• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Trade Secrets In Cloud Computing
 

Trade Secrets In Cloud Computing

on

  • 15,482 views

 

Statistics

Views

Total Views
15,482
Views on SlideShare
15,471
Embed Views
11

Actions

Likes
0
Downloads
124
Comments
0

2 Embeds 11

http://paper.li 9
http://static.slidesharecdn.com 2

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Trade Secrets In Cloud Computing Trade Secrets In Cloud Computing Document Transcript

    • 
 TRADE
SECRETS
IN
CLOUD
COMPUTING

 
 [FINAL
THESIS
PAPER]
 
 KHYATI
DHULIA
 UNIVERSITY
OF
WASHINGTON
SCHOOL
OF
LAW
 SPRING
2010
 
 ADVISOR:
PROF.G.ROBERT
 
 
 
 
 
 
 
 
 

    • Table
of
Contents
 
 I.
 ABSTRACT...................................................................................................................................... 3
 II.
 INTRODUCTION ............................................................................................................................ 3
 III.
 BASIC
INTRODUCTION
TO
CLOUD
COMPUTING ........................................................................... 5
 IV.
 OVERVIEW
OF
TRADE
SECRET
LAW.............................................................................................. 8
 V.
 THE
PROBLEM:
TRADE
SECRET
LAW
APPLIED
TO
CLOUD
COMPUTING ........................................ 30
 VI.
 MEASURES
TO
BE
ADOPTED
BY
END
USER
TO
SAFEGUARD
TRADE
SECRET
UNDER
REASONABLE
 STANDARD
TEST................................................................................................................................. 36
 VII.
 CONCLUSION ........................................................................................................................... 41
 
 
 
 
 
 
 
 
 
 
 2

    • I. Abstract
 Trade
 secrets
 provide
 protection
 against
 the
 misappropriation
 of
 undisclosed
 information
 which
 has
 economic
 value
 and
 which
 the
 owner
 has
 taken
 reasonable
 steps
 to
 protect
 from
 disclosure.
 The
 paper
 analyzes
 and
 discusses
 the
 legal
 issues
 of
 hosting
 data
 in
 the
 cloud
 in
 context
of
trade
secret
law.

It
starts
with
basic
introduction
to
cloud
computing
and
explains
 the
different
types
of
services
offered
to
the
end
user
by
the
cloud
service
provider.
It
discusses
 in
 detail
 the
 reasonable
 standard
 test
 under
 the
 doctrines
 of
 various
 judicial
 principles
 and
 enumerates
 the
 steps,
 which
 the
 various
 courts
 have
 regarded
 as
 reasonable.
 It
 lists
 all
 measures
that
the
end
user
of
cloud
computing
services
can
take
to
safeguard
the
trade
secret
 under
 reasonable
 standard
 test.
 The
 discussion
 goes
 on
 further
 to
 understand
 the
 various
 jurisdictional
 issues
 that
 arise
 because
 the
 data
 in
 the
 cloud
 might
 be
 stored
 in
 different
 locations.
 At
 the
 end,
 it
 provides
 a
 checklist
 that
 could
 help
 the
 end
 user
 to
 leverage
 the
 benefits
of
cloud
computing
without
losing
the
trade
secret
status
of
data
or
application.

 II. Introduction
 “If
nature
has
made
any
one
thing
less
susceptible
than
all
others
of
exclusive
property,
it
is
the
 action
of
the
thinking
power
called
an
idea,
which
an
individual
may
exclusively
possess
as
long
 as
 he
 keeps
 it
 to
 himself;
 but
 the
 moment
 it
 is
 divulged,
 it
 forces
 itself
 into
 the
 possession
 of
 every
one,
and
the
receiver
cannot
dispossess
himself
of
it”1.
 






















































 
 1 Deborah
 Azar,
 Method
 to
 protect
 computer
 programs:
 the
 integration
 of
 copyright,
 trade
 secrets,
 and
 anticircumvention
 measures.
 Utah
 L.
 Rev.
 1395
 (2008)
 Original
 Citation:
 
 Letter
 from
 Thomas
 Jefferson
 to
 Isaac
 McPherson
 (Aug.
 13,
 1813),
 13,
 THE
 WRITINGS
 OF
 THOMAS
 JEFFERSON
 326,
 333–34
 (Albert
 Ellery
 Bergh
ed.,
1907).

 
 3

    • The
quintessence
of
heart
of
the
trade
secret
law2
is
that
the
information
is
protected
as
long
 as,
it
is
kept
a
secret.
Once
the
information
is
exposed,
it
loses
the
secrecy
component
and
is
 available
 for
 use
 to
 the
 rest
 of
 the
 world.
 
 Information
 technology
 is
 rapidly
 changing
 the
 mechanism
 in
 which
 information
 is
 acquired,
 processed,
 organized
 and
 stored
 in
 various
 applications.
This
explosive
growth
in
the
exchange
of
information
brings
new
challenges
to
the
 relevance
and
application
of
trade
secret
law3.
 Moreover,
 the
 emergence
 of
 the
 Internet
 and
 digitalization
 are
 posing
 new
 challenges
 to
 the
 old
and
established
principles
of
trade
secret
law.

The
advent
of
Internet
and
digitalization
has
 a
lasting
impact
in
the
manner,
we
protect
and
safeguard
our
trade
secrets.
Trade
secret
law
 has
 not
 changed
 in
 last
 twenty
 years,
 and
 therefore
 emergence
 of
 electronic
 storage
 and
 dissemination
 of
 company’s
 most
 prized
 business
 strains
 the
 law’s
 ability
 to
 protect
 valuable
 information.4.The
 new
 technological
 breakthrough
 in
 the
 arena
 of
 technology
 is
 cloud
 computing.
When
companies
use
cloud
computing,
they,
no
longer
have
to
store
data
in
their
 own
data
centers
but
instead
store
it
in
cloud
and
leverage
the
economies
of
scale
and
resulting
 cost
savings.

Information
stored
in
safety
of
one’s
house,
office’s
private
server
or
hard
disk
in
 comparison
with
storage
in
third
party’s
remote
data
center
poses
question
not
only
about
the
 security
of
the
information
but
also
about
protection
accorded
under
regimes
of
law
like
trade
 secret.
Trade
secret
law
is
one
of
the
most
elusive
and
difficult
concepts
in
the
law
to
define5
 






















































 
 2
Robert
C.
Dorr
&
Christopher
Munch,
Protecting
Trade
Secrets,
Patents,
Copyrights
and
Trade
Marks,
 §2.01[B],
Third
Edition,
Wiley
Law
Pubns
(1980)
 3
Arbi.
B.
Good,
Trade
Secrets
and
the
New
Realities
of
the
Internet
Age
2.Marq.
Intell.
Prop.
L.
Rev.
51
(52‐54)
 (1998)
 4Babraa
L.
Moore.
Protecting
trade
secrets
on
the
Internet.
Executive
Counsel,
 http://www.eapdlaw.com/files/News/44bbfbfe‐67c9‐407c‐a160
 b3da02488307/Presentation/NewsAttachment/26a05ae8216c4dc983f5bc4b3d016c99/Protecting%20Trad e%20Secrets_Barbara%20Moore.pdf
 5
Lear
Siegler,
Inc.
v.
Ark‐Ell
Springs,
Inc.,
569
F.2d
286,
288
(5th
Cir.
1978)
 
 4

    • and
hence
its
applicability
and
adaptability
to
this
virtualized
world
of
computing
is
complicated
 to
 comprehend.
 
 Storage
 of
 the
 valuable
 information
 in
 the
 far
 realms
 of
 the
 remote
 data
 centers
has
several
legal
implications,
which
is
outside
the
scope
of
this
paper.
However,
this
 paper
 will
 focus
 on
 cloud
 computing
 specifically
 in
 the
 context
 of
 reasonable
 standard
 test
 under
trade
secrets
law.

 III. Basic
Introduction
to
Cloud
Computing
 Innovation
fosters
technology
and
technology
challenges
the
old
school
of
thought
of
legalities.
 Fostering
innovation
is
the
genesis
of
intellectual
property
law.
In
the
past
era,
there
have
been
 number
 of
 technological
 changes
 that
 have
 changed
 the
 way
 we
 live
 today.
 The
 manner
 in
 which
mass
production
of
electricity
in
a
single
unit
has
changed
the
economics
of
scale,
in
a
 similar
 fashion,
 cloud
 computing
 is
 changing
 the
 way
 in
 which
 companies
 store
 their
 data
 and/or
host
applications.
Nicholas
Carr
of
Big
Switch
emphatically
states
that
“Now,
we
are
in
 midst
of
another
epochal
transformation.
What
happened
to
the
generation
of
power
of
century
 ago
is
now
happening
to
the
processing
of
information
in
form
of
cloud
computing”6.
Typically,
 the
 cloud
 computing
 infrastructure
 resides
 in
 a
 large
 data
 center
 and
 is
 managed
 by
 a
 third
 party,
who
provides
computing
and
storage
resources,
anywhere
with
an
Internet
connection7.
 In
Cloud
Computing,
the
customers
do
not
own
the
physical
hardware
 but
instead
“rent”
the
 resources
 that
 are
 provided
 by
 the
 cloud
 service
 provider.
 Cloud
 computing
 has
 changed
 the
 






















































 
 6 
Nicholas
Carr,
The
Big
Switch
Rewiring
the
world
from
Edison
to
Google,
W.
W.
Norton
&
Company;
Reprint
 edition
(January
19,
2009)
 7
Paul
T.
Jaeger,
Jimmy
Lin
&
Justin
M.
Grimes,
Cloud
Computing
and
Information
Policy:

Computing
in
a
Policy
 Cloud?

Forthcoming
in
the
Journal
of
Information
Technology
and
Politics.
(unpublished)
Forthcoming
in
the
 Journal
of
Information
Technology
and
Politics.

 
 5

    • economics
 of
 scale
 for
 large
 and
 small
 enterprises
 by
 eliminating
 the
 upfront
 capital
 expenditure
(CapEx)
on
hardware,
software,
and
services
as
they
only
pay
for
what
they
use8
 
Cloud
 Computing
 has
 been
 defined
 by
 National
 Institute
 of
 Standards
 and
 Technology,
 as
 “Cloud
computing
is
a
model
for
enabling
convenient,
on‐demand
network
access
to
a
shared
 pool
 of
 configurable
 computing
 resources
 (e.g.,
 networks,
 servers,
 storage,
 applications,
 and
 services)
 that
 can
 be
 rapidly
 provisioned
 and
 released
 with
 minimal
 management
 effort
 or
 service
 provider
 interaction.
 This
 cloud
 model
 promotes
 availability
 and
 is
 composed
 of
 five
 essential
characteristics,
three
service
models,
and
four
deployment
models9”.

 A
 computing
 model
 has
 five
 different
 layers‐
 applications,
 software
 environments,
 software
 infrastructure,
 software
 kernel,
 and
 hardware10.
 
 At
 the
 bottom
 of
 the
 stack,
 is
 physical
 component
 of
 the
 system
 
 (hardware).
 Above
 that
 layer
 is
 the
 cloud
 application
 layer
 which
 normally
 the
 end
 users
 accesses
 through
 web‐portals.
 The
 third
 layer
 is
 cloud
 environment
 layer.
 The
 users
 of
 this
 layer
 are
 cloud
 application
 developers.
 The
 cloud
 service
 provider
 supplies
developers
with
a
programming‐language‐level
environment
with
a
set
of
well‐defined
 APIs
 to
 facilitate
 the
 interaction.
 This
 system
 or
 layer
 may
 also
 be
 termed
 as
 software
 as
 a
 service.
Above
that
layer
is,
the
cloud
software
infrastructure
layer
which
provides
fundamental
 resources
 to
 other
 higher‐level
 layers,
 which
 in
 turn
 can
 be
 used
 to
 construct
 new
 cloud
 software
environments
or
cloud
applications11.
 






















































 
 8
http://en.wikipedia.org/wiki/Cloud_computing
 9 
http://csrc.nist.gov/groups/SNS/cloud‐computing/
 10 
http://blog.bluelock.com/blog/5‐layer‐model
 11 
Lamia
Youseff
&
Maria
Butrico,
Dilma
Da
Silva,
Toward
a
Unified
Ontology
of
Cloud
Computing
(explaining
the
 different
layers
in
cloud)

 (http://docs.google.com/viewer?a=v&q=cache:vyTr8TfjRjYJ:www.cs.ucsb.edu/~lyouseff/CCOntology/CloudOntolo gy.pdf/
 
 
 6

    • There
 are
 different
 types
 clouds
 computing
 models
 available
 to
 the
 end
 user
 to
 suit
 their
 business
needs:
public
clouds,
private
clouds
and
hybrid
clouds.

 
 Public
Clouds:

A
public
cloud
is
one
based
on
the
standard
cloud
computing
model,
in
which
 the
cloud
service
provider
makes
resources,
such
as
applications
and
storage,
available
to
the
 end
user
over
the
Internet12.

 Private
Cloud:
In
this
computing
model,
the
resources
such
as
application
and
storage
are
only
 accessible
from
within
the
company
firewall
and
is
available
to
only
the
company
employees.
 Hybrid
Cloud:
In
this
computing
model,
the
end
user
will
manage
some
resources
in‐house
or
 private
cloud
and
some
in
the
public
cloud.

 Community
Cloud:
In
this
model,
the
resources
are
available
and
accessible
to
a
selected
group
 of
trusted
partners.

The
cloud
service
provider
offers
different
kinds
of
computing
services
to
 the
 end
 users.
 These
 services
 include
 Infrastructure
 as
 a
 service
 (IAAS),
 Platform
 as
 a
 Service
 (PAAS)
and
Software
as
a
service
(SaaS).

 

















































































































































































 
 
 12 
http://searchcloudcomputing.techtarget.com/sDefinition/0,,sid201_gci1356516,00.html
 
 7

    • Infrastructure
 as
 a
 Service
 (IaaS):
 
 When
 the
 cloud
 service
 provider
 only
 offers
 the
 compute,
 storage
 and
 networking
 infrastructure,
 typically
 a
 hosted
 virtualization
 environment
 as
 a
 service,
it
is
offering
Infrastructure
as
a
Service13.
 Platform
 as
 a
 Service
 (PaaS):
 When
 the
 cloud
 service
 provider
 is
 offering
 an
 integrated
 platform
to
the
end
user
to
build,
test,
and
deploy
and
automatically
scale
applications14,
it
is
 offering
Platform
as
a
Service.

PaaS
provides
a
higher
level
abstraction
over
IaaS.
 Software
as
a
Service
(SaaS):

When
the
software
is
offered
as
a
service
by
the
cloud
service
to
 the
end
user,
it
is
offering
Software
as
a
Service.
This
service
provides
rich
functionality
of
the
 application
and
where
the
customer
does
not
have
the
need
to
install,
operate
or
manage
the
 application
but
instead
subscribes
to
service
and
pays
by
the
user.
 The
Cloud
Service
Provider
is
different
from
the
traditional
hosting
services
because
it
provides
 the
end
users
more
control
through
a
set
of
well‐defined
APIs
to
facilitate
the
interaction
with
 the
cloud
resources.
 IV. Overview
of
Trade
Secret
Law
 The
privilege
to
compete
with
others
includes
a
privilege
to
adopt
their
business
methods,
ideas
 or
 processors
 of
 manufacture.
 However,
 such
 privilege
 has
 certain
 limitations
 imposed
 by
 intellectual
property
law.
Intellectual
Property
law
regime
serves
to
promote
progress
of
useful
 art
 and
 science.
 Patents
 and
 copyrights
 extend
 protection
 to
 the
 originator15
 for
 a
 limited
 period
of
time
on
condition
of
its
disclosure
to
the
public.

 






















































 
 13 http://en.wikipedia.org/wiki/Cloud_computing
 14 
http://en.wikipedia.org/wiki/Cloud_computing
 15 
 Roger
 M
 Milgrim,
 Milgrim
 on
 Trade
 Secret
 ,Vol.
 1,
 §1.01[1],Matthew
 Bender
 and
 Company
 Inc.
 (Updated
 2009)
 
 8

    • Trade
secret
law
is
an
anomaly
in
intellectual
property
law16.
Trade
Secret
is
any
information,
 which
has
an
economic
value
and
provides
economic
advantage
over
the
competitors17.


Trade
 Secret
only
protects
valuable
information,
which
has
been
reasonably
safeguarded.
In
contrast
 to
the
patent
and
copyright
regimes,
the
protection
extended
to
such
valuable
information
is
 not
confined
to
limited
time
period.
The
trade
secret
protection
endures
as
long
as,
the
trade
 secret
status
is
valuable
and
has
not
been
disclosed
to
the
public.

 The
 significant
 difference
 of
 fact
 between
 trade
 secret
 law
 and
 these
 diverse
 intellectual
 protection
regimes
is
that
knowledge
of
the
devices
and
processes
which
not
protected
as
the
 trade
secrets,
is
available
to
the
copier
without
improper
means
from
the
public
disclosure
of
 the
 information.
 The
 employment
 of
 improper
 means
 to
 procure
 trade
 secret
 is
 the
 basis
 of
 liability
under
this
branch
of
law18.

 Trade
 secret
 protects
 wide
 range
 for
 information,
 which
 drives
 the
 economic
 growth
 of
 the
 industry.
Trade
secret
is
one
of
the
most
valuable
assets
of
the
company
and
the
survival
of
the
 company
may
depend
on
its
ability
to
protect
trade
secrets.
It
is
pertinent
to
note
that
United
 States
publicly
traded
companies
owns
an
estimated
$
5
trillion
in
trade
secret
information19.
 Prior
 to
 obtaining
 patent
 protection,
 virtually
 all
 inventions
 are
 covered
 by
 trade
 secret
 protection20.

 






















































 
 16
Robert
G.
Bone,
A
New
Look
at
the
Trade
Secret
Law:
Doctrine
in
Search
of
Justification,
86
Calif.L.Rev.241.
 (1998)
 17
 Rowe,
 Elizabeth
 A.,
 Contributory
 Negligence
 and
 Technology
 and
 Trade
 Secrets,
 University
 of
 Florida
 Levin
 College
of
Law
Research
Paper
No.
2008­06.(May
01,
2009).
http://ssrn.com/abstract=1161166
 18
Robert
G.
Bone,
A
New
Look
at
the
Trade
Secret
Law:
Doctrine
in
Search
of
Justification,
86
Calif.L.Rev.241.
 (1998)
 19
 Rowe,
 Elizabeth
 A.,
 Contributory
 Negligence
 and
 Technology
 and
 Trade
 Secrets,
 University
 of
 Florida
 Levin
 College
of
Law
Research
Paper
No.
2008­06.(May
01,
2009).
http://ssrn.com/abstract=1161166
 20
Rowe,
Elizabeth
A,
Rethinking

“Reasonable
Effort”
to
protect
Trade
Secret
In
A
Digital
World
(2008)
 
 9

    • If
the
trade
secret
of
one
company
were
misappropriated,
then
it
would
lead
great
economic
 loss
for
the
company.
Judge
Posner
noted
in
the
leading
opinion
of
Rockwell
Graphic
Systems,
 Inc
v.
DEV
Industries,
Inc21
that
the
trade
secret
law
encourages
the
actors
to
develop
valuable
 informational
resources
by
protecting
them
from
improper
acquisition
by
others22.
Moreover,
 trade
secret
law
closely
regulates
standard
of
commercial
ethics,
guides
of
morality
of
business
 world
and
underscores
fair
dealing23.

 If
the
competitor
has
derived
trade
secret
information
by
improper
means
or
under
breach
of
 confidentiality
 relationship,
 the
 trade
 secret
 owner
 would
 be
 entitled
 to
 remedies
 for


 misappropriation
of
trade
secret.
Trade
secret
law
does
not
impose
a
liability
for
mere
copying
 of
 the
 data;
 others
 are
 free
 to
 inspect
 the
 publically
 available
 data
 to
 reverse
 engineer
 to
 procure
secret
information
from
it24.

 Trade
secret
law
imposes
a
liability
only
when
the
data
is
obtained
by
improper
means.
If
some
 one
 knows
 the
 trade
 secret
 lawfully,
 they
 have
 the
 trade
 secret
 rights
 of
 their
 own
 provided
 they
too
keep
the
information
secret‐at
least
until
too
many
people
discover
the
information25.


 A. Common
Law
Origin
of
Trade
Secret
Law
 






















































 
 21
Rockwell
Graphic
Systems,
Inc
v.
DEV
Industries,
Inc
,925
F.2d
174
(7th
.Cir.1991)
 22
Roger
E
Schechter
&
John
R
Thomas.
Intellectual
Property,
the
Law
of
Copyrights,
Patents
and
Trademark,
 West
Publishing
Company
(April
2003)
 23
 A.
 Elizabeth
 Rowe,
 Saving
 
 Trade
 Secret
 Disclosures
 on
 the
 Internet
 through
 Sequential
 Preservation,
 
 42
 Wake
Forest
L.
Rev.
1
(Spring
2007)
 24
Board
of
Trade
v.
Dow
Jones
&
Co.,
98
III.2d.109
(1983)

 25
Kewanee
Oil
v

Bricon
Corp.
416
U.S
.470
(1974)
 26 Robert
 G.
 Bone,
 A
 New
 Look
 at
 the
 Trade
 Secret
 Law:
 Doctrine
 in
 Search
 of
 Justification,
 86
 Calif.L.Rev.241.
 (1998)
 27 
Christopher
Rebel
J.
Pace.
The
Case
For
A
Federal
Trade
Secrets
Act.

8
Harv.
J.L.
&
Tech
(1995).


 28 
A.
Elizabeth
Rowe,
Saving

Trade
Secret
Disclosures
on
the
Internet
through
Sequential
Preservation,

42
Wake


 Forest
L.
Rev.
1
(Spring
2007)
 29 
Peabody
v.
Norfolk,
98
Mass.452
(1868)
 30 
 Robert
 G.
 Bone,
 A
 New
 Look
 at
 the
 Trade
 Secret
 Law:
 Doctrine
 in
 Search
 of
 Justification,
 86
 Calif.L.Rev.241.
 (1998)
 31 
Peabody
v.
Norfolk,
98
Mass.452
(1868)
 
 10

    • The
trade
secret
law
has
originated
from
common
law.
Since
its
emergence
in
the
middle
of
the
 nineteenth
 century,
 trade
 secret
 law
 has
 developed
 primarily
 as
 a
 creature
 of
 state
 common
 law26.
 
 The
 cause
 of
 action
 for
 trade
 secret
 misappropriation
 was
 imported
 from
 English
 common
law
to
American
common
law
in
a
series
of
mid‐nineteenth
century
decisions
by
the
 highest
courts
of
several
eastern
states27.



 The
main
issues
during
that
time
were
whether
the
courts
of
equity
had
the
jurisdiction
to
grant
 injunctive
 relief
 and
 whether
 the
 agreements
 not
 to
 use
 or
 disclose
 were
 void
 as
 unlawful
 restraints
 of
 trade28.
 
 In
 1968,
 Massachusetts
 Supreme
 Court
 in
 Peabody
 v.
 Norfolk29,
 expounded
the
trade
secret
law
in
United
States30.
He
stated
in
his
landmark
opinion
that
“if
a
 






















































 
 32 Taylor
v
Blanchard
36
Mass.523
(1837)
 33 
O.&
W.
Thum
Co
v.
Tloczynski
,
114
Milch.149,72
N.W.140
(1987)


 34 Stone
v
Goss,
65
N.J.Eq.756,55A.736
(1903)
 35 
Pressed
Steel
Car
Co
v.
Standard
Steel
Car
Co,210,
Pa.
464,60
A.4
(1904)
 36 
Donald
Chisum
&
Micheal
A
Jacobs,
Understanding
Intellectual
Property
Law
,
§
3B[3],Lexisnexis/Matthew
 Bender
(October
30,
2004)
 37 
James
W.
Hill,
Trade
Secrets,
Unjust
Enrichment,
and
the
Classification
of
Obligations,4
Va.
J.L.
&
Tech.
2
(Spring
 1999)
 38 
Roger
E.
Schecter
&
John
R
Thomas,
Intellectual
Property,
the
Law
of
Copyrights,
Patents
and
Trade
marks,
 §24.2,West
Publishing
Company
(April
2003)
 39 
Donald
Chisum
&
Micheal
A
Jacobs,
Understanding
Intellectual
Property
Law
,
§
3B[3],Lexisnexis/Matthew
 Bender
(October
30,
2004)
 40 
James
W.
Hill,
Trade
Secrets,
Unjust
Enrichment,
and
the
Classification
of
Obligations,4
Va.
J.L.
&
Tech.
2
(Spring
 1999)
 41 
Piper
Julie,
I
have
a
secret?
Applying
the
Uniform
Trade
Secrets
Act
to
confidential
information
that
does
not
rise
 to
the
level
of
trade
secret
status.
Marq.
Intell.
Prop.
L.
Rev.
(2008).
Original
Citation
14
A.M.JUR.3d.Proof
of
Facts
 619,§6
(2006)
 42 
Henry
H.
Perritt,
Jr,
Trade
Secrets:
A

Practitioners
Guide,
Practising
Law
Institute
(PLI);
2nd
edition
(January
1,
 2005)
 43 
 Andrew
 Beckerman‐Rodau,
 Trade
 Secrets‐The
 New
 Risks
 to
 Trade
 Secrets
 Posed
 by
 Computerization,
 Rutgers
 Computer
&
Tech.
L.J.
Vol.
28
(2002)
 44 
Henry
H.
Perritt,
Jr,
Trade
Secrets:
A

Practitioners
Guide,
Practising
Law
Institute
(PLI);
2nd
edition
(January
1,
 2005)
 45 
Restatement
of
Torts
(Comment
b)
 
 11

    • man
establishes
and
makes
it
valuable
by
its
skill
and
attention,
the
good
will
of
that
business
is
 recognized
by
the
law
as
property.”31

 In
 Taylor
 v
 Blanchard32,
 the
 court
 accredited
 the
 principle
 that
 “public
 has
 no
 right
 to
 “a
 business
 man’s
 trade
 secrets
 and
 that
 a
 contract
 for
 their
 exclusive
 use
 is
 not
 a
 restraint
 of
 trade..”

The
other
historical
significance
cases
include
O.&
W.
Thum
Co
v.
Tloczynski33,
Stone
v
 Goss34
and
Pressed
Steel
Car
Co
v.
Standard
Steel
Car
Co35were
most
significant
contributors
to
 the
 body
 of
 precedent
 that
 was
 primary
 authority
 for
 United
 States
 trade
 secret
 law
 in
 early
 1930’s.36
 Restatement
of
Torts
 
 As
 part
 of
 the
 early
 20th
 century,
 the
 American
 law
 Institute’s
 1939
 Restatement
 Of
 Torts
 included
 two
 sections
 on
 trade
 secrets.37
 However,
 trade
 secrets
 were
 not
 addressed
 in
 the
 1978
Second
Restatement
of
Torts.
The
American
Law
Institute
concluded
that
trade
secret
law
 had
 grown
 more
 dependent
 on
 Tort
 law
 than
 its
 many
 other
 general
 fields
 of
 law
 and
 upon
 statutory
developments38
 Uniform
Trade
Secrets
Act
 
 In
the
1980’s
the
states
began
to
adopt
the
National
Conference
of
Commissions
Uniform
Trade
 Secret
Act
(UTSA).
UTSA,
largely
codified
the
common
law39.
UTSA,
is
enacted
in
the
majority
of
 states.
 UTSA,
 follows
 the
 Restatement
 of
 Torts,
 but
 also
 relies
 on
 subsequent
 case
 laws
 to
 provide
 more
 and
 useful
 definitive
 legal
 standards40.
 National
 Conference
 of
 Commissions
 Uniform
 Trade
 Secret
 recognized
 when
 drafting
 UTSA,
 that
 “trade
 secret
 protection
 is
 more
 
 12

    • important
 now
 because
 there
 has
 been
 an
 unprecedented
 growth
 in
 computer,
 biotechnological
and
communications
industries”41
 The
Restatement
(Third)
of
Unfair
Competition
 
 In
1994,
the
American
Law
Institute
published
the
Restatement
(Third)
of
Unfair
competition42.
 Under
 the
 Restatement
 (Third)
 of
 Unfair
 Competition,
 a
 trade
 secret
 is
 “any
 information
 that
 can
be
used
in
the
operation
of
a
business
or
other
enterprise
that
is
sufficiently
valuable
and
 secret
to
afford
an
actual
or
potential
economic
advantage
over
others.”

 The
Economic
Espionage
Act
 
 The
 Economic
 Espionage
 creates
 a
 federal
 crime
 for
 theft
 of
 trade
 secrets43.
 It
 protects
 trade
 secrets
under
two
provisions
namely,
18
U.S.C.
§
1831(a)
which
criminalizes
the
theft
of
trade
 secrets
to
benefit
foreign
powers
and
18
U.S.C.
§
1832,
criminalizes
their
theft
for
commercial
 or
economic
purposes44.

 
 B.

 Data
that
Qualifies
as
a
Trade
Secret
 The
end
user
may
store
wide
range
of
data
in
the
cloud
ranging
from
statistics,
formulas,
sales
 records,
customer
information,
pricing
information,
and
source
code.
However,
not
all
of
them
 would
 come
 within
 the
 ambit
 of
 trade
 secret
 protection.
 
 It
 is
 necessary
 for
 the
 purpose
 of
 analysis
 to
 scrutinize
 the
 guidelines
 under
 respective
 definitions
 of
 Restatement
 of
 Torts
 and
 Uniform
Trade
secrets
Act.
These
definitions
have
laid
out
the
prerequisites
for
qualification
of
 data/or
information
as
trade
secret.

 
 13

    • A
 exact
 definition
 of
 trade
 secret
 is
 not
 possible
 under
 the
 Restatement”45
 and
 hence
 it
 contains
 list
 of
 factors
 that
 are
 determinative
 for
 purposes
 of
 ascertaining
 whether
 the
 data
 would
qualify
as
a
trade
secret46.

 According
 to
 the
 definition
 under
 the
 Restatement,
 the
 trade
 secret
 would
 include
 “any
 formula,
pattern
or
device
or
compilation
of
information
which
is
used
in
one’s
business
which
 would
 give
 him
 a
 competitive
 edge,
 if
 such
 process
 or
 device
 for
 is
 continuously
 used
 in
 operating
the
business
rather
then
for
a
single
use
or
ephemeral
events”47

 The
Restatement
contains
six
factors
which
include
“
(a)
the
extent
of
information
known
to
the
 outside
 business,
 
 (b)
 known
 by
 employees
 and
 other
 people
 involved
 in
 business,
 (c)
 reasonable
measures
taken,
(d)
amount
of
money
expanded
in
developing
the
information
and
 the
ease
and
the
(e)
value
of
the
information
(f)
difficulty
with
which
the
information
could
be
 properly
 acquired
 or
 duplicated
 by
 others“48
 to
 be
 considered
 in
 determining
 whether
 given
 information
 is
 trade
 secret
 or
 not.
 
 In
 other
 words
 in
 order
 to
 qualify
 as
 a
 trade
 secret,
 the
 subject
 matter
 must
 escape
 from
 the
 mundane
 and
 the
 ordinary49.
 In
 addition
 to
 the
 subject
 matter
being
mundane,
reasonable
efforts
must
have
been
made
for
secrecy50.

 Under,
 Uniform
 Trade
 Secrets
 Act,
 a
 trade
 secret
 is
 any
 information
 including
 a
 “formula,
 pattern,
 compilation,
 program,
 device,
 method,
 technique
 or
 process
 which
 has
 an
 independent
 economic
 value
 and
 which
 is
 not
 generally
 known
 to
 the
 public
 and
 reasonable
 






















































 
 46
 Donald
 Chisum
 &
 Micheal
 A
 Jacobs,
 Understanding
 Intellectual
 Property
 Law
 §
 [3C][1][a],
 Lexisnexis/Matthew
Bender
(October
30,
2004)
 47
Restatement
§
757
(Comment
b)
 48
Restatement
of
Torts
 49
 Milgrim
 on
 Trade
 Secrets,
 Roger
 M
 Milgrim
 ,
 Definitional
 Aspects,
 §1.01[3]
 ,
 1‐223.
 Original
 Citation:
 Ed
 Nowogroski

Inc,
v
Rucker
,50
U.S.P.Q
2d
1268
137
Wash.
2d,427,971,P.2d
936,942‐945
(1999)

 50
 Roger
 M
 Milgrim,
 Milgrim
 on
 Trade
 Secret
 ,Vol.
 1,
 §1.01[3]
 ,Matthew
 Bender
 and
 Company
 Inc.
 (Updated
 2009)
Original
Citation:

Buffets,
Inc
v
Klinke,
73,
F3d
965
(9th
Cir.1996)

 
 14

    • methods
have
been
undertaken
to
safeguard
it.”51
The
legislators
have
drafted
the
definitions
 of
 UTSA
 and
 Restatement
 of
 Torts
 to
 be
 inclusive
 in
 their
 approach
 which
 enable
 them
 to
 encompass
 various
 other
 types
 of
 new
 information
 and/or
 data
 resultant
 of
 new
 innovations
 and
 technological
 advances.
 However,
 whether
 particular
 information
 constitutes
 a
 trade
 secret
is
a
question
of
law
in
some
jurisdictions
and
a
question
of
fact
in
others52.
The
types
of
 information/data
 that
 has
 been
 accorded
 the
 trade
 secret
 status
 are
 scientific
 data
 such
 as
 chemical
 process53,
 formulas54,
 manufacturing
 methods55,
 business
 plans
 and
 profits
 and
 loss
 accounts56,
 customer
 lists57,
 computer
 programs58
 employee
 knowhow59,
 pricing
 distribution
 and
marketing
plans60.

 C.
 
Reasonable
Standard
Requirement
Under
Trade
Secret
law
 “So
long
as
the
originator
or
possessor
of
the
naked
idea…keeps
it
to
himself,
it
is
his
property,
 but
 it
 ceases
 to
 be
 his
 own
 when
 he
 permits
 it
 to
 pass
 from
 him…..Ideas
 of
 this
 sort,
 in
 their
 relation
to
property
may
be
likened
to
the
interest
which
a
person
may
obtain
in
bees
and
birds
 and
fish
in
running
streams,
which
are
conspicuous
instances
of
ferae
naturae”.

If
the
claimant
 keeps
them
on
his
own
premises,
they
become
his
qualified
property,
and
absolutely
his
so
long
 as
they
do
not
escape.

But
if
he
permits
them
to
go
he
cannot
follow
them”.

A
person
reduces
 information
to
“captivity”
by
keeping
it
secret
and
implementing
precautions
to
protect
against
 






















































 
 51
Uniform
Trade
Secrets
Act
§1
 52
Secure
Servers
Tech
Inc
v
Time
&
Space
Processing
Inc,
722
F
Supp.
1354
(E.D
Va
1989)
 53
SmithKline
Beecham
Pharmaceuticals
Co
v
Merk
&
Co.,
766
A.2d
422,
488
(Del.Super.Ct.200)

 54
Joint
Stock
Soc’y
v
UDV
N.Am.,
104F.
Supp.2d
390,409
(D.
Del
2000)

 55
Cobot
Corp
v
Thai
Tantalum,Inc.
25
USPQ2d
1619
(Del.
Ch.
1992)
 56
American
Totalisator
Co
v.
Autotote
Ltd.,
No.
7268,1983
WL
21374
(Del.Ch.
Aug
18,
1983)
 57
Delmara
Drilling
Co
v.
American
Well
Sys,
Inc,
No
8221,1988
WL7396
(Del.Ch.Jan,26,1988)

 58
 American
 Totalisator
 Sys.
 v
 Automatic
 Totalisators
 (U.S.A)
 Ltd,
 No.
 5562,
 1978
 WL
 4479
 
 (Del.
 Ch.Apr.
 20,1978)


 59
Bernard
Personnel
Consultants,
Inc
v
Mazarella
(No.
11660,1990
WL
124969

(Del.Ch.Aug
28,1990)
 60
PepsiCo,
Inc
v.
Redmond
54
F.3d
1262
(1995)
 
 15

    • disclosure
 and
 diffusion61.
 The
 principal
 gatekeeper
 to
 trade
 secret
 status
 is
 that
 the
 information
 must
 have
 been
 subjected
 to
 reasonable
 efforts
 to
 maintain
 secrecy62.
 The
 reasonable
 efforts
 standard
 is
 probably
 the
 most
 important
 factor
 in
 determining
 whether
 a
 trade
secret
holder
owns
a
protectable
trade
secret63.


 The
tenet
of
reasonableness
requirement
is
reflecting
from
the
following
judgments
of
various
 courts.
 In
J.T.
Healey
&
Son,
Inc.
v.
James
A.
Murphy
&
Son,
Inc.,
64
the
court
reaffirmed
the
principle
by
 stating
that,

“[I]f
the
person
entitled
to
a
trade
secret
wishes
to
have
its
exclusive
use
in
his
 own
business,
he
must
not
fail
to
take
all
proper
and
reasonable
steps
to
keep
it
secret.
.
.
‘’

 The
 corresponding
 trade
 secret
 laws
 of
 different
 states
 have
 established
 a
 generic
 rule
 of
 application
of
reasonable
efforts
to
determine
trade
secret
status.
Under
Alabama
law,
among
 other
factors,
reasonable
effort
to
maintain
secrecy
is
used
as
a
benchmark
to
determine
the
 trade
secret
status65.
(Unisource
Worldwide,
Inc
v
South
Central
Alabama
Supply,
LLC66).
Under
 Florida
 Law,
 it
 was
 held
 that
 to
 constitute
 a
 trade
 secret,
 the
 trade
 secret
 owner
 has
 to
 take
 reasonable
efforts
to
maintain
secrecy.
(Merrill
Lynch
,
Pierce,
Fenner
&
Smith,
Inc.
v
Dumm67).
 






















































 
 61
Robert
G.
Bone
,
Trade
Secrecy,
Innovation,
and
the
Requirement
of
reasonable
secrecy
precautions.

 62Roger,E
 Schecter,
 
 Intellectual
 Property,
 the
 Law
 of
 Copyrights,
 Patents
 and
 Trade
 marks,
 West
 Publishing
 Company,April
2003.
 63
 Rowe
 A.
 Elizabeth.
 Contributory
 Negligence,
 Technology
 and
 Trade
 Secrets,
 (2009)
 http://works.bepress.com/elizabeth_rowe/5

and
MBL
(USA)
Corp,
Diekman,445
N.E
2d
418,425
(III.
App.
Ct
 1983)
 (“Although
 many
 factors
 should
 be
 considered
 to
 determine
 if
 a
 trade
 secret
 exists,
 what
 is
 primary
 importance
is
whether
and
how
an
employer
acts
to
keep
the
information
secret”)
 64 
J.T.
Healey
&
Son,
Inc.
v.
James
A.
Murphy
&
Son,
Inc.,
357
Mass.
728,
737‐39
(1970)
 65 
 Brian
 M
 Malsberger,Trade
 Secets:
 A
 state
 by
 state
 Survey,
 BNA
 Books
 (Bureau
 of
 National
 Affairs)
 (July
 1997)

 66 
Unisource
Worldwide,
Inc
v
South
Central
Alabama
Supply,
LLC
199
F.
Supp.2d
1194,1211
(M.D
Ala.2001)
 67 
Merrill
Lynch
,
Pierce,
Fenner
&
Smith,
Inc.
v
Dumm,
191
F.Supp.2d
1346,1351
(M.D.
Fla.2002)
 
 16

    • Under
Kentucky
law,
it
was
held
that
when,
plaintiff
exercises
no
efforts
to
maintain
secrecy
of
 the
trade
secret,
then
he
loses
his
right
to
the
trade
secret
status.
(Rogers
v
Desa
Int’l,
Inc68).

 Under
Louisiana
law,
plaintiff
has
to
undertake
reasonable
efforts
to
maintain
secrecy
(Reingold
 v
 
 Swfitships,
 Inc69.)
 Similarly
 under
 the
 provisions
 of
 Ohio
 law,
 it
 is
 required
 that
 the
 trade
 secret
owner
take
has
to
undertake
reasonable
steps
to
maintain
its
secrecy.
(Valco
Cincinnati
 Inc
v.
N&D
Machining
Serv.,
Inc70).
Mostly
all
the
states
have
summed
up
the
requirement
of
 reasonableness
ascertaining
the
trade
secret
status.

 Though,
reasonableness,
which
is
a
common
legal
test,
is
easy
to
state
but
hard
to
define.71
To
 meet
 the
 reasonableness
 test,
 the
 law
 requires
 the
 trade
 secret
 owner
 to
 undertake
 actual
 efforts
 to
 the
 extent
 that
 they
 are
 rigorous
 enough
 to
 force
 another
 to
 use,
 improper,
 illegal
 and
unethical
means
to
discover
a
trade
secret72.

 
One
 of
 the
 factors
 listed
 in
 the
 Restatement,
 which
 is
 considered
 in
 determining
 whether
 particular
information
is
a
trade
secret,
is
“the
extent
of
measures
taken
by
him
(trade
secret
 owner)
to
guard
the
secrecy
of
the
information.

 
UTSA
 requires
 that
 efforts
 to
 maintain
 secrecy
 “be
 reasonable
 under
 the
 circumstances”.
 UTSA’s
comment
approvingly
summarizes
the
common
law
requirement
as
follows73:

 “[R]easonable
 measures
 to
 maintain
 secrecy
 have
 been
 held
 to
 include
 advising
 employees
 of
 the
 existence
 of
 the
 trade
 secret,
 limiting
 access
 to
 trade
 secret
 on
 “need
 to
 know
 basis”
 and
 






















































 
 68 
Rogers
v
Desa
Int’l,
Inc,183
F.
Supp
2d
955,958
(E.D.
Mich.
2002)
 69 th 
Reingold
v

Swfitships,
Inc,
126
F.3d
645,640,44
USPQ.2d
1481
(5 
Cir
1997)

 70 
Valco
Cincinnati
Inc
v.
N&D
Machining
Serv.,
Inc,
492
N.E.
2d
814,
819
(Ohio
1996)

 71
Robert
G.
Bone
,
Trade
Secrecy,
Innovation,
and
the
Requirement
of
reasonable
secrecy
precautions.
 72

Slaby,
David
W.
;
Chapman,
James
C.
;
O'Hara,
Gregory,Trade
Secret
Protection:
An
Analysis
of
the
Concept
 Efforts
Reasonable
under
the
Circumstances
to
Maintain
Secrecy,5
Santa
Clara
Computer
&
High
Tech.
L.
J.
321
 (1989)

 73
Uniform
Act
Comment
§
1.

 
 17

    • controlling
 plant
 access.
 On
 the
 other
 hand
 public
 disclosure
 of
 information
 through
 display,
 trade
journal
publications,
advertising,
or
other
carelessness
can
preclude
protection.74
 Hence,
 It
 is
 indeed
 important
 that
 careful
 efforts
 to
 preserve
 the
 trade
 secrecy
 would
 be
 required
 by
 the
 end
 user
 to
 retain
 his
 rights
 in
 the
 trade
 secret
 after
 hosting
 his
 data
 in
 the
 server
of
the
cloud
provider.
However
the
level
of
secrecy
and
reasonableness
required
is
not
 reflected
in
the
provisions
of
the
law
of
either
UTSA
or
Restatement
of
Torts.


It
is
the
duty
of
 the
trade
secret
owner
to
protect
its
trade
secrets.
The
burden
of
proving
that
reasonable
steps
 have
been
taken
falls
on
the
plaintiff75.

The
courts
through
their
decisions
have
made
it
clear
 that
 the
 trade
 secret
 owner,
 who
 is
 not
 vigilant
 about
 safe
 guarding
 its
 trade
 secrets,
 cannot
 expect
 others
 to
 hold
 a
 higher
 obligation
 to
 preserve
 the
 secret.76
 The
 level
 of
 reasonable
 efforts
 taken
 is
 directly
 relative
 to
 the
 finding
 that
 the
 misappropriater
 has
 derived
 the
 trade
 secret
through
improper
means.

 The
 courts
 have
 through
 numerous
 verdicts
 created
 homogenous
 yardstick
 to
 determine
 the
 level
of
reasonableness
required
for
maintaining
the
status
of
trade
secret.
An
entity
that
has
 taken
 reasonable
 steps
 to
 protect
 valuable
 business
 information
 only
 knows
 with
 certainty
 whether
a
court
will
agree
that
the
information
is
indeed
a
trade
secret
when
the
court
actually
 makes
 the
 determination77.
 The
 primary
 ruling
 in
 the
 various
 cases
 discussed
 herein
 below
 is
 that
the
threshold
of
level
of
reasonableness
is
not
very
high
and
stringent.

 






















































 
 74
Uniform
Act
Comment
§
1.

 75
Fisher
Stoves
Inc,
v
All
Nighter
Stoves,
Inc
626
F.
2d

 76
Fisher
Stoves
Inc,
v
All
Nighter
Stoves,
Inc
626
F.
2d

 77
Slaby,
David
W.
;
Chapman,
James
C.
;
O'Hara,
Gregory
,Trade
Secret
Protection:
An
Analysis
of
the
Concept
 Efforts
Reasonable
under
the
Circumstances
to
Maintain
Secrecy,5
Santa
Clara
Computer
&
High
Tech.
L.
J.
321
 (1989)

 
 18

    • 1.
 E.I
duPont
deNemorus
&
Company
v.
Christopher78

 The
 court
 noted
 that
 the
 law
 does
 not
 require
 unreasonable
 precautions
 to
 prevent
 another
 from
doing
that
he
ought
not
to
do
in
first
place.

 2.
 


Tubular
Threading,
Inc.
v.
Scandaliato79
 The
court
stated
that
“the
efforts
required
to
maintain
secrecy
are
those
reasonable
under
the
 circumstances,
and
courts
do
not
require
extreme
and
unduly
expensive
procedures
be
taken
 to
protect
trade
secrets”80.
 3.
 



Sheets
v.
Yamaha
Motors
Corp81
 The
 court
 stated,
 “that
 the
 trade
 secret
 owner
 needs
 to
 take
 steps
 that
 are
 reasonably
 necessary
under
the
circumstances
to
maintain
secrecy.

 4.
 Rockwell
Graphics
Systems,
Inc82
 The
 court
 stated,
 “Reasonableness
 is
 to
 be
 evaluated
 by
 comparing
 the
 costs
 of
 precautions
 with
the
benefits”.


 
 5.

 Compuserve
Corp
v.
Serena
Software
Int’l
Inc83
 The
 court
 In
 this
 case
 held
 that
 “[o]ne
 need
 not
 make
 every
 conceivable
 effort
 to
 protect
 secrecy”84.
 As
Judge
Ponser
has
explained,
“a
balance
between
vigilance
and
practicality
must
be
achieved:
 “[T]he
 question
 is
 whether
 additional
 benefit
 in
 security
 could
 have
 exceeded
 [the]cost
 of
 contemplated
protection.”
 






















































 
 78
E.I
duPont
deNemorus
&
Company
v.
Christophe,
431.F.2d
1012
(5th
Cir.1970)
 79
Tubular
Threading,
Inc.
v.
Scandaliato,
443
So.2d
712,
714
(La.Ct.App.1983).

 80
Tubular
Threading,
Inc.
v.
Scandaliato,
443
So.2d
712,
714
(La.Ct.App.1983)
 81
Sheets
v.
Yamaha
Motors
Corp,
849
F.2d
at
183
 82Sheets
v.
Yamaha
Motors
Corp,
925
F.2d
at
179‐180
 
Compuserve
Corp
v.
Serena
Software
Int’l
Inc,
77
F.
Supp.
2d.
816,
822
 83 
Compuserve
Corp
v.
Serena
Software
Int’l
Inc,
77
F.
Supp.
2d.
816,
822
 84 
 19

    • Hence,
in
the
light
of
the
cases,
it
could
be
emphatically
stated,
that
the
courts
have
taken
a
 view
 that
 extreme
 and
 unduly
 expensive
 procedures
 are
 not
 required
 to
 be
 taken
 to
 protect
 trade
secrets
against
flagrant
industrial
espionage85.

 In
 determining
 that
 the
 trade
 secret
 owner
 has
 exercised
 reasonable
 diligence
 number
 of
 factors
are
taken
into
consideration86.
As
UTSA
or
Restatement
of
Torts
has
not
provided
any
 guidance
on
the
reasonable
efforts
requirement,
hence
the
sufficiency
of
the
secrecy
is
judged
 in
the
light
of
the
circumstances,
including
the
case
laws
and
industry.
 These
 underlying
 decisions
 of
 the
 courts
 underpin
 the
 guiding
 standards
 to
 the
 end
 users
 on
 how
 to
 determine,
 if
 the
 reasonable
 standard
 test
 has
 been
 met.
 
 The
 test
 for
 determining
 reasonableness
 standard
 is
 not
 consistent
 by
 the
 courts.
 However
 the
 courts
 look
 into
 the
 following
aspects
(a)
confidentiality
agreements
(b)
control
access
to
the
data
(c)
information
 generally
 known
 outside
 
 (d)
 expenditure
 to
 keep
 the
 information
 confidential
 (d)
 affirmative
 steps
to
be
taken
 (i)

 Confidentiality
and
Non‐Disclosure
Agreements
 Courts
 have
 held
 that
 information
may
remain
a
trade
secret
even
if
the
owner
 discloses
 the
 information
 to
 its
 licensees,
 vendors,
 or
 third
 parties
 for
 limited
 purposes87.
 If
 the
 end
 user
 discloses
information
to
the
cloud
service
provider
under
the
terms
of
confidentiality
and
non‐ disclosure
agreements,
then
the
data
might
not
lose
its
trade
secret
status.


Courts
have
held
 that
information
may
remain
a
trade
secret
even
if
the
owner
discloses
the
information
to
its
 






















































 
 85
Uniform
Act
Comment
§
1
 86
Uniform
Trade
Secrets
Act,
The;
Klitzke,
Ramon
A.64
Marq.
L.
Rev.
277
(1980‐1981)
 87
Roger
M.
Milgrim,
Milgrim
on
Trade
Secrets,
§1.04,
Matthew
Bender,
(1984)
 
 20

    • licensees,
vendors,
or
third
parties
for
limited
purposes88.
Whether
a
transfer
of
trade
secrets
 to
a
cloud
service
provider
extinguishes
the
trade
secret
has
yet
to
be
ruled
upon.

 Data
that
is
disclosed
by
the
end
user
to
the
cloud
service
provider
is
under
the
terms
of
the
 confidentiality
and
non‐disclosure
agreements.
These
agreements
create
a
relationship
of
duty
 of
confidence
between
the
parties
and
the
cloud
service
provider
is
bound
by
the
terms
of
the
 agreements
 not
 to
 disclose
 or
 use
 the
 data
 of
 the
 end
 user.
 The
 decisions
 of
 the
 courts
 in
 Saltman
Engineering
Coy
Ld.
v.
Campbell
Engineering
Coy.
Ld89
affirm
that
if
information
is
given
 by
one
trader
to
another
in
circumstances
which
make
that
information
confidential,
then
the
 second
trader
is
disentitled
to
make
use
of
the
confidential
information
for
purposes
of
trade
 by
way
of
competition
with
the
first
trader90.
 
 Similarly,
the
courts
in
Lac
Minerals
Ltd.
v.
International
Corona
Resources
Ltd.,
 91
and
Coco
v.
 A.N.
Clark
(Engineers)
Limited,92
held
that
“A
duty
of
confidence
arises
when
a
person
acquires
 knowledge
 of
 confidential
 information,
 including
 trade
 secrets,
 under
 circumstances
 in
 which
 the
person
has
notice
or
agreed
that
the
information
is
confidential”93.
The
court
in
Coco
v
A.N
 Clark
(Engineers)
suggested,
a
test
to
determine
if
the
duty
of
confidence
arises
between
the
 parties.
It
stated
that
“it
is
an
objective
one
(test):
whether
a
reasonable
person
standing
in
the
 shoes
of
the
recipient
of
the
information
would
have
realized
that
the
information
was
given
in
 confidence”.

 






















































 
 88
Roger
M.
Milgrim,
Milgrim
on
Trade
Secrets,
§1.04,
Matthew
Bender,
(1984)
 89 
Saltman
Engineering
Coy
Ld.
v.
Campbell
Engineering
Coy.
Ltd,
(1948)
 90 
Saltman
Engineering
Coy
Ld.
v.
Campbell
Engineering
Coy.
Ltd,
(1948)
 91
Lac
Minerals
Ltd.
v.
International
Corona
Resources
Ltd,
[1989]
2
S.C.R.
574

 92
Coco
v.
A.N.
Clark
(Engineers)
Limited,
[1969]
R.P.C.
41
(Ch.
D.)

 93 
Coco
v.
A.N.
Clark
(Engineers)
Limited,
[1969]
R.P.C.
41
(Ch.
D.)

 
 21

    • The
Delaware
Court
of
Chancery
in
Data
General
Corp.
v.
Digital
Computer
Controls,
Inc94,
held
 that
Data
General
had
taken
adequate
measures
to
protect
the
confidentiality
of
the
diagrams,
 stating,
"dissemination
is
not
significant
if
in
confidence.”

 It
is
to
be
noted
that,
breach
of
confidentiality
gives
rise
to
two
independent
legal
claims:
one
 for
misappropriation
of
trade
secret;
the
other
for
breach
of
contract95.

 The
 following
 are
 the
 summary
 of
 cases,
 which
 reflect
 the
 principal
 of
 confidentiality
 relationship.
 a.
 Technicon
Data
Sys.
Corp
v
Curtis
1000,
Inc96
 Technicon,
was
a
developer
of
hospital
record
system
and
the
defendant,
Curtis
1000
reversed
 engineered
the
interface
of
a
computerized
system
for
storing
hospital
data.
The
court
granted
 preliminary
 injunction
 on
 the
 ground
 that
 various
 techniques
 were
 used
 by
 the
 plaintiff
 to
 achieve
secrecy,
which
included
the
use
of
confidentiality
agreements97
 
b.
 Baystate
Techs.,
Inc
v.
Bently
Sys.,
Inc98
 Baystate
Technologies
filed
a
complaint
against
Bentley
Systems,
Inc
alleging
misappropriation
 of
 trade
 secrets
 in
 violation
 of
 M.G.L.
 c.
 42
 and
 copyright
 infringement99.
 Bently
 misappropriated
certain
trade
secrets
in
Baystate’s
CAD
software.
One
of
the
factors,
the
court
 used
for
determining
whether,
the
plaintiff’s
actions
and
policies
concerning
the
treatment
of
 






















































 
 94
Data
General
Corp.
v.
Digital
Computer
Controls,
Inc,
357
A.2d
105,
188
U.S.P.Q.
(BNA)
276
(Del.
Ch.
1975)
 95 
Roger
M.
Milgrim,
Milgrim
on
Trade
Secrets,
§1.04,
Matthew
Bender,
(1984)
 96
Technicon
Data
Sys.
Corp
v
Curtis
1000,
Inc,
224
U.S.P.Q.
286,290,1984‐2
CCH.
 97

Roger
M.
Milgrim,
Milgrim
on
Trade
Secrets,
§1.04,
Matthew
Bender,
(1984)
 98 
Baystate
Techs.,
Inc
v.
Bently
Sys.,
Inc,
946
F.Supp.1079,1092
(D.Mass.1996)

 99 
Baystate
Techs.,
Inc
v.
Bently
Sys.,
Inc,
946
F.Supp.1079,1092
(D.Mass.1996)

 
 22

    • its
trade
secret
were
sufficient
to
protect
its
claimed
secrecy
was
the
existence
or
absence
of
an
 express
agreement
restricting
disclosure100.
 c.
 Electornic
Data
Sys.Corp.
v.
Heinemann101
 In
this
case,
the
court
held
that
the
vindication
of
confidentiality
agreements
is
one
of
the
policy
 considerations
courts
have
recognized
as
reasons
for
trade
secret
protection.

 d.
 J.T.
Healy
&
Son,
Inc.
v.
James
A.
Murphy
&
Son,
Inc.
&
Ors102.
 The
court
stated
in
this
case,
“one
who
claims
that
he
has
a
trade
secret
must
exercise
eternal
 vigilance.
This
calls
for
constant
warnings
to
all
persons
to
whom
the
trade
secret
has
become
 known
and
obtaining
from
each
an
agreement,
preferably
in
writing,
acknowledging
its
secrecy
 and
promising
to
respect
it”103.
 e.
 Holloman
v
O.
Mustad
&
Sons
(USA),
Inc104.,
 The
court
in
this
case,
held
that
the
trade
secret
law
acquired
through
breach
of
confidential
 relationship
 or
 discovered
 through
 improper
 means
 to
 be
 the
 proper
 subject
 of
 a
 misappropriation
claim105.

 Termination
of
Confidentiality
and
Non‐Disclosure
Agreements
 
 Cloud
service
provider
may
take
certain
steps
for
security
of
data.
However
these
steps
might
 create
 a
 hurdle,
 later
 when
 the
 agreement
 between
 them
 is
 terminated.
 If
 the
 agreement
 between
 the
 cloud
 service
 provider
 and
 the
 end
 user
 is
 terminated,
 would
 the
 cloud
 service
 






















































 
 100 
Brian
M
Malsberger,Trade
Secets:
A
state
by
state
Survey,
BNA
Books,93,
(Bureau
of
National
Affairs)
(July
 1997)



 101 
Electornic
Data
Sys.Corp.
v.
Heinemann,
493
S.E
2d
132,134‐35(Ga.1997)
 102 
J.T.
Healy
&
Son,
Inc.
v.
James
A.
Murphy
&
Son,
Inc.
&
Ors,
357
Mass.
728
(1970),
260
N.E.2d
723
 103 
J.T.
Healy
&
Son,
Inc.
v.
James
A.
Murphy
&
Son,
Inc.
&
Ors,
357
Mass.
728
(1970),
260
N.E.2d
723
 104 
Holloman
v
O.
Mustad
&
Sons
(USA),
Inc,
196
F.
Supp.2d
450,459
(E.D
Tex.
2002)

 105
Holloman
v
O.
Mustad
&
Sons
(USA),
Inc,
196
F.
Supp.2d
450,459
(E.D
Tex.
2002)

 
 23

    • provider,
 be
 still
 bound
 by
 the
 terms
 of
 confidentiality
 and
 non‐disclosure
 agreements
 to
 safeguard
the
original
data
as
well
as
copies
of
data?
 
 The
decision
of
the
court
in
Cadbury
Schweppes
v.
FBI
Foods
Limited
 106would
provide
a
 guiding
 light
 to
 this
 dilemma
 of
 combination
 of
 technology
 and
 law.
 The
 facts
 of
 the
 case
 pointed
 out,
 that
 a
 licensor
 revealed
 to
 the
 licensee,
 under
 license,
 confidential
 information
 about
 a
 recipe
 for
 a
 tomato
 cocktail
 with
 clam
 broth.
 After
 receiving
 notice
 to
 terminate
 the
 license,
 the
 licensee
 used
 the
 confidential
 information
 to
 develop
 a
 competing
 product.
 The
 court
 held
 the
 licensee
 was
 under
 an
 obligation
 to
 protect
 the
 trade
 secret
 and
 the
 licensee
 even
after
termination107.


 Deletion
of
Multiple
Copies
After
Termination
of
Confidentiality
and
Non‐Disclosure
 Agreements.
 
 Redundancy
 data
 would
 have
 a
 major
 impact
 after
 termination
 of
 the
 agreement(s).

 Redundancy
of
data
creates
a
hurdle
because
the
cloud
service
provider
has
created
multiple
 copies
of
the
data
for
security
of
data
in
event
data
is
lost.

A
 pertinent
 glitch
 would
 arise,
 for
 end
users
who
might
later
want
to
migrate
their
data
from
the
cloud,
and
the
user
agreement
 does
not
automatically
provide
for
deletion
of
data
from
multiple
locations.

 Hence
it
is
important
for
the
interests
of
the
end
users,
that
the
cloud
service
user
agreements,
 should
create
a
provision
to
the
effect
that
“the
rights
and
the
duties
under
the
agreement
will
 survive
even
after
the
agreement
”.
Further,
a
provision
should
be
added
“that
the
copies
of
the
 data
would
be
automatically
deleted
after
the
termination”

 






















































 
 106
Cadbury
Schweppes
v.
FBI
Foods
Limited
,
[1999]
1
S.C.R.
142

 107
Cadbury
Schweppes
v.
FBI
Foods
Limited
,
[1999]
1
S.C.R.
142

 
 24

    • It
is
also
important
to
note
that
it
might
not
be
possible
to
fully
delete
all
the
copies
of
the
data,
 since
full
data
deletion
is
only
possible
by
destroying
a
disk,
which
also
stores
data
from
other
 clients.
When
a
request
to
delete
a
cloud
resource
is
made,
this
may
not
result
in
true
wiping
of
 the
 data
 (as
 with
 most
 operating
 systems)108.
 Where
 complete
 data
 wiping
 is
 required,
 the
 cloud
service
provider,
should
adhere
to
special
procedures
for
complete
wiping
of
the
data.
 (b)
 Control
Access
to
the
Data
 The
 trade
 secret
 owner
 is
 required
 to
 undertake
 reasonable
 steps
 to
 ascertain
 that
 the
 data,
 which
 is
 sought
 to
 be
 protected
 under
 the
 doctrine
 of
 trade
 secret
 law,
 is
 only
 accessed
 by
 relevant
people.
If
the
cloud
service
provider
authorizes
the
data
to
be
shared
by
other
users
on
 the
shared
server,
the
data
might
lose
it
trade
secret
status.

 Moreover,
 the
 data
 of
 the
 end
 user
 is
 stored
 on
 a
 hypervisor
 of
 the
 cloud
 service
 provider,
 which
runs
multiple
operating
systems
on
a
single
server.
This
enables
multiple
users
to
operate
 on
 single
 server.
 
 Due
 to
 this
 multi‐tenancy
 factor
 of
 cloud,
 the
 end
 user
 might
 not
 have
 complete
control
over
the
access
of
his
data.
Moreover
the
data,
might
be
frequently
appended
 or
 updated
 or
 logs
 could
 be
 created
 for
 the
 billing
 purposes
 of
 the
 data.
 Hence,
 if
 the
 cloud
 service
provider
does
not
execute
a
high
control
access
regime,
then
the
court
may
consider,
 this
as
a
default
on
the
part
of
the
cloud
service
provider.

 Even
 though
 there
 is
 a
 business
 arrangement
 by
 the
 cloud
 service
 provider
 and
 the
 end
 user
 and
 although,
 confidentiality
 and
 non‐disclosure
 agreements
 between
 the
 parties
 define
 the
 contours
 of
 confidential
 relationship,
 end
 the
 user
 however
 should
 never
 simply
 leave
 the
 details
 of
 the
 protection
 up
 to
 the
 Cloud
 Service
 provider
 without
 confirming
 that
 they
 are
 






















































 
 108 
European
Network
and
Security
Agency
,
Cloud
Computing,
Benefits
,Risks
and
Assessment,
(Nov
2009).
 
 25

    • robust109.
 
 In
 Carboline
 
 Co
 v.
 Lebeck110,
 the
 court
 held
 that
 the
 trade
 secret
 owner
 had
 not
 taken
 reasonable
 measures
 to
 maintain
 secrecy
 where,
 among
 other
 things,
 it
 took
 no
 measures
to
protect
information
in
the
hands
of
suppliers
or
customers111.
 A
another
problem
that
could
arise
for
the
end
user
is
that
the
data,
could
be
replicated
and
 stored
 in
 diverse
 geographical
 locations,
 hence,
 it
 might
 be
 very
 difficult
 for
 the
 end
 user
 to
 have
 complete
 control
 access
 to
 the
 data,
 as
 he
 may
 not
 be
 aware
 about
 the
 location
 of
 his
 data
storage.
 Limited
Control
Access
Due
to
Data
Redundancy
 
 To
ensure
durability
and
reliability
of
the
end
user
data,
the
cloud
services
provider
resorts
to
 data
redundancy.
They
store
multiple
copies
of
the
same
data
in
multiple
locations
so
that
in
 event
of
hardware
failure
or
when
disaster
strikes
a
data
center,
the
end
user
data
always
has
 access
to
the
data.
Data
redundancy
system
is
adhered
for
the
motive
to
combat
system
failure
 and
 consequential
 loss
 of
 data.
 Cloud
 service
 provider
 achieves
 client
 data
 redundancy
 by
 replicating
full
copies
on
different
storage
nodes112.


 Data
 redundancy
 can
 be
 employed
 with
 technique
 of
 erasure‐correcting
 code
 to
 further
 tolerate
 faults
 or
 server
 crash
 as
 user’s
 data
 grows
 in
 size
 and
 the
 original
 data
 from
 being
 retrieved
by
the
user113.

The
system
has
been
engineered
in
such
a
way
as
to
continue
to
fully
 functional
even
in
the
event
of
a
major
service
disruption
within
a
datacenter.
This
redundancy
 






















































 
 109
 Vicotria
 A
 Cundiff,
 Reasonable
 Measures
 to
 Protect
 Trade
 Secret
 in
 a
 Digital
 Enviourment,
 Franklin
 Law
 Review
(2009)

 110
Carboline

Co
v.
Lebeck,
990
F.Supp.762,767,‐68
(E.D.
Mo.
1997)

 111Carboline

Co
v.
Lebeck,990
F.Supp.762,767,‐68
(E.D.
Mo.
1997)

 112 
Ranjit
Nayak,
Cloud
Files
Introduction
Documentation
Release
1.1.0.
 113 
Ranjit
Nayak,
Cloud
Files
Introduction
Documentation
Release
1.1.0.
 
 26

    • could
 be
 achieved
 at
 the
 following
 levels
 –
 Data
 Replication,
 Business
 Data
 Replication
 and
 Server
Image
Data
Replication114
 Level
I:
Data
Replication
 Cloud
 service
 providers
 use
 database
 management
 systems,
 usually
 with
 a
 master/slave
 relationship
between
the
original
and
the
copies
to
replicate
data115.

In
this
system,
two
copies
 of
data
are
stored
in
the
cloud
.The
original
copy
of
the
data
is
the
termed
as
master
file
and
 the
copy
of
data
is
termed
as
the
slave
copy116.


 Level
2‐Business
Data
Replication
 Business
 data
 replication
 involves
 replication
 of
 only
 business
 data
 without
 operating
 system
 and
other
applications117.

 Level
3‐
Server
Replication
 In
server
replication,
the
data
stored
in
the
cloud
is
replicated
along
with
the
applications
and
 the
operating
system118.


 
Due
to
data
replication,
the
end
user
might
lose
control
over
his
data.
The
effect
of
multiple
 replicated
copies
in
the
light
on
reasonable
standard
measure
has
to
be
ascertained
for
purpose
 of
safeguarding
the
rights
of
the
trade
secret
holder.

In
a
misappropriation
claim,
the
end
user
 would
have
to
prove
that

data,
has
not
lost
the
trade
secret
status
by
the
virtue
limited
control
 access
 to
 the
 copies
 of
 the
 data.
 
 
 I
 propose,
 that
 end
 user
 should
 undertake
 reasonable
 measures
to
ensure
control
over
copies
of
data
to
prevent
disclosure.
The
reasonable
steps
may
 include
encryption
of
all
cached
copies
stored
in
different
geographic
locations.


 






















































 
 114 
Cloud
Station,
White
Paper:
Hybrid
&
Featured
Cloud
Management.
 115 
http://en.wikipedia.org/wiki/Replication_(computer_science)#Database_replication
 116 
Cloud
Computing
Panel,
Portland
(2010)
 117 
Cloud
Station,
White
Paper:
Hybrid
&
Featured
Cloud
Management
 118 
Cloud
Station,
White
Paper:
Hybrid
&
Featured
Cloud
Management
 
 27

    • (c)
Expenditure
to
preserve
secrecy
 The
amount
of
expenditure
incurred
by
the
end
user
for
creating

a
stronger
wall
to
preserve
 the
 secrecy
 of
 the
 data,
 is
 one
 of
 the
 determinative
 factors
 under
 reasonable
 standard
 test.
 High
expenditure
incurred
in
using
latest
 technology
for
encryption
or
installation
of
firewalls
 would
definitely
favor
the
end
user.

 (d)
Information
generally
known
outside
 It
 is
 axiomatic
 that
 publicly
 available
 information
 cannot
 qualify
 for
 trade
 secret
 status.119.

 Information
 could
 easily
 lose
 its
 trade
 secret
 status
 through
 public
 disclosure.
 Even
 an
 act
 of
 allowing
a
business
visitor
to
see
a
secret
plant
process
during
a
plant
tour
may
be
sufficient
to
 destroy
trade
secrecy120.
Hence
the
first
hurdle
for
the
end
user,
in
event
that
his
trade
secret
 stored
in
the
cloud
is
misappropriated
would
be
proving
that
information
stored
by
him
has
not
 lost
its
trade
secret
status
by
virtue
of
the
storage
in
this
medium.


 In
Steinberg
Moorad
Dunn
v.
Dunn,
Inc121,
it
was
held
that,
one
of
the
elements
of
trade
secret
 misappropriation
claim
is
that
the
information
must
not
have
to
be
generally
known.

 In
Ruckelshaus
v.
Monsanto
Co.122,
it
was
held
that
“Information
that
is
of
public
knowledge
or
 that
is
generally
known
in
an
industry
cannot
be
a
trade
secret.”123,
Similarly,
in
Kewanee
Oil
Co.
 v.
Bicron
Copr.,124,

it
was
held
that
“the
subject
of
a
trade
secret
must
be
secret,
and
must
not
 






















































 
 119A.
 Elizabeth
 Rowe,
 Saving
 
 Trade
 Secret
 Disclosures
 on
 the
 Internet
 through
 Sequential
 Preservation,
 
 42
 Wake
Forest
L.
Rev.
1
(Spring
2007)

 120
G.
Peter
Albert,
Whitesel
Laff,&
Saret
Laff,
Intellectual
Property
Law
in
Cyber
Space,
Whitesel
&
Saret
Ltd,
 (Precision
Moulding
&
Frame,
Inc
v
Simpson
Door
Co.,
77
Wash.App.20,888
P.2d
1239
(1995)
 121Steinberg
Moorad
&
Dunn
v
Dunn
Inc
WL
3196234
 122
Ruckelshaus
v.
Monsanto
Co,
467
U.S.
986,
1002
(1984)

 123 
Ruckelshaus
v.
Monsanto
Co,
467
U.S.
986,
1002
(1984)

 124 
Kewanee
Oil
Co.
v.
Bicron
Copr,
416
U.S.
470,
475
(1974)

 
 28

    • be
of
public
knowledge
or
of
a
general
knowledge
in
the
trade
or
business.”125

 However,
 it
 does
 not
 necessarily
 mean
 that,
 “generally
 known”
 equates
 to
 be
 known
 by
 the
 general
 public.
 The
 comments
 in
 the
 UTSA
 clarify
 this
 perplexity
 to
 indicate
 that
 “generally
 known”
does
not
necessarily
mean
known
by
the
general
public126.
If
the
principal
persons
who
 can
 obtain
 economic
 benefit
 from
 information
 are
 aware
 of
 it,
 there
 is
 no
 trade
 secret127.
 Religious
Technology
Ctr.
v.
Netcom
On‐Line
Communication
Servs128.,
Inc.&
DVD
Copy
Control
 Ass’n
 Inc.
 v.
 Bunner129,
 reinstate
 that
 even
 if
 one
 person
 knows
 about
 the
 trade
 secret
 that
 could
derive
economic
benefit
from
it,
then
the
data
could
lose
its
trade
secret
status.


 Applying
 underlying
 principles
 of
 the
 above
 cases,
 to
 context
 of
 cloud
 computing,
 could
 it
 be
 implied
that,
cloud
service
provider
derives
economic
benefit
from
the
data
and
therefore
the
 data
is
held
to
be
generally
known
?
Riposte
to
this
quandary
lies
in
the
provisions
of
the
UTSA,
 which
provide
an
umbrella
protection
to
the
data
shared
with
cloud
service
provider.
Duty
of
 confidence
imposed
by
confidential
and
non‐disclosure
agreements
protect
the
end
user.
It
is
 the
principle
right
of
the
trade
secret
owner
to
grant
access
to
the
secret
to
others
subject
to
 contractual
 duty
 not
 to
 use
 or
 disclose
 it
 [Milgrim
 on
 Trade
 Secrets,
 Roger
 Migrims,
 §4.01]
 Hence
the
disclosure
made
to
the
cloud
service
provider
under
confidentiality
terms
would
not
 tantamount
to
disclosure
which
would
enable
the
trade
secret
to
be
generally
known.

 (e)

 
Affirmative
steps
to
be
taken
to
protect
trade
secret
 The
trade
secret
owner
is
required
to
undertake
affirmative
steps
to
protect
his
trade
secret.
 






















































 
 125 
Kewanee
Oil
Co.
v.
Bicron
Copr,
416
U.S.
470,
475
(1974)

 126 
 A.
 Elizabeth
 Rowe,
 Saving
 
 Trade
 Secret
 Disclosures
 on
 the
 Internet
 through
 Sequential
 Preservation,
 
 42
 Wake
Forest
L.
Rev.
1
(Spring
2007)
 127
Uniform
Act
Comment
§
1
 128 
Religious
Technology
Ctr.
v.
Netcom
On‐Line
Communication
Servs,
10
Cal.
Rptr.
3d

(2004).

 129 
DVD
Copy
Control
Ass’n
Inc.
v.
Bunner,
1997
U.S.
Dist.
LEXIS
23572,
(N.D.
Cal.
Jan.
3,
1997)
 
 29

    • This
principle
is
enumerated
in
the
cases
mentioned
herein
below.
 a.
 Incase
Inc
v
Timex
Corp130
 The
First
Circuit
Court
of
Appeals
states
that
in
order
to
protect
a
trade
secret,
affirmative
steps
 must
 be
 taken
 to
 preserve
 its
 secrecy
 regarding
 a
 party
 against
 whom
 misappropriation
 is
 claimed.

 

b.
 In
Metallurgical
Indus
Indus.
Inc
v
Fouretek,
Inc131

 The
court
in
this
case
stated
that,
“efforts
to
protect
secrecy
are
also
tied
to
the
requirement
 that
trade
secrets
have
value
indeed,
whether
or
not
a
company
took
adequate
steps
to
protect
 a
 secret
 is
 an
 evidence
 of
 subjective
 belief
 that
 the
 information
 was
 a
 trade
 secret
 and
 thus
 worthy
of
protection”.


 V. The
Problem:
Trade
Secret
Law
Applied
to
Cloud
Computing
 The
modern
development
of
technology
significantly
impacts
intellectual
property132.
There
has
 been
incredible
change
in
the
technology
of
computing
in
the
past
years.
Cloud
Computing
has
 been
 envisioned
 as
 the
 next‐
 generation
 architecture
 of
 IT
 Enterprise133.
 The
 revolution
 from
 storing
 data
 in
 the
 personal
 servers
 to
 the
 era
 of
 cloud
 computing
 has
 changed
 the
 way,
 we
 have
looked,
understood
and
used
information
technology.

 






















































 
 130
Incase
Inc
v
Timex
Corp,
488
F.3d
46,52‐53,83
U.S.P.Q.2d
1032
(Ist

Cir.2007)

 131 th 
Metallurgical
Indus
Indus.
Inc
v
Fouretek,
Inc,
790
F.2d.
1195.1199‐1200
(5 
Cir.1986)

 132
Andrew
 Beckerman‐Rodau, Trade
 Secrets­The
 New
 Risks
 to
 Trade
 Secrets
 Posed
 by
 Computerization,
 Rutgers
Computer
&
Tech.
L.J.
Vol.
28
(2002)
 133
Cong
Wang,
Qian
Wang,
&
Kui
Ren,
Ensuring
Data
Storage
Security
in
Cloud
Computing,
Computer
Security– ESORICS

Springer
(2009)
 
 30

    • In
contrast
to
traditional
solutions,
where
the
IT
services
are
under
proper
physical,
logical
and
 personnel
 controls,
 Cloud
 Computing
 moves
 the
 application
 software
 and
 databases
 to
 the
 large
data
centers134.


 Moving
 data
 into
 the
 cloud
 offers
 great
 convenience
 to
 users
 since
 they
 don’t
 have
 to
 care
 about
the
complexities
of
direct
hardware
management.135
The
business
have
now
started
to
 rethink
the
way
they
use,
buy
and
store
information
technology.
Rather
than
devoting
a
lot
of
 cash
for
purchasing
servers,
they
are
plugging
into
the
new
grid‐Cloud
Computing136.
However
 this
 recent
 type
 of
 paradigm
 shift
 to
 cloud
 computing
 imposes
 new
 challenges
 to
 intellectual
 property
law.

 One
 of
 the
 challenges,
 which
 are
 imposed
 by
 this
 computing
 platform
 shift,
 is
 the
 traditional
 outlook
 of
 trade
 secret
 law
 for
 protection
 of
 valuable
 data,
 which
 has
 a
 fixed
 mechanism
 of
 managing
and
using
valuable
data.
The
new
medium
of
storing
valuable
data
in
the
virtualized
 remote
servers
may
entail
risk
of
loss
in
trade
secret
status
and
the
underlying
protection
under
 the
various
provisions
of
the
trade
secret
law.

 The
 Cloud
 Service
 Provider
 stores
 the
 data
 of
 the
 end
 user
 in
 virtual
 servers
 in
 remote
 data
 storage
 units.
 
 If
 such
 data
 qualifies
 for
 a
 trade
 secret
 protection
 under
 the
 Restatement
 of
 Torts
and
UTSA,
then
it
may
have
legal
implications
to
the
effect
that,
if
reasonable
measures
to
 protect
the
data
from
disclosure,
are
not
undertaken,
it
would
cease
to
be
a
trade
secret.
The
 pertinent
 issue
 would
 be
 whether
 the
 current
 trade
 secret
 legal
 framework,
 appropriately
 






















































 
 134
Cong
Wang,
Qian
Wang,
&
Kui
Ren,
Ensuring
Data
Storage
Security
in
Cloud
Computing,
Computer
Security– ESORICS

Springer
(2009)
 135
Cong
Wang,
Qian
Wang,
&
Kui
Ren,
Ensuring
Data
Storage
Security
in
Cloud
Computing,
Computer
Security– ESORICS

Springer
(2009).
 136 
Nicholas
Carr,
The
Big
Switch
Rewiring
the
world
from
Edison
to
Google,
W.
W.
Norton
&
Company;
Reprint
 edition
(January
19,
2009)
 
 
 31

    • addresses
 the
 consequences
 of
 such
 disclosure.
 
 It
 is
 to
 be
 noted
 that
 even
 if
 the
 data
 is
 accidently
accessed
by
the
cloud
provider
or
the
third
party,
it
might
lose
its
trade
secret
status.
 In
Kewanee
Oil
Co.
v.
Bicron
Corp137,
the
court
stated
that
even
a
bona
fide
trade
secret
is
not
 protected
against
discovery
by
fair
means,
including
accidental
disclosure.
 
 A,
cloud
provider
can
access
the
virtual
machine,
where
the
data
of
the
end
user
is
stored
and
 they
 could
 also
 install
 backdoor
 log
 in
 to
 access
 the
 data.
 An
 end
 user
 is
 aware
 of
 these
 underlying
risks
of
storing
his
data
on
the
cloud.
If
still
the
end
user,
is
opting
to
store
his
data
in
 the
 cloud,
 could
 it
 be
 concluded,
 that
 he
 has
 migrated
 from
 the
 safety
 zone
 of
 trade
 secret
 protection?
In
the
early
case
of

1982,
Palin
Mfg
Co
v
Water
Technology
Inc138,
the
court
held
 that
 one
 who
 has
 disclosed
 his
 trade
 secret
 to
 others
 without
 appropriate
 safeguards
 cannot
 claim
thereafter
it
to
be
a
trade
secret.

 Consequently,
if
such
data
is
misappropriated
by
the
cloud
service
provider
or
unrelated
third
 party,
 then
 the
 protection
 accorded
 to
 the
 end
 user,
 under
 the
 provisions
 of
 underlying
 law,
 would
not
be
accorded.

 Additionally,
in
this
model,
the
data
is
distributed
in
diverse
geographical
regions
for
ensuring
 the
security
of
data.
This
may
impose
significant
jurisdictional
limitations
on
the
utilization
of
 legal
remedies
to
protect
the
data,
since
legal
redress
under
our
system
is
generally
based
on
 the
geographic
locations139.

However,
all
the
data
stored
by
the
end
user
may
not
qualify
as
 trade
 secrets
 under
 Uniform
 Trade
 Secrets
 Act
 and
 Restatement.
 It
 is
 important
 for
 the
 






















































 
 137
Kewanee
Oil
Co.
v.
Bicron
Corp,
416
U.S.
470
(1883)
 

138
Palin
Mfg
Co
v
Water
Technology
Inc,
982
F.2d
1130
(1992)
 139Andrew
Beckerman‐Rodau, Trade
Secrets­The
New
Risks
to
Trade
Secrets
Posed
by
Computerization,
Rutgers
 Computer
&
Tech.
L.J.
Vol.
28
(2002)
 
 32

    • purposes
of
the
analysis,
to
first
demarcate
between
data
protectable
as
trade
secret
from
the
 data
that
is
not
protected
as
trade
secret.
 A.

 Qualification
of
Data
As
Trade
Secret
In
Context
of
Cloud
Computing
 The
kinds
of
information/data
stored
in
the
cloud
varies
from
industry
to
industry.
Due
to
the
 dynamic
nature
of
scalability
of
the
cloud,
a
number
of
developers
are
deploying
their
software
 applications
 in
 the
 cloud140.
 The
 software
 applications
 deployed
 in
 the
 cloud
 might
 contain
 source
codes,
which
the
developer
might
want
to
individually
document
and
store
in
the
cloud
 for
building
newer
version
of
applications
in
the
cloud.
Hence
it
is
important
to
inquire
whether
 these
software
programs
could
be
protected
as
trade
secrets.

 
Software
Programs/Applications:
Protection
As
Trade
Secrets

 
 The
 end
 user
 will
 deploy
 software
 programs
 in
 the
 cloud.
 These
 software
 programs
 could
 be
 protected
 as
 trade
 secrets.
 A
 computer
 program
 is
 considered
 as
 a
 trade
 secret
 under
 the
 Florida
law141.
In
Liberty
Am.Ins.
Group,
Inc
v.
Westpoint
Underwriters,
L.L.C142,
the
court
held
 that
“the
subject
software
has
independent
economic
value
because
it
is
not
known
to
and
is
 not
readily
ascertainable
by
other
persons
who
could
derive
economic
value
from
its
disclosure
 and
the
plaintiff
had
taken
reasonable
measures
to
maintain
secrecy
of
the
software
including
 its
source
code”
and
hence
the
software
could
be
regarded
as
trade
secret.

 






















































 
 140The
 Social
 and
 Economic
 Impact
 of
 the
 Cloud,
 Cloud
 Computing
 Panel
 Discussion
 Code
 Camp,
 Portland.(May

22,2010)
 141
 Brian
 M
 Malsberger,Trade
 Secets:
 A
 state
 by
 state
 Survey,
 BNA
 Books
 (Bureau
 of
 National
 Affairs)
 (July
 1997)
 142
Liberty
Am.Ins.
Group,
Inc
v.
Westpoint
Underwriters,
L.L.C
199
F.Supp.
2d
1271,1302
(M.D.
Ga.1992)

 
 33

    • 
 The
 software
 code
 was
 comfortably
 found
 to
 be
 within
 the
 definition
 of
 trade
 secret
 under
 Massachusetts
 law143.
 The
 design,
 technology
 and
 marketing
 plans
 of
 a
 software
 were
 also
 held
 to
 be
 trade
 secrets
 in
 Alta
 Analytics,
 Inc
 v.
 Muuss144
 on
 similar
 factors
 discussed
 in
 Liberty
Am.Ins.
However
the
court
in
Hogan
Sys.,
Inc
v
Cybersource
Int’l,
Inc145

diverting
from
 the
decision
in
Bernard
Personnel
Consultants,
Inc
v
Mazarella146
(which
held
that
the
employee
 knowhow
 could
 be
 protected
 as
 trade
 secret)
 stated
 that
 “[g]eneral
 knowledge,
 skill
 and
 experience
in
the
computer
software
industry
do
not
constitute
as
trade
secret”.

 Applications
in
the
Cloud
Containing
Open
Source
Elements
 
 In
 the
 cloud,
 various
 software
 applications
 are
 deployed
 on
 many
 instances
 and
 the
 cloud
 provider
 would
 provide
 not
 only
 the
 necessary
 storage
 capacity
 but
 also
 computing
 infrastructure
 to
 run
 the
 application
 in
 cloud.
 These
 software
 programs
 and/or
 applications
 may
have
certain
elements
in
the
source
code
derived
from
open
source
software.
The
issue
in
 this
scenario,
would
be,
whether,
such
applications
could
be
protected
as
trade
secrets
because
 certain
elements
of
code
are
already
disseminated
to
public
via
open
source
medium.
This
issue
 was
resolved
by
United
States
Court
of
Appeals
for
the
Tenth
Circuit
in,
Rivendell
Forest
Prods.
 v.
Georgia‐Pacific
Corp147,
wherein
it
was
held
that
"a
trade
secret
can
include
a
system
where
 the
 elements
 are
 in
 the
 public
 domain,
 but
 there
 has
 been
 accomplished
 an
 effective,
 






















































 
 143 
 Brian
 M
 Malsberger,Trade
 Secets:
 A
 state
 by
 state
 Survey,
 BNA
 Books
 (Bureau
 of
 National
 Affairs)
 (July
 1997)
Original
Citation:
Harvard
Apparatus
,
Inc
v
Cowen
130.F.Supp.2d.161
(D.Mass.
2001)

 144 
Alta
Analytics,
Inc
v.
Muuss,
75.F.Supp.2d
773,785,
(S.D
Ohio
1999)
 145 th 
Hogan
Sys.,
Inc
v
Cybersource
Int’l,
Inc,
158
F.3d.319,324
48
U.S.P.Q.
2d.1668
(5 
Cir.1998)
 146 
Bernard
Personnel
Consultants,
Inc
v
Mazarella,1990
WL
124969
 147
Rivendell
Forest
Prods.
v.
Georgia‐Pacific
Corp,
28
F.3d
1042
(10th
Cir.
1994)
 
 34

    • successful
 and
 valuable
 integration
 of
 the
 public
 domain
 elements
 and
 the
 trade
 secret
 gave
 the
claimant
a
competitive
advantage..."
 The
court
in
further
in
Essex
Group
v
Southwire
Corp.,148
stated
that
“
the
trade
secret
can
exist
 in
a
combination
of
characteristics
and
components,
each
of
which
is
in
public
domain,
but
the
 unified
 process
 design
 and
 operation
 of
 which
 in
 unique
 combination,
 affords
 a
 competitive
 advantage
and
protective
trade
secret”.

 Under
 the
 New
 York
 law,
 a
 combination
 of
 public
 domain
 elements
 may
 be
 a
 trade
 secret
 within
 the
 meaning
 of
 Restatement
 of
 Torts
 §
 757.
 In
 Softel
 Inc
 v.
 Dragon
 Med.
 &
 Scientific
 Communications,
 Inc149,
 the
 court
 held
 that
 the
 combination
 of
 public
 domain
 elements
 of
 plaintiff’s
computer
source
code
was
held
to
be
a
trade
secret.
Hence
even
if
the
data
stored
by
 the
end
user
in
the
cloud,
has
open
source
elements
in
it.

It
could
still
be
accorded
the
trade
 secret
status.
 B.

 Trade
Secret:
Jurisdiction
Issues
 Cloud
 computing
 means
 that
 data
 may
 always
 be
 in
 transit,"
 said
 Teppler,
 "never
 anywhere,
 always
somewhere."150

A
cloud
service
provider
stores
multiple
copies
of
the
data
in
different
 geographical
regions
and
consequently
the
data
is
dispersed
across
and
stored
in
multiple
data
 centers
all
over
the
world151.
This
could
raise
jurisdictional
issue.

 
 The
trade
secret
misappropriation
cases
arise
under
the
common
law
of
many
states
and
 UTSA
 in
 many
 states,
 accordingly
 the
 subject‐matter
 jurisdiction
 lies
 in
 state
 courts
 in
 many
 






















































 
 148 
Essex
Group
v
Southwire
Corp,
269
Ga.553,501
S.E.2d
501(1998)

 149 nd 
Softel
Inc
v.
Dragon
Med.
&
Scientific
Communications,
Inc,
118
F.3d
955,968,
43
U.S.P.Q.2d
1385
(2 
Cir.1997)

 150 http://www.enterprisestorageforum.com/continuity/news/article.php/3814821/Cloud‐Computing‐Poses‐E‐ Discovery‐Legal‐Risks.htm
 151 
David
Navetta,
Legal
Implications
of
Cloud
Computing
‐
Part
One
(the
Basics
and
Framing
the
Issues)
(2009)
 
 35

    • cases.152.
If
the
end
user,
files
a
trade
secret
misappropriation
claim
against
the
cloud
service
 provider,
 it
 could
 raise
 an
issue,
 where
a
particular
state
court,
 has
personal
 jurisdiction
over
 the
cloud
service
provider,
on
the
sole
reason
that
the
copy
of
the
trade
secret,
was
stored
in
 the
 data
 center
 in
 that
 state.
 
 This
 quandary
 in
 the
 system
 of
 cloud
 computing
 distributed
 channel
 would
 arise
 this
 complication
 in
 personal
 jurisdiction
 arena.
 Hence
 in
 their
 interests,
 the
 cloud
 service
 provider
 should
 comprehend
 before
 hand,
 the
 benefits
 of
 storing
 a
 copy
 of
 users
data
in
a
particular
data
center
located
in
a
state
versus
other
state.

 
 
 It
 is
 to
 be
 noted
 that,
 the
 multiple
 data
 copy
 issue,
 could
 have
 a
 important
 legal
 consequence
 for
 end
 user,
 as
 application
 of
 data
 protection
 rules
 could
 also
 follow
 from
 location
choices153.
For
e.g
a
state
where
the
end
user’s
data
is
more
protective
than
in
state
in
 comparison
with
another
state,
where
also
the
copy
of
the
stored.
To
combat
this
situation,
the
 end
user
should
carefully
pick
up
the
forums
where
the
cloud
service
provider
may
have
data
 centers,
where
higher
level
of
data
protection
is
granted
by
the
courts
in
that
state.

 VI. Proposals:
 Measures
 to
 be
 adopted
 by
 End
 User
 to
 safeguard
 Trade
Secret
under
Reasonable
Standard
Test
 
 The
law
does
not
require
the
trade
secret
owner
to
build
an
impenetrable
fortress
around
the
 around
 its
 trade
 secret154,
 the
 end
 user
 should
 however
 take
 into
 account
 in
 designing
 a
 reasonable
 protection
 program
 which
 will
 ensure
 him
 the
 protection
 under
 the
 trade
 secret
 law.
These
measures
in
the
light
of
the
courts
decision
are
discussed
herein
below
 






















































 
 152 nd 
Henry
H.Perritt,
Jr.,
Trade
Secrets
Practitioner’s
Guide,
(2 
Edition),

Practicing
Law
Institute
(2004)
 153 
Robert
Gellman,
Privacy
in
the
Cloud:
Risks
and
Confidentiality,
World
Privacy
Forum.
 154 
 Vicotria
 A
 Cundiff,
 Reasonable
 Measures
 to
 Protect
 Trade
 Secret
 in
 a
 Digital
 Environment,
 Franklin
 Law

 
 Review




(2009)

 
 36

    • I. Encryption
As
a
Precaution
 Cryptography
 might
 be
 one
 of
 the
 technology
 tools
 for
 the
 end
 user
 to
 protect
 his
 data.
 The
 goal
 of
 encryption
 is
 to
 scramble
 objects
 so
 that
 they
 are
 not
 understandable
 or
 usable
 until
 they
are
unscrambled.
The
technical
terms
for
such
process
are
encrypting
and
decrypting155.
 Encryption
 is
 also
 used
 to
 protect
 data
 in
 transit
 and
 when
 data
 is
 stored.
 There
 have
 been
 numerous
reports
of
data
in
transit
being
intercepted
in
recent
years156.

 Current
 cryptosystems
 come
 in
 two
 basic
 configurations.
 The
 first
 is
 a
 "shared
 single
 key
 cryptology"
which
requires
the
same
key
to
encrypt
and
decrypt
the
message157.
The
second
is
 a
 "public
 key
 cryptography,"
 which
 uses
 two
 keys;
 one
 to
 encrypt
 the
 message
 and
 one
 to
 decrypt
it158.


 The
 cloud
 provider
 will
 always
 encrypt
 data
 when
 it
 is
 at
 transit,
 however
 data
 may
 not
 be
 encrypted
 it
 is
 at
 rest
 (stored).
 Existing
 cloud
 service
 providers
 may
 provide
 basic
 encryption
 key
schemes
to
secure
cloud
based
application
development
and
services,
or
they
may
leave
all
 such
protective
measures
up
to
their
customers159.
 The
end
user
has
discretion
of
encrypting
data
when
it
is
at
rest.

It
is
pertinent
to
note
that
the
 key
used
for
encryption
to
the
data
storage
could
also
be
with
the
provider.

 






















































 
 155 Computer
 Science
 and
 Telecommunications
 Board
 Commission
 on
 Physical
 Sciences,
 Mathematics,
 and
 Applications,
 The
 Digital
 Dilemma,
 Intellectual
 Property
 in
 the
 Information
 Age.
 National
 Academy
 Press,
 Washington
D.C
(2000)
 156
 Fiber
 Optic
 Networks
 Vulnerable
 to
 Attack,
 Information
 Security
 Magazine,
 November
 15,
 2006,
 Sandra
 Kay


Miller
 157
Henderson,
Charles
P,
Encryption,
key
recovery,
and
Commercial
Trade
Secret
Assets:
A
Proposed
Legislative
 Model.
Rutgers
Computer
&
Tech.
L.J.
(1999)
 158
Henderson,
Charles
P,
Encryption,
key
recovery,
and
Commercial
Trade
Secret
Assets:
A
Proposed
Legislative
 Model.
Rutgers
Computer
&
Tech.
L.J.
(1999)
 
 159 
 Cloud
 Security
 Alliance
 ,
 Security
 Guidance
 
 for
 
 Critical
 Areas
 of
 Focus
 in
 Cloud
 Computing
 (Version
 2.1)
 (December
2009)
 
 37

    • If
 the
 encryption
 and
 decryption
 key
 is
 the
 with
 the
 cloud
 provider,
 there
 would
 be
 a
 substantial,
risk
of
access
of
the
data
to
the
cloud
provider.
This
problem
might
be
eliminated
 by
 a
 recent
 technological
 development
 in
 the
 field
 of
 cryptography,
 whereby
 homomorphic
 encryption
 that
 would
 allow
 applications
 to
 compute
 directly
 on
 encrypted
 data,
 and
 return
 encrypted
results
to
the
end
user.

This
would
enable
could
provider
to
compute
in
the
cloud
 without
actually
giving
the
cloud
provider
access
to
the
data160.

 The
 courts
 have
 taken
 diverse
 opinions
 regarding
 whether
 encryption
 of
 the
 data
 could
 be
 adequate
to
meet
the
requirements
of
reasonable
standard
test
under
the
doctrines
of
trade
 secret
law.

 The
court
in
Heartland
Home
Fin.,
Inc
v.
Allied
Mortgage
Capital
Corp161,
held
that
“the
use
of
 an
 encrypted
 email
 to
 transmit
 the
 alleged
 trade
 secret
 and
 the
 password
 protection
 were
 insufficient
to
meet
the
requirement
given
the
lack
of
other
security
measures”162.

 In
another
case,
In
Twin
Vision
Corp
v
BellSouth
Commc’n
Sys.,
163
the
court
did
nor
provide
any
 light
or
guidance,
on
whether
encryption
alone
would
be
sufficient
evidence
that
trade
secret
 owner
has
taken
reasonable
effort
to
preserve
the
trade
secret
status.


 However,
 only
 encryption
 of
 the
 data
 may
 not
 constitute
 reasonable
 protection
 under
 the
 principles
 of
 Liebert
 v
 Mazur164
 wherein,
 the
 court
 stated
 that
 simply
 by
 restricting
 computer
 






















































 
 160 Homomorphic
Encryption
Breakthrough
Available
at

 http://www.schneier.com/blog/archives/2009/07/homomorphic_enc.ht
(July
9,
2009
)
 161
Heartland
Home
Fin.,
Inc
v.
Allied
Mortgage
Capital
Corp,No
1:05
CV
2659,2007
U.
S
Dist.
LEXIS
8882
 162
Heartland
Home
Fin.,
Inc
v.
Allied
Mortgage
Capital
Corp,No
1:05
CV
2659,2007
U.
S
Dist.
LEXIS
8882
 163
Twin
Vision
Corp
v
BellSouth
Commc’n
Sys,
No
97‐55231,1998
U.S
App.
LEXIS
13607
 164
Liebert
v
Mazur,
827
N.E.2d
909
(III.App.Ct.2005)
 
 38

    • access
 to
 customer
 lists
 by
 requiring
 a
 password
 is
 not
 sufficient
 measures
 to
 provide
 trade
 secret
protection
to
the
information165.

 In
 Aetna,
 Inc.
 v.
 Fluegel166,
 the
 court
 commenting
 on
 commenting
 on
 plaintiff’s
 use
 of
 encryption
 for
 some
 documents
 as
 evidence
 of
 its
 reasonable
 measures
 to
 maintain
 secrecy,
 recognized
 the
 use
 of
 encryption
 as
 evidence
 of
 the
 trade
 secret
 owner’s
 efforts
 to
 protect
 trade
secrets
.
However
the
courts
has
thus
not
yet
reached
a
point
where
failing
to
use
such
 encryption
 as
 a
 matter
 of
 course
 constitutes
 a
 per
 se
 failure
 to
 take
 reasonable
 measures
 to
 preserve
secrecy167


Hence
if
the
end
user
is
concerned
about
storing
sensitive
and
confidential
 data
in
the
cloud,
the
end
user
should
encrypt
the
data
(individual
files)
before
uploading
it
to
 the
cloud168.
 II. Confidentiality
Agreements
and
Non‐Disclosure
Agreements
 One
of
the
measures
the
end
user
could
adopt
to
safeguard
its
trade
secret
is
to
enter
into
a
 Non‐Disclosure
agreement
and
Conditionality
Agreement.
These
agreements
will
contractually
 create
on
obligation
on
the
end
user
to
protect
the
trade
secret.
If
the
cloud
service
provider
 misappropriates
 the
 trade
 secret,
 it
 could
 have
 legal
 consequences
 for
 breach
 of
 contract
 as
 well
as
misappropriation
under
UTSA.
§
41
of
the
UTSA
imposes
the
duty
of
confidence
to
the
 cloud
 service
 provider
 and
 he
 would
 be
 liable
 under
 §40
 of
 UTSA
 for
 appropriation
 of
 trade
 secret,
if
there
is
a
Confidentiality
Agreement
and
Non‐Disclosure
Agreements
signed
between
 the
 parties
 and
 the
 cloud
 service
 provider
 has
 acquired
 the
 trade
 secret
 by
 improper
 means.
 






















































 
 165
Liebert
v
Mazur,
827
N.E.2d
909
(III.App.Ct.2005)
 166 Aetna,
Inc.
v.
Fluegel,
No.
CV074033345S,
2008
WL
544504
(2008)
 167
 Vicotria
 A
 Cundiff,
 Reasonable
 Measures
 to
 Protect
 Trade
 Secret
 in
 a
 Digital
 Environment,
 Franklin
 Law
 Review



(2009)

 168 
Jinesh

Vaira,
Cloud
Architectures,
Amazon
Web
Services.


 
 39

    • These
agreements
must
be
in
existence
at
the
time
when
the
end
user
is
hosts
his
data
in
the
 cloud169.
 The
 language
 of
 the
 agreements
 must
 be
 clear
 and
 unambiguous170
 and
 more
 importantly
its
should
create
a
duty
of
confidentiality171

 III. Contractually
prevent
Reverse
Engineering
 An
 end
 user
 may
 store
 his
 trade
 secret
 in
 the
 cloud,
 the
 end
 user
 or
 third
 party
 may
 be
 restricted
 under
 the
 doctrines
 of
 the
 trade
 secret
 law
 to
 access
 or
 use
 the
 trade
 secret.
 However
 the
 trade
 secret
 law
 won’t
 protect
 the
 end
 user’s
 trade
 secret,
 if
 the
 cloud
 service
 provider
 or
 the
 third
 party
 gains
 access
 to
 the
 trade
 secret
 by
 means
 of
 reverse
 engineering.
 The
 court
 in
 Kewanee
 v.
 Bicron172
 stated
 that
 “
 While
 trade
 secret
 law
 does
 not
 forbid
 the
 discovery
 of
 the
 trade
 secret
 by
 fair
 and
 honest
 means
 e.g.,
 independent
 creation
 or
 reverse
 engineering173”

 It
is
therefore
important
for
the
end
user
to
contractually
prohibit
the
cloud
service
provider
to
 reverse
engineer
the
trade
secret.

The
case
laws
Painton
Co
v
Bourns,Inc174,
Diodes
v
Franzen175

 reflect
 a
 general
 consensus
 that
 a
 contractual
 prohibition
 against
 reverse
 engineering
 is

 enforceable176
 IV. Checklist
for
the
End
User
 






















































 
 169 
RTE
Corp
v.
Coatings
Inc,
267
N.W.
2d.
226,232
(Wis
1978)

 170 Dionee
vv
Southeast
Foam
Converting
&
Packaging
Inc.,
397
S.E.2d
110,112
(Va.1990)
 171 

Wanberg
v
Ocean
Spray
Canberries.
,Inc
194
U.S.P.Q
350,352,1977,WL
22790
(N.D.1II.1977)
&
 172 
Kewanee
v.
Bicron,
416
U.S.
470,
476
(1974)
 173 
 Roger
 M
 Milgrim,
 Milgrim
 on
 Trade
 Secret
 ,Vol.
 1,
 §1.01[1],Matthew
 Bender
 and
 Company
 Inc.
 (Updated
 2009)
 174 
Painton
Co
v
Bourns
Inc,
442F.2d
216,223
(2d
Cir.1971)
 175 
Diodes
v
Franzen,
260
Cal.App.2d
224,250,67
Cal.Rptr.19
(1968)
 176 
 Roger
 M
 Milgrim,
 Milgrim
 on
 Trade
 Secret
 ,Vol.
 1,
 §1.05[5],Matthew
 Bender
 and
 Company
 Inc.
 (Updated
 2009)
 
 40

    • CHECKLIST
FOR
THE
END
USER
 
 
Data/applications
to
be
hosted
in
the
cloud
qualify
as
a
trade
secret.
 
 
 Ref:
Qualification
of
data
as
Trade
secret

 Confidentiality
 Agreement
 or
 NDA
 between
 the
 End
 user
 and
 Cloud
 
 Service
Provider
 
 Ref:
 Measures
 to
 be
 adopted
 by
 End
 Users
 in
 safeguarding
 their
 trade
 secrets

 In
which
state
(location)
my
data
stored?

 
 Ref:
Data
is
always
in
Transit:
Jurisdictions
Issues

 Can
I
have
control
access
to
multiple
copies
stored
in
the
cloud?
 
 Ref:
Reasonable
standard
requirement.
 Agreements
will
survive
the
termination
of
the
agreement.
 
 Ref:
 Measures
 to
 be
 adopted
 by
 End
 Users
 in
 safeguarding
 their
 trade
 secrets

 Complete
wiping
of
all
the
copies
stored
in
the
cloud

 
 Ref:
 Measures
 to
 be
 adopted
 by
 End
 Users
 in
 safeguarding
 their
 trade
 secrets

 Anti‐Reverse
Engineering
provision
in
the
Agreement
 
 Ref:
 Measures
 to
 be
 adopted
 by
 End
 Users
 in
 safeguarding
 their
 trade
 secrets

 Data
Encryption
 
 Ref:
 Measures
 to
 be
 adopted
 by
 End
 Users
 in
 safeguarding
 their
 trade
 secrets
 VII. Conclusion
 As
technology
evolves
it
challenges
the
intellectual
property
law177.
The
trade
secret
law
must
 adjust
to
the
new
realities
of
the
era
of
technological
development.
The
manner
in
which,
the
 trade
secret
has
evolved
to
adjust
to
new
challenges
bought
by
the
advent
of
internet.
It
will
 also
 have
 to
 adjust
 to
 the
 new
 boom
 of
 cloud
 computing.
 Once
 the
 trade
 secret
 law
 






















































 
 177 
Roger
M
Milgrim,
Milgrim
on
Trade
Secret
,Vol.
2,
Matthew
Bender
and
Company
Inc.
(Updated
2009)
 
 41

    • accommodates
cloud
computing
within
its
ambit,
new
and
interesting
developments
in
the
law
 will
 take
 place.
 Cloud
 Computing
 and
 other
 technologies
 won’t
 prove
 to
 be
 the
 death
 of
 the
 trade
secret,
instead
these
will
pave
a
way
for
new
technologies
in
the
future
to
be
adapted
by
 the
 law.
 However
 what
 might
 have
 been
 a
 reasonable
 precaution
 ten
 years
 ago
 to
 protect
 a
 trade
secret
is
not
necessarily
reasonable
today
in
the
light
of
changed
circumstances
today178.

 This
short
checklist
might
enable
the
end
user
to
host
his
data
on
the
cloud
without
losing
his
 trade
secret
status.

 
 
 
 
 
 






















































 
 178 
 Rowe,
 Elizabeth
 A.,
 Contributory
 Negligence
 and
 Technology
 and
 Trade
 Secrets,
 University
 of
 Florida
 Levin
 College
of
Law
Research
Paper
No.
2008­06.(May
01,
2009).
http://ssrn.com/abstract=1161166
 
 42