430 likes | 498 Views
Protection from Theft of Customer Lists, Leads, Business Information Protecting the Dealer’s Interests in Warranty Disputes. Gerry Sweeney Brad Falkof. January 11, 2011. Protection from Theft of Customer Lists, Leads, Business Information in an E-World. What’s a Trade Secret
E N D
Protection from Theft of Customer Lists, Leads, Business Information Protecting the Dealer’s Interests in Warranty Disputes Gerry Sweeney Brad Falkof January 11, 2011
Protection from Theft of Customer Lists, Leads, Business Information in an E-World What’s a Trade Secret How do you Protect it How do you get it back?
What’s a Trade Secret? Illinois Trade Secrets Act (“the Act”), 755 ILCS 1065/1 “[t]rade secret means information, including but not limited to, technical or non-technical data, a formula, pattern, compilation, program, device, method, technique, drawing, process, financial data, or list of actual or potential customers or suppliers, that is: (1) Sufficiently secret to derive economic value, actual or potential, from not being known to other persons who can obtain economic value from its disclosure or use; and (2) The subject of efforts that arereasonable under the circumstances tomaintain its secrecy and confidentiality.” 3
What’s Required – 2 Prongs In order for a dealer to later successfully obtain an injunction against a former employee who has taken valuable data, the dealer employer must show that: (1) The information was actually secret; AND (2) The dealer took additional steps toensure that it remained secret.
The First Prong - “Actual Secrecy” So long as the information contained is not already in the public domain (commonly known or available), the courts usually agree that the dealer/employer’s customer list is secret. However, information readily discoverable in published directories with minimal effort is not “actually secret”.
Data on Existing Customers & Leads are typically “Trade Secrets” Because CATA members do not copy lists of potential car buyers out of the phone book, but obtain internet leads from paid sources such as AutoTrader.com, Cars.com and CarQuotes.com and leads from previous direct customer transactions, these facts should be sufficient to establish that the customer list is a trade secret.
The Meat-and-Potatoes Issue in Most Trade Secret Cases Whether the employer took sufficient steps to ensure that the customer list remained secret. It is not a one-size-fits-all requirement. The statute states that the employer’s efforts need only be “reasonable under the circumstances.”
The Second Prong To maintain the secrecy of its customer lists, the dealer must be able to clearly show all the affirmative steps it has taken. In order for a dealer to meet the Second Prong of the test, it must do two things: (1) Maintain physical or electronic security to protect the data, and (2) Impress upon its employees that the data is confidential
Case Example In Liebert Corp., the plaintiff sought an injunction to stop a former salesperson from using its price books and customer lists. The data was stored on a website that could be accessed remotely. When defendant left Liebert’s employ, he took the customer lists and price books with him. The court held that the customer lists did not qualify as trade secrets as Liebert’s security measures were considered inadequate.
The Court noted the Positives – 5 Practical Steps to Apply (a) Electronic Data should be Password protected; (b) Passwords should be issued on a “need to know” basis; (c) Salesman should be given electronic access only to information about his/her customers; (d) Whenever an employee leaves the Dealership, the IT personnel should promptly disabled his/her login credentials; and (e) The employer collected all physical copies of the list and destroyed them. BUT – that’s not enough . . .
The Court Noted the Negatives Employees were permitted to use their personal laptops for work. The employees did not sign a confidentiality agreement at the time of hiring The employer did not label the information as confidential, The employer did not discuss the confidentiality policy with its salespeople.
The Court’s Ruling “Restricting access to sensitive information by assigning employees passwords on a need-to-know basis is a step in the right direction. Nonetheless, we are troubled by [plaintiff’s] failure to either require employees to sign confidentiality agreements, advise employees that its records are confidential, or label the information as confidential.
The Court’s Ruling In all of the cases relied on by the plaintiffs where the courts found the trade secrets met the “reasonable steps” test, there was evidence the plaintiffs advised their employees, verbally or in writing, about the information’s confidentiality. [Citations omitted]. When such evidence is absent from the record, the plaintiff must show, at a minimum, that its employees understood the information was to be kept confidential.”
When Confidentiality Agreements Fail But –Courts have held that a confidentiality agreement, standing alone, was not sufficient to meet the “reasonable efforts” test. “In this case, there was no evidence presented that Arcor did anything more than require its employees to sign a confidentiality agreement. Had Arcor taken additional measures, such as limiting access to its customer information by computer password or keeping track of the hard copies of the information, we might hold otherwise [….] Therefore, we cannot find that the limited security measure of a confidentiality agreement is sufficient to satisfy the second requirement of a trade secret.”
How to Protect Your Trade Secrets Security measures must be accompanied by equivalently strong advice and warnings about the confidential nature of the information. Without this additional step, a robust set of security measures by itself is insufficient to satisfy the second prong of the trade secrets test.
On-Line Confidentiality Statements – Two Practical Steps to Apply: 1. When information is accessed by employees online, a confidentiality statement must appear: “This information is proprietary and confidential and shall be utilized only by current Company representatives for the sole purpose of promoting and securing sales of Company’s products.” 2.Information accessed online by an employee should require the employee to first click-through a pop-up box affirming their agreement to the statement.
Employee Confidentiality Agreements All salespeople who have access to confidential customer information must be required to sign a confidentiality agreement. Where possible, they should also be required to sign non-compete agreements (essentially as a fall-back position should the court refuse to recognize the trade secret claim). Tip - Non-compete agreements, like any other contract, require consideration to be effective. If the employer attempts to force an existing employee to sign a non-compete, it is possible that the court would not enforce the agreement unless the employer offers additional inducement, such as a raise or bonus, in exchange for the promise. This would not be a problem for new employees, for whom the offer of employment is sufficient consideration.
Employee Confidentiality Agreements (continued) Physical copies of customer lists should be stamped “Confidential” and securely destroyed as soon as they are no longer necessary.
In Review Secret Information – of economic value if disclosed to competition – used in business Known by the employee to be secret Clear Evidence of use of Physical and/or Electronic Security Measures
Lessons Learned from Illinois Cases What not to do – Provide anemployee manual that states that the company’s “information” is confidential, but fail to state exactly what information is confidential and what is not. 2. Fail to maintain a confidentiality agreement signed by the former employee. 3. Keep customer lists in a central computer with limited accessibility, but then send physical copies of customer lists to salespeople that contains information on all customers, not just the customers within the individual salesperson’s contacts.
Lessons Learned from Illinois Cases (continued) Fail to mark lists/reports as “confidential” and, moreover, fail to show that the salespeople knew this information was secret. Fail to have employee entrance and exit interviews impressing upon them the importance of protecting the confidentiality of the employer’s customer lists. Make overly broad claims of confidentiality because if the employer claims everything is secret, it is quite possible the court will treat it as though nothing is secret. Gillis Associated Industries v. Cari-All, Inc., 564 N.E.2d 881 (Ill. App. 1990).
Basic Program to Protect Trade Secret Security The basic program to protect the physical and electronic security of a dealer’s trade secrets. 1. Confidentiality Agreements. 2. The employer must specifically identify the information to be protected as trade secrets and explain to the employees precisely what is and is not confidential. These explanations should be conducted at both the entrance and exit interview, and should be reinforced on a regular basis through internal communications and workplace postings. 3. Physical copies of the customer list should be kept under lock and key, and avoided wherever possible.
Basic Program to Protect Trade Secret Security (continued) 4. Access to the customer list should be password protected and, ideally, limited to a small group of loyal insiders (three seems to be the magic number). 5. When information is to be provided to salespeople, it should be restricted to the salesperson’s specific customers or contacts. 6. Information that will be available remotely via the internet should be subject to additional protections. 7. Information should be displayed in a non-exportable form; spreadsheets that are readily translatable into Excel, Access, or other common database products should be avoided.
Basic Program to Protect Trade Secret Security (continued) 8. If possible, the employer should customize its website to disable printing. Of course, disabling the print function will not prevent determined bad actors from making screen captures of the data or handwriting the information into a separate document, but at the very least it will make it more difficult to misappropriate the entire customer list. Disabling the print function has the additional salutary effect of making it quite obvious that the former employee knew that he or she should not be copying this information and nonetheless went around the employer’s security measures. 9. Copiers should also be password protected and logged so that the employer can be made aware of unusual late-night copying binges that are often the harbinger of misappropriation by a soon-to-depart employee.
Trade Secret Prevention Prevention is the best way to avoid needing to recover customer information after it has been misappropriated - Do not permit employees to use their personal computers, personal email addresses and cell phones to house and transmit confidential information. Require all employees to use company-owned devices and email addresses when conducting business, and to make clear that transmitting confidential information on a personal device is a fireable offense. Company email addresses can be deactivated and the “Sent Mail” folder perused to check for unusual attachments and the like.
Trade Secret Prevention (continued) There is “self-destruct” software available to be loaded on company-owned computers and Smartphone’s that will wipe the device’s memory the first time it is connected to the internet, thereby destroying confidential data in the event that the employee never returns the device. Another easy and smart option is to seed the customer list with dummy email accounts so that the employer will become aware of mass-mailed solicitations from former employees. This approach works less well for customer lists that contain only phone numbers and addresses, but could still be of use for counteracting direct mail solicitations.
Action Steps to Take When a Misappropriation Occurs After the employer learns that its customer list has been misappropriated, the employer basically has two options: A cease-and-desist letter; or Initiate a lawsuit seeking an injunction – an “emergency” legal process to recover the misappropriated information and prevent its improper use
Action Steps to Take When a Misappropriation Occurs The dealer needs to act quickly. The longer that the customer list is out there, the more likely it is that the court will find that it is not “actually secret.” If this occurs, then it does not matter that the employer has followed all of the other recommendations in this presentation – because an action for misappropriation of trade secrets can only be maintained against a party who knew or had reason to know that the trade secret was acquired by improper means, the employer will be out of luck if the information eventually finds its way into the hands of a party who is unaware of how it came to be in his/her possession.
Warranty Dispute Overview The typical automobile warranty. Agreement to repair or replace parts which are the result of defective parts or workmanship. Excludes coverage for incidental or consequential damages, including loss of time, inconvenience, loss of use or commercial loss. Limits the implied warranty of merchantability to the duration of the written warranty.
Warranty Dispute Overview (continued) Statutory Protection. Magnuson-Moss Warranty Act: Allows manufacturer and dealer to offer a limited warranty. Allows warrantor to limit the customer’s remedy to repair and replacement of defective parts. Allows warrantor to exclude consequential damages No action may be brought “for failure to comply with any obligations under any written or implied warranty” unless the warrantor is given a “reasonable opportunity to cure….”
Warranty Dispute Overview (continued) Contractual Protections. Indemnification by the Manufacturer. Dealer Agreement – Provides that Manufacturer will defend and indemnify the Dealer. Dealer’s obligation is to give prompt notice. Dealer’s Purchase Order. Generally disclaims implied warranty of merchantability. Generally disclaims consequential damages arising from a breach of warranty.
Protecting the Dealer’s Interests in Warranty Disputes Why should you care, if you have all of these protections? Can the manufacturer deny the request for indemnification if the failure to repair is due to the technicians’ fault? The dealer is really the party on trial. Your interests may not be protected by the manufacturer.
Protecting the Dealer’s Interests in Warranty Disputes (continued) Speed bumps on the road to protecting your interests. Magnuson-Moss applies to anyone providing a written warranty, even a 90 day warranty on a used car. Magnuson-Moss applies to providers of service contracts. “No supplier may disclaim or modify…any implied warranty to the consumer with respect to such consumer product if …at the time of sale, or within 90 days thereafter, such supplier enters into a service contract with the consumer…” (§ 2308(a) of Magnuson-Moss) Includes extended warranty agreements or other contracts separate from the manufacturer’s limited liability warranty.
Protecting the Dealer’s Interests in Warranty Disputes (continued) Warranty fails of it essential purpose. If the promise to repair or replace fails, it is as if the limitation of remedy (repair or replace parts only) does not exist. Customer’s remedy no longer limited to diminished value of the vehicle. Customer can seek revocation of the sale or replacement of the car.
Protecting the Dealer’s Interests in Warranty Disputes (continued) Customer mixes breach of warranty with consumer fraud claim. Check case – Customer claimed that new car had been repainted to cover up scratches on the side of the car. Court said customer could demonstrate breach of implied warranty by showing that the vehicle was one that would not pass without objection in the trade as a new car. Court allowed case to proceed against the dealer.
Protecting the Dealer’s Interests in Warranty Disputes (continued) Court finds that the limitations on remedies and exclusions of consequential damages are unconscionable. The legacy of Razor v. Hyundai. “The warranty and its consequential damages exclusion were contained in the owner’s manual, which was placed in the glove compartment of the car, where it was unavailable to the consumer until after she took delivery.” Warranty limitations and exclusions were hidden from the customer.
Methods to Protect the Dealer’s Interests What can you do to protect yourself? The sales side. Sales people must understand that the warranty is part of the transaction. Sales people must make the entire warranty available as part of the sales transaction. Educate your sales people on the terms of the warranty. Provide the entire warranty to the customer.
Methods to Protect the Dealer’s Interests (continued) Document the complete transaction. Make sure the purchase order has an exclusion for the implied warranty of merchantability. Make sure the customer acknowledges receipt of the warranty. Make sure the customer initials or signs the portion of the sales order which provides for the exclusion of the implied warranty.
Methods to Protect the Dealer’s Interests (continued) The service side. Use the service record to tell the story. The service record must be complete and accurate. Include all printouts from computer generated diagnostic tools. Make sure the customer signs the repair order.
Methods to Protect the Dealer’s Interests (continued) Carefully document the service story. Customer states… Intermittent failures. No problem found. Repairs being made in the interest of customer satisfaction. Make no unnecessary comments to the customer or in the service record. “Gosh, the manufacturer really sold you a lemon.” “I am not sure we are ever going to be able to fix this car.” “You should complain until you get a new car.”
Practical Indemnification Solutions Identify customers with unrealistic expectations. Identify customers with buyer’s remorse. Identify customers looking for a good deal on the next car. Get the manufacturer involved at an early stage. Save parts or return them to the manufacturer.
Gerald Sweeney Barnes & Thornburg LLP 312-214-4858 gerald.sweeney@btlaw.com Bradley Falkof Barnes & Thornburg LLP 312-214-8304 brad.falkof@btlaw.com Barnes & Thornburg LLP One North Wacker Drive, Suite 4400 Chicago, IL 60606 January 11, 2011