Last month Caterpillar was hit with a $74 million jury verdict for trade secret misappropriation in the Eastern District of Illinois. The case was filed by Miller, a UK vendor that supplied Caterpillar with "couplers," a product that allowed quick changes of tools on excavators. After Caterpillar told Miller that it was switching to use a coupler of its own design, Miller sued, claiming that Caterpillar used Miller's confidential information in the development of the product, in violation of their "Supply Agreement."
And it's that agreement that marks the most immediate lesson to be drawn from this case: confidentiality obligations lurk in many contracts that are not called "Nondisclosure Agreement." When we're working on protecting our clients from unwanted information contamination, or just trying to keep track of confidentiality obligations so they can be managed, too often we limit the conversation to NDAs as such. And while those contracts certainly need our attention, we have to remember that similar obligations often are buried in other documents.
So our first task as counsel is to make sure that managers are sensitive to the real issue: obligating the company to keep information secret comes with a very heavy set of risks. It may be helpful to think of this custodial information like a virus, which when properly contained and managed will not cause harm, but which if mishandled can quickly spread through the organization, morphing as it goes in ways that make it hard to recognize, much less extract.
With management having the right understanding of the risk environment, it then becomes a matter of setting up procedures to mitigate the risk by limiting exposure and ensuring that all confidentiality obligations are closely tracked. In practical terms, this usually means creating special protocols as part of contract management, with legal review of the specific undertakings in all agreements. That review should also produce specific advice to the relevant managers about how to avoid misuse of data and how to close down the project properly when it's concluded.
For more tips on NDA management, see my white paper