secrets Act (DTSA), it failed to move last year. Well, the concerning legislation has returned, and, although it has some changes, it is little better than its predecessor. In fact, it may be worse.

Therefore, Sharon Sandeen and I have authored a new letter to Congress. In it, we point out that our previously-stated concerns remain, both stated by a previous letter and in a law review article entitled Here Come The Trade Secret Trolls. In sum, we argue that  combined “with an ex parte seizure remedy, embedded assumption of harm, and ambiguous language about the inevitable disclosure doctrine, the new DTSA appears to not only remain legislation with significant downsides, but those downsides may actually be even more pronounced.” Moreover, we assert that “the DTSA still does not do much, if anything, to address the problem of cyber-espionage that cannot already be done under existing state and federal law.”

In the letter, we call on Congress to abandon the DTSA. In addition, we ask that “there be public hearings on (a) the benefits and drawbacks of the DTSA, and (b) the specific question of whether the DTSA addresses the threat of cyber-espionage.” Finally, we encourage Congress to consider alternatives in dealing with cyber-espionage, including much-needed amendment of the Computer Fraud and Abuse Act.

The Chilling Effects of Confidentiality Creep

Today, North Carolina’s Governor Pat McCrory has a bill on his desk that would make it impossible for the public to find out what entities are supplying the chemical cocktail – the drugs – to be used for lethal injections in North Carolina. Known as the Restoring Proper Justice Act (the “Act”), it defines  “confidential information” as including the “name, address, qualifications, and other identifying information of any person or entity that manufactures, compounds, prepares, prescribes, dispenses, supplies, or administers the drugs or supplies” used in lethal injections, thereby shutting down mandatory public access to basic information involved in extinguishing life in the name of justice. Secret suppliers are but one effect of this legislation; the Act also allows executions to resume in North Carolina and permits a wide range of medical professionals (not just a doctor) to assist in executions.

Call this an example of “confidentiality creep” – quiet, under-scrutinized expansion of the kinds of information deemed inappropriate for public consumption. The Act does not call this information a “trade secret” – information that is valuable because it is not known by a competitor – even though some of it could conceivably be that. Nor is it defined as the “property” of a private person or entity, even though “qualifications” might be deemed such. No; this information is designated “confidential” simply because the Legislature says that it is. It’s a new category in the law.

Before you stop reading, consider that confidentiality creep is not an abstraction, of interest merely to commercial law, freedom of information, and privacy nerds. Regardless of your personal views about the death penalty, whenever the government designates any information secret, we should all take a close look.

The expansion of confidentiality could have repercussions beyond mere access to information. To the extent that we untether legal confidentiality from any clear theoretical grounding – privacy, property, commercial ethics, contract – it runs the risk of being a powerful catch-all, subject to abuse. Slowly, if unchecked, we might expect that the work of cybersecurity researchers, journalists, civil society groups, and anyone else who accesses information deemed “confidential” would be threatened. Those “chilling effects” so prevalent in copyright could become even more powerful where information is used in a way unflattering to those who wave the confidentiality wand, backed by a rudderless law.

As to this particular case of confidentiality creep, there are very real and pernicious impacts. For example, if the Act becomes law, cruel and unusual punishment challenges in North Carolina would be subject to drug manufacturers’ preference not to be bothered. Investigators of gruesome botched executions, which have occurred in other states, would now have to jump an unknown hurdle so as to gather information about the drugs used. After all, the public might want to know how a drug was manufactured, where, under what conditions, and the like. But under the Act – if enforcedall identifying information would have to be gathered by leak, a whistleblower, or by exploiting a mistaken release of information, which might then render the information excluded from evidence.

But wait: the Act’s title suggests that it is supposed to be “restoring proper justice.” Surely there must be a good reason for this confidentiality? According to press reports, the best (and perhaps only) apparent reason is a concern that, if identified, these manufacturers will choose not to provide the drugs out of fear of litigation by death penalty opponents, or be forced not to by a court. North Carolina Policy Watch reported that Sen. Buck Newton explained that confidentiality is needed “so that they aren’t litigated to death in order to prevent them from selling these drugs to the state.” Additionally, Rep. Leo Daughtry, a sponsor of the Act, noted that “if you tell [opponents] where the drug comes from, there will be 300 people outside the building.”

Put aside, for the moment, the assertion that a cost of doing business with the government – especially when it involves something as serious and irreversible as the administration of the death penalty – might be public accountability and scrutiny. As argued by the North Carolina American Civil Liberties Union’s Sarah Preston, “Courts, lawyers and the public have a right to know basic details about how the government executes inmates in their name.” Instead, let’s take the above argument seriously and see where it leads.

Generally, the argument is that if [name your information] is made public, then [name your private manufacturer] won’t provide the [name your good or service] to the government. Well, we’ve heard it before, and it doesn’t pass muster. From voting machines to hydraulic fracturing, weakening commercial confidentiality has generally not resulted in private entities withdrawing from providing the good or service; rather, they’ve adjusted. Moreover, private entities can raise prices in order to hedge against the risk of litigation. Indeed, the threat of exposure might force such manufacturers to provide better goods that are less susceptible to challenge. In other words, the impact of publicity is not all bad – even for the private entities, like drug companies, potentially subject to public scrutiny.

So where does this leave us? As alluded to above, we often forget that doing the public’s business is not the same as private commerce, precisely because the customer is the public itself. We often wind up with confidentiality creep, expanding the definition of what we call “confidential” for underexplored or non-explored reasons, with little or no public discussion. If you’re not convinced, throw the efforts to gain public access to the basic negotiating text for the nearing-completion multilateral Trans Pacific Partnership Agreement into the mix, because that’s confidentiality creep also. It’s not publicly available, for unclear reasons.

We, the public, need to pay a lot more attention to these developments. If you’re concerned about the above, contact Governor McCrory’s office now and urge him to veto the Restoring Proper Justice Act. Aside from any other reasons that you might have, tell him that preventing the risk of a fleeing commercial provider, if it is a problem at all, comes at enormous public cost. Do it now as he could sign the Act at any moment.

More broadly, think critically when you hear arguments about the need for confidentiality. Admittedly, the press does not usually cover these issues, dismissing them as arcane or too complex. Nonetheless, I’ll do my best to document these issues as they arise, because they are too important to ignore. Let’s try to stop the quiet, baseless, under-explained creep.