Austria: Trade secret protection confirmed

Managing IP is part of Legal Benchmarking Limited, 1-2 Paris Gardens, London, SE1 8ND

Copyright © Legal Benchmarking Limited and its affiliated companies 2025

Accessibility | Terms of Use | Privacy Policy | Modern Slavery Statement

Cookies Settings

Austria: Trade secret protection confirmed

Managing IP Correspondent
February 22 2017

Both parties in this case produce and commercialise ticket and entry systems for skiing areas, stadiums and similar establishments and have the same customer circles. The plaintiff additionally runs server installations for internet use by its customers, who use its systems to store clients' data. This data is protected by a login requiring a username and password. The data can be read in the form of reports, for example concerning names and addresses of buyers of tickets. The same is possible on a server of a larger customer on which the plaintiff runs that application for the customer. These reports were routinely stored on caches as intermediate storage media.

In 2015 an employee of the defendant began to connect to the server by circumventing the password protection. No usernames and passwords were disclosed to the plaintiff. That employee had taken a picture of the computer screen at a customer who made an analysis of competitors and therefore had invited the defendant. From that photo a certain internet address (URL) could be gathered. By trial and error and slight modification of that URL also other reports could be downloaded. Only in February 2016 had the plaintiff installed enough changes which ended the intrusion of the defendant.

The defence centered on three topics, namely, (1) there is no trade secret since the data was easily retrievable, (2) there is no trade secret of the plaintiff, therefore it has no active legitimation to sue, and (3) there is no proof of an act against law or moral since it remained open whether the respective customer had consented to the screen being photographed and the onus of proof lies with the plaintiff. But the defendant lost in all three instances. The Supreme Court found (4 Ob 165/16t):

  • These data are trade secrets. The hitherto valid definition of trade secrets in Austria is: technical or commercial facts and knowledge only known to a certain limited number of persons and which should not become known to others and there is an economic interest that they remain secret. The will to keep these facts and knowledge secret need not be declared clearly. It suffices that it can be deducted from the behaviour of the entrepreneur that certain not generally available information should be kept within a restricted circle.

    This prerequisite is met with data that can only be read regularly by logging into a database protected by a username and password. This protection shows that the data is restricted to a certain circle of persons. The existence of security loopholes – as apparently present in this case – does not allow the conclusion that the entrepreneur no longer has any interest in keeping the data secret. Third parties would have to guess that the entrepreneur had no knowledge about these loopholes.

    The Directive (EU) 2016/943 of June 8 2016 on the protection of undisclosed know-how and business information (trade secret) against their unlawful acquisition, use and disclosure published in the official Journal of the EU No L 157/1 does not disprove that finding. The third part of the definition in Article 2 paragraph 1(c) states that trade secrets are protected if the information "has been subject to reasonable steps under the circumstances, by the person lawfully in control of the information to keep it secret". It does not matter whether this part of the definition could eventually mean that no loopholes for easy access have to exist besides the central protection by password since member states are allowed to grant a wider protection as required by that Directive. Therefore, sensibly restricted password protection is for the time being sufficient to grant trade secret protection.

  • Here, the data is (also) a trade secret of the plaintiff. The customer's data is in the custody of the plaintiff and the plaintiff has a strong own interest in the secrecy. Without it the contracts with the customer would not be renewed and severe danger claims from the customers would be threatening. These two conditions, right of disposal and own interest in secrecy, suffice for an active legitimation to sue.

  • There can be no doubt in the illegality of retrieving data by intrusion into another's computer system. The defendant centres the legality of its acts on a supposed allowance of the customer to take a picture of the computer screen. But that is irrelevant. It does not follow from that allowance that there is consent to download his own data and even less to download data of other customers.

In effect all three aspects of the defence were unsuccessful.

This case shows that trade secret protection is alive in Austria. We shall see in what way the EU Directive on trade secret protection will enhance that protection.

sonn.jpg

Helmut Sonn

SONN & PARTNER Patentanwälte

Riemergasse 14

A-1010 Vienna, Austria

Tel: +43 1 512 84 05

Fax: +43 1 512 98 05

office@sonn.at

www.sonn.at

Topics

AustriaPatentsEuropeJurisdictions
managing-ip.png
Managing IP Correspondent
Contact
more from across site and SHARED ros bottom lb

More from across our site

Patents
Employer with magnifying glass exploring application papers
PTAB ‘settled expectations’ decision puts patent history in spotlight
Counsel explain how the USPTO’s decision to discretionarily deny institution of a PTAB case affects their advice to clients
Rani Mehta, June 13 2025
Managing IP Awards
Copy of EMEA awards 2025-Shortlist Announced-1200x627 (2).png
LMG Life Sciences Awards EMEA 2025: the winners
The Life Sciences Awards announces the winners for the 6th annual awards
John Harrison, June 13 2025
Patents
The frontage and brand logo of a branch of German discount retailer Aldi, taken in a local retail park on Wirral, UK on a sunny afternoon
This week on MIP: Disney sues Midjourney | UK Supreme Court rejects Aldi appeal
The UPC’s plans to roll out its new Case Management System and a setback for TikTok in India were also among the top talking points
Sukanya Sarkar, June 13 2025
Trademarks
Thomas_Jonathan (002).jpg
Greenberg Traurig hire eager to join ‘one-stop-shop’
Trademark specialist Jonathan Thomas says he’s excited to introduce his clients to other areas of Greenberg Traurig’s practice
Rani Mehta, June 13 2025
Trademarks
The stacks of documents lying on the desk are waiting to be verified before being sent to the Board of Directors to use the correct information before meeting with businessmen and investors.
The US law firms handling the most registered trademarks
Counsel at firms responsible for managing the highest number of registered trademarks explain the secrets behind staying organised and keeping the work flowing in
Rani Mehta, June 12 2025
Patents
Sand running through the bulbs of an hourglass measuring the pas
How to navigate Patent Term Adjustments in Brazil amid uncertainty
Attorneys explain what stakeholders should know about Patent Term Adjustments in Brazil, more than three years after a landmark Brazilian Supreme Court ruling
Paulo Armando de Souza , June 12 2025
Copy of LBG SI Awards 1200x627.png
Social Impact Awards 2025 expanded to reflect legal innovation
New categories have been added to reflect a changing legal and social landscape
Shailyn Tirado, June 12 2025
Patents
AI-1.jpg
Ban on AI use in patent drafting unwarranted: China practitioners
Three sources explain why a notification by Nanjing’s IP centre in China banning AI use in patent drafting is too broad and could be difficult to enforce
Sukanya Sarkar, June 12 2025
Patents
SheppardMullin.png
Life sciences trio drawn to regulatory expertise at Sheppard Mullin
Sheppard Mullin’s latest hires explain why the firm's industry expertise impressed them
Rani Mehta, June 12 2025
Trademarks
Elizabeth Godfrey MS.jpg
Build your own path: DCC head on female leadership
Elizabeth Godfrey explains why she doesn’t believe in a ‘salesperson’ approach to BD, and reveals how AI is playing an important role at Davies Collison Cave
Sukanya Sarkar, June 11 2025
Gift this article