Kavita Arora
K&S Partners, Bangalore
kavita@knspartners.com 

In today's dynamic business environment, research and development (R&D) collaborations are pivotal drivers of innovation, spanning various sectors. Yet, the efficacy of many such collaborations relies heavily on ensuring the protection of confidential information and/or trade secrets. This article delves into the intricate requirements and challenges associated with safeguarding confidential information and/or trade secrets within R&D alliances and partnerships, drawing on established legal frameworks and industry norms. Essential aspects, such as clearly defining and identifying trade secrets, establishing robust confidentiality protocols and navigating legal frameworks, are thoroughly scrutinised. Additionally, the impact of emerging technology and globalised R&D networks on trade secret protection strategies is analysed. Through a comprehensive examination of these facets, this article endeavours to provide insights and practical guidance for stakeholders engaged in R&D collaborations to safeguard their intellectual assets in an increasingly interconnected world.

Preserving the confidentiality of trade secrets is crucial for fostering innovation and maintaining competitiveness. In R&D collaborations, it is paramount for sustaining innovation, fostering trust and safeguarding competitive advantage. Within collaborative R&D endeavours, partners often share proprietary information, confidential data and cutting-edge technology to advance mutual objectives. However, without adequate safeguards, this exchange of sensitive information poses significant risks, including misappropriation, unauthorised disclosure and potential exploitation by competitors. Protecting trade secrets not only preserves the integrity of intellectual property but also promotes a conducive environment for open collaboration and knowledge sharing. Robust confidentiality measures, including non-disclosure agreements (NDAs) and access controls, instil confidence in collaborators and mitigate the risk of information leakage. Moreover, safeguarding trade secrets enhances the long-term viability of R&D collaborations by preserving the incentives for innovation and ensuring the equitable distribution of benefits among participating entities.

Article 10bis of the Paris Convention^[1] mandates that Member States should provide effective protection against unfair competition. Further, the World Trade Organization's (WTO's) Agreement on Trade-Related Aspects of Intellectual Property Rights (the 'TRIPS Agreement') was the first international agreement to protect trade secrets expressly, indicating that undisclosed information, including trade secrets and know-how, need to benefit from protection. According to Article 39^[2] of the TRIPS Agreement, trade secret protection is available provided such information:

• is secret in the sense that it is not, as a body or in the precise configuration and assembly of its components, generally known among or readily accessible to persons within the circles that normally deal with the type of information in question;
• has commercial value because it is secret; and
• has been subject to reasonable steps to keep it secret under the circumstances by the person lawfully in control of the information.

Examples of trade secrets include profit margin information; computer programs/algorithms; business plans; marketing strategies; certain recipes and their ingredients; compilations, such as customer lists; client database and pricing information; and trademarks/trade names yet to be registered.

WTO members are required to emplace national systems to protect trade secrets against unfair competition in accordance with the TRIPS Agreement. However, under the TRIPS Agreement, member states have flexibility regarding complying with this obligation.

India, being a member state of the TRIPS Agreement, has recognised the value of protecting undisclosed information in business and trade against unfair competition. However, in the absence of dedicated legislation, trade secret cases in India are decided on the principles of common law, equity, confidence and contracts, as well as judicial precedents. The current legal landscape is disjointed and challenging to manoeuvre, and trade secret violations are very common. The courts have not laid down any specific criteria and/or guidelines in this respect; 'trade secret' and 'confidential information' have been used interchangeably by the courts, and the expression 'trade secret' is not defined under any statute in India.

That said, multiple Indian court pronouncements have reiterated the requirements as laid down under the TRIPS Agreement, including the landmark judgment of the Delhi High Court, Burlington Home Shopping Pvt v Rajnish Chibber,^[3] where the court held that a trade secret is defined as any information with commercial value that is not available in the public domain and the disclosure of which would cause significant harm to the owner. Further, in the case of Emergent Genetics India Pvt Ltd v Shailendra Shivam & Ors,^[4] the Delhi High Court observed that '…if the trade secret or information owner proves that reasonable efforts were made to keep the information confidential, it (the information) remains a trade secret and is legally protected. If, on the other hand, trade secret owners cannot establish reasonable efforts to protect confidential information, they risk losing the quality of confidentiality of the information even if its information is obtained by rivals without permission'.

The importance of safeguarding trade secrets has increased because of the rapid advancements in technology, with the world becoming increasingly integrated and interconnected. Additionally, digitalisation has augmented the possibility of intentional or accidental leakage of confidential information manifold. There are practical difficulties associated with maintaining secrecy and the requirements of reasonable efforts to maintain secrecy because they may be costly and may be thwarted. The steps that are considered 'reasonable' vary for every business and depend on several factors, including the value of the secret, risk of theft and cost of protection, and the interpretation may vary between courts across the globe.

For example, in Kewanee Oil Co v Bicron Corp,^[5] the United States Supreme Court noted that '[t]he subject of a trade secret must be secret, and must not be of public knowledge, or a general knowledge in the trade or business'. Moreover, regarding the criterion of 'reasonable efforts' being of a flexible nature, various courts, including in the US, have varied their interpretation. For example, in Superchips Inc v Street & Performance Electronics Inc,^[6] the court considered the combination of code encryption and the integrated password protection of the system limited to an authorised group of people as sufficient evidence of 'reasonable efforts'. However, in Progressive Prod Inc v Swartz,^[7] the court found that verbal instructions to employees not to disclose the ingredients of a specific formula to the public and to cover up its ingredients when outsiders visited the plant sufficient to prove 'reasonable efforts' to maintain secrecy.^[8]

The complexity and interdisciplinary nature of many types of technology, such as biotechnological advancements, necessitate partnerships between diverse entities, including research institutions, academia, government agencies and industry players. The protection of confidential information/trade secrets in the field of biotechnology is even more challenging, primarily because it is difficult to protect biological property, such as microorganisms, which are easily replicated and easy to access. The entire biotechnological trade secret can be lost in a single misappropriation event, which includes: (1) the blueprint (DNA); (2) the machinery (the expression system used to transform and direct the desired synthetic result); and (3) the factory itself (the host cell containing the recombinant DNA under the control of the expression system).^[9],[10] One such example that demonstrates the problems encountered in protecting biological property is the case of American Cyanamid,^[11] where, although microorganism cultures were maintained as proprietary materials within the company, employees purloined sample cultures of the microorganisms from an American Cyanamid research facility and sold them to foreign pharmaceutical firms. The incident led to criminal convictions of two American Cyanamid employees, as well as civil trade secret actions for damages.^[12]

Additionally, digitalisation is the backbone of modern business operations, and trade secrets can be more easily appropriated in today's digital world. The volume and sophistication of cyberattacks make businesses extremely vulnerable. The theft of trade secrets in cyberspace has been termed as a 'silent crime'.^[13]

It follows that any critical business information of a commercial value must be protected appropriately, and companies need to boost security and put systems in place to ensure such protection. This can help in mitigating risks, as well as help meet the 'reasonable steps' requirement if trade secrets are compromised. One of the foremost mechanisms that businesses can use to protect trade secrets is through contractual obligations; however, several other checks and balances can be included to ensure proper compliance and protection.

Thus, keeping in mind the various established and practice norms, businesses can consider the following strategic steps for the protection of their valuable trade secrets.

Identification and assessment of trade secrets

Initially, it is imperative to distinctly identify and document trade secrets within an internal registry. Additionally, a thorough evaluation of potential risks following a breach should be conducted. Once vulnerable areas and departments susceptible to breaches and leaks are identified, businesses can implement supplementary measures to fortify these pivotal zones. Regular audits must then be carried out to verify that adequate security measures are in place.

Robust company policies and business procedures

Sound and concise company policies such as an 'Information Security Policy' that includes a 'Trade Secret Protection Policy' must be in place, with clear protocols, including accessing business information remotely or from personal devices. Such policies and procedures should be monitored and updated periodically to maintain consistency and ensure compliance.

The quantum of disclosure must be controlled; wherever feasible, confidential information should be shared only with stakeholders who have a legitimate need to know such information.

Furthermore, procedures for implementing corrective measures and enhancements can be established, encompassing the creation of, for example, a swift response strategy, root cause analyses of issues and tracking mechanisms.

Contracts and agreements

NDAs must be entered into with employees, vendors and third parties that have access to confidential information. These agreements should be comprehensive and documented, clearly and unambiguously defining what constitutes confidential information or trade secrets, and must cover aspects such as company policies, the handling of trade secrets and the requisite confidentiality measures. Collaborative agreements and contracts must indicate the expectations of each party, including restricting the number of people involved in the project, and the protocols to be followed once the contract is terminated.

A well-drafted NDA can serve as a crucial tool for protecting trade secrets, particularly when these secrets are shared with collaborators, third parties or employees as part of contractual obligations. While drafting NDAs vis-à-vis employees, one has to be mindful of the limitations provided under section 27 of the Indian Contracts Act^[14] because various judicial precedents, such as Percept D'Mark (India) Pvt Ltd v Zaheer Khan and Anr,^[15] have held that limiting an individual's ability to engage in a particular legitimate business is unjust and infringes on his/her fundamental freedom to choose the line of work he/she wishes to engage in.

Controlling and managing access

Robust internal controls and procedures are essential for safeguarding trade secrets and/or confidential information. Businesses must enforce restrictions on both physical and electronic access to ensure the confidentiality of information. Information flow must be appropriately monitored and restricted on a need-to-know basis.

All confidential physical documents must be marked 'confidential' or 'proprietary' and kept in a safe place. Code names should be used for sensitive projects and technology whenever possible. All key trade secrets can be listed in an encrypted inventory, which must be updated periodically. Furthermore, all physical records that are no longer required must be shredded before disposal.

In all electronic communications, just like physical records, all information/data that is confidential should be clearly indicated. To strengthen the security of trade secrets and sensitive data, it is recommended to implement technical measures, such as encryption, anti-malware, antivirus software and email restrictions. It is prudent to reduce reliance on personal devices, email accounts, social media and cloud-based services due to potential gaps in information security. Only officially approved software, systems and platforms should be employed for sharing confidential documents within the organisation's network. Proper training and the establishment of necessary protocols are crucial for remote workers accessing sensitive documents and information to ensure confidentiality.

Creation of adequate awareness

Businesses must take necessary steps to educate employees and other stakeholders/collaborators on the importance of both the protection of trade secrets and maintaining confidentiality. Relevant stakeholders should be made aware, especially during onboarding, of confidentiality policies and typical security protocols related to accessing and using sensitive business information and documents. They should also understand their responsibility to prevent the disclosure of trade secrets and the repercussions of failing to fulfil these obligations. Additionally, they should receive training in identifying and avoiding phishing scams, emphasising their significance in maintaining information security. Such awareness can be created through conducting training programmes, seminars, events and similar exercises regularly.

Off-boarding

On the departure of employees who had access to sensitive business data, it is imperative to conduct exit interviews to reiterate their obligations vis-à-vis the company's trade secrets and/or confidential information. In addition, they must return all tangible sensitive business data and/or devices to the employer immediately, which must be audited to ensure that sensitive information has not been misappropriated or retained, and their access to the company's network must be revoked immediately. Likewise, in collaborative projects, the same care must be taken on the termination of an agreement/contract or closure of a project.

Corrective actions and risk mitigation

In the event of any misappropriation or unauthorised disclosure of confidential information/trade secrets, it is essential to respond swiftly and appropriately. Furthermore, it is critical to conduct a comprehensive investigation into the root causes of such occurrences to prevent their recurrence. Identifying the underlying factors contributing to unauthorised disclosures enables organisations to bolster their security measures, raise awareness among collaborators/employees and mitigate the risk of similar breaches in the future. This proactive approach not only safeguards valuable intellectual property but also enhances trust and confidence in the organisation's dedication to safeguarding sensitive information.

In essence, by implementing comprehensive strategies and protocols, businesses can navigate the complexities of trade secret protection in R&D collaborations, fostering innovation and simultaneously safeguarding confidential information. Needless to say, this could still fail, but would help collaborators to take necessary and adequate steps to maintain a legally sound environment vis-à-vis trade secrets.

Notes