Startup Law Lab. Volume IV: ‘Securing know-how in times of AI and cybercrime’
In an increasingly digitalised and globalised world, protecting trade secrets is essential to ensuring the competitiveness of companies. From recipes and design drawings to customer lists and software, trade secrets encompass valuable information that must not fall into the wrong hands. But what exactly makes information a trade secret, what challenges exist, and how can companies protect themselves effectively?
What are trade secrets?
Trade secrets can represent a wide range of information, such as (design) drawings, the nature or composition of products, processes, prototypes, sample collections, recipes, as well as customer and supplier lists, data, purchasing conditions or software.
According to Section 26b of the German Unfair Competition Act (UWG), trade secrets are information that is secret, of commercial value and protected by appropriate measures.
Secret means that the information is not generally known or easily accessible, either in its entirety or in the precise arrangement and composition of its components, even among experts. Commercial value exists if the use or protection of the information confers an economic advantage. A specific minimum value threshold does not have to be reached, but the competitive position of the owner must be threatened by the unauthorised use of the secrets. Merely trivial or personal information is not protected.
However, the implementation of effective protective measures is crucial – a mere desire for secrecy is no longer sufficient. Considerable efforts must now be made and documented in order to fall within the scope of trade secret protection.
How can you protect trade secrets?
Effective protection begins with identifying relevant information. This information is categorised, for example as key information or strategically important data, and appropriate measures are taken.
A protection concept consists of:
- Organisational measures such as training, access restrictions and the classification of information.
- Technical measures such as encryption, regular updates and firewalls.
- Legal measures such as confidentiality agreements or IT security guidelines.
For example, it is essential that former employees no longer have access to company data – a mistake that is often overlooked in practice.
Challenges posed by AI and cybercrime
The use of artificial intelligence brings new risks. AI-supported attacks make it possible to analyse large amounts of data or manipulate content. Cybercriminals also use methods such as phishing or ransomware to steal or block sensitive data. Internally, faulty AI models and insufficiently secured training data also pose risks.
Let’s go – protect your trade secrets!
Protecting trade secrets requires a combination of technical, organisational and legal measures. Companies should invest in cyber security, raise awareness among employees and provide training. Only by taking a holistic approach can companies effectively secure their sensitive information and operate sustainably.
