Trade Secret Litigation: When a Former Employee Takes Your Advantage

Reasonable measures is not an absolute security standard. It is a proportionality test: the measures required are those that are reasonable given the value of the information, the size of the business, and the realistic threats to secrecy.

NDAs with employees who have access to confidential information are the baseline, but they are not sufficient by themselves. Access controls that limit which employees can access specific categories of sensitive information, separate from general company network access, demonstrate that the plaintiff treated the information as sensitive rather than generally available within the organization. Physical or digital marking of documents as confidential, combined with policies that employees are trained on and required to acknowledge, creates a record that the secrecy expectation was communicated and reinforced. Exit interview procedures that remind departing employees of their confidentiality obligations, combined with reminders in writing and collection of company devices, establish that the company actively worked to prevent exactly the disclosure it is claiming in litigation.

Companies that invest in reasonable protection measures before a dispute arises gain two advantages in litigation. First, the documented protection history directly satisfies the reasonable measures element. Second, it establishes the baseline from which forensic evidence of the departing employee's access pattern can demonstrate anomalous behavior, because the access controls create a record of who accessed what and when. Without access controls, the forensic record is thin and the departure appears normal. With them, a spike in downloads in the days before resignation is visible, documentable, and tells a coherent story of misappropriation.

Most trade secret misappropriation in modern cases involves digital information, and the forensic record of what was accessed, copied, transmitted, or deleted is often the most probative evidence in the case.

Forensic examination of the departing employee's company devices, personal devices that were used to access company systems, USB drives, and cloud storage accounts creates a timeline of data access and transfer activity. A departing employee who accessed the customer database 47 times in the last three days of employment, never having accessed it more than twice a day in the preceding year, has created a forensic anomaly that requires explanation. An employee who emailed large file attachments to a personal email account, connected an unauthorized USB device, or uploaded files to a personal cloud storage service on a company device has left a digital trail that forensic examination of company logs, email servers, and device activity records can reconstruct in detail.

The timing of forensic preservation matters enormously. A company that begins forensic preservation immediately after the departure is notified preserves evidence that may be overwritten, deleted, or inaccessible days later. System logs rotate, email servers purge, and personal devices controlled by the former employee may have information deleted before a litigation hold can be imposed. Employee electronic monitoring and electronic surveillance laws practice at the intersection of workplace monitoring and trade secret preservation requires understanding both what monitoring is legally permissible during employment and what forensic preservation steps are available after the employment relationship ends.

The Economic Espionage Act at 18 U.S.C. § 1832 creates criminal liability for trade secret misappropriation that benefits a foreign government, foreign instrumentality, or foreign agent, with penalties up to 10 years imprisonment and $5 million in fines per offense. The criminal enforcement pathway is available through DOJ referral when the misappropriation involves foreign state actors, competitive intelligence programs operated by foreign entities, or systematic trade secret theft programs that go beyond a single departing employee. Civil trade secret litigation and criminal EEA prosecution can proceed simultaneously when the misappropriation involves both a civil plaintiff with damages to recover and a national security dimension that DOJ treats as independently prosecutable. Defend Trade Secrets Act and theft of intellectual property cases with a foreign nexus require early evaluation of whether criminal referral is appropriate and whether DOJ involvement would support or complicate the parallel civil case.

Trade secret misappropriation cases fall into two primary categories with different evidentiary profiles: cases involving former employees who took information on departure, and cases involving competitors who obtained information through corporate espionage, vendor relationships, or infiltration.

Former employee cases are the most common and the most forensically tractable. The plaintiff controls the digital environment in which the theft occurred, can examine company devices and logs, and typically has the employment agreement and any NDA as baseline documents. The challenge in former employee cases is establishing that what the employee took was actually a protected trade secret under the reasonable measures standard, and that the employee is using it at the new employer rather than simply relying on general skills and knowledge that any experienced professional in the field would possess. The inevitable disclosure doctrine, which some courts have applied to prevent a former employee from working for a competitor when the new role would inevitably require using the plaintiff's trade secrets, has been accepted in some states and rejected in others, and its availability varies significantly by jurisdiction.

The CFAA at 18 U.S.C. § 1030 provides a parallel claim when the misappropriation involved accessing a computer without authorization or exceeding authorized access to obtain the information. The Supreme Court's decision in Van Buren v. United States, 593 U.S. 374 (2021), narrowed the scope of the "exceeds authorized access" prong, holding that an employee who has permission to access a system but uses the access for an unauthorized purpose has not necessarily violated the CFAA. The post-Van Buren framework means that an employee who legitimately had access to the files they copied before leaving may not have a CFAA violation attached to the DTSA claim, even if the purpose of the access was to steal the information. For cases involving clearly unauthorized access, such as accessing systems after resignation or through credentials the employee should not have had, the CFAA claim remains viable alongside the DTSA claim.

Trade secret litigation under the DTSA requires proving three things: that the information constitutes a trade secret, meaning it has independent economic value from secrecy and the plaintiff took reasonable measures to protect it; that the defendant acquired, disclosed, or used the information through improper means or in breach of a duty to maintain secrecy; and that the plaintiff suffered damages or is entitled to injunctive relief. The reasonable measures element is the threshold most often missed by plaintiffs, because a company that has not actually implemented specific, documented measures to protect the specific information claimed as a trade secret may not be able to establish the definition requirement regardless of how valuable the information is or how clearly it was taken.

Yes, through a TRO or a preliminary injunction, and in some cases through an ex parte seizure order under DTSA § 1836(b)(2). A TRO can be obtained without notice to the defendant when providing notice would allow the defendant to destroy evidence or move the stolen information beyond the court's reach. A preliminary injunction requires a hearing at which the defendant can present opposing evidence, and the standard requires showing a likelihood of success on the merits of the misappropriation claim, likely irreparable harm absent the injunction, a balance of hardships favoring the plaintiff, and that the injunction would not harm the public interest. Speed matters: the emergency application must be filed promptly after the plaintiff becomes aware of the misappropriation, because delay weakens the irreparable harm argument.

The two strongest defenses attack the plaintiff's threshold showing rather than the specific conduct alleged. First, challenging whether the information qualifies as a trade secret by demonstrating that the plaintiff did not take reasonable measures to protect it, that the information was generally known or ascertainable in the industry, or that it lacks independent economic value from its secrecy. Second, establishing independent development, meaning the defendant developed the same or similar information through its own work, predating any contact with the plaintiff's employee or information. Reverse engineering is a complete defense when the defendant derived the information by analyzing a product obtained through legitimate commercial channels. Statute of limitations under the DTSA is three years from discovery of the misappropriation, and claims filed after that period are time-barred.

No. Trade secrets receive protection without registration, which is both an advantage and a risk. The advantage is that protection arises automatically from the combination of the information's secrecy and the measures taken to maintain it. The risk is that the absence of any registration record means the plaintiff must prove in litigation what the trade secret is, when it was created, what measures were taken to protect it, and when it was misappropriated, entirely from internal records and witness testimony. A company that maintains documented records of what information it treats as confidential, how access is controlled, what training employees receive, and what agreements are in place has built the litigation record it will need if a misappropriation claim arises. A company that relies on informal confidentiality culture without documentation may have valuable secrets but face difficulty proving in court that those secrets qualify for protection.