The risk of trade secret misappropriation while working from home continues
Managing IP is part of the Delinian Group, Delinian Limited, 4 Bouverie Street, London, EC4Y 8AX, Registered in England & Wales, Company number 00954730
Copyright © Delinian Limited and its affiliated companies 2024

Accessibility | Terms of Use | Privacy Policy | Modern Slavery Statement

The risk of trade secret misappropriation while working from home continues

Sponsored by

tillekegibbins.png
Remote working from home. Freelancer workplace in kitchen with laptop, cup of coffee

With many employees in Thailand working outside their company's normal IT security fence, their increased use of their own computers and devices instead of those in their offices with standard or enhanced security mechanisms has made it more challenging for employers to control access to key business information. In the rush to set up a fully or partially remote workforce, most companies have had little time to establish work-from-home guidelines on protection of their valuable intangible assets like trade secrets and confidential business information. The need for sufficient internal guidelines on copying files to USB drives, emailing files to personal accounts, and uploading to cloud storage is already widely recognised, but who could have imagined the need for rules precluding sharing proprietary information over Zoom, Skype, Webex, and such programs?

In addition to misappropriation by employees, many organisations have also seen hackers exploit vulnerable IT protocols and bait people with emails related to the current health crisis. Phishing and ransomware emails have been used to lure people working from home in attempts to access protected systems. Hacking of smart home devices has resulted in recordings of confidential conversations being transmitted to not only Amazon, Google, and other providers but to hackers and thieves as well.

HR tasks

A top concern for companies in Thailand should be revisiting rules for handling and maintaining confidential business information. This should include a refresher in employment agreements or individual confidentiality agreements (particularly for key personnel) to accommodate work-from-home realities. To prove a case against a trade secret infringer, the owner must show that care was taken to maintain the confidential information. This would include regular reminders to employees defining "confidential information," "trade secrets," and their duty to maintain confidentiality. Many will already be familiar with a company's rules on information disclosure, but this is complicated by new patterns of external communication, often involving online collaboration and meeting tools. For document sharing, companies might employ secure transfer solutions like password-protected FTP programs, time-limited document viewers, and limitation of the number of downloads.

For businesses forced to lay off or furlough employees, work-from-home realities make the exit interview even more important. Along with existing requirements such as return of company property, companies should secure additional undertakings, such as assurances that no unauthorised copying or downloading occurred, no company information is retained, and no confidential information was shared without authorisation. If the departing employee was on an research and development, design, or engineering team, an enhanced exit interview is an ideal time to effect IP assignments or other necessary declarations. Even if the research project is incomplete, companies might consider filing provisional patent applications with the employee's written assurance that follow-on applications will not be jeopardised.

IT tasks

The IT team can complement these HR efforts by updating existing security measures, implementing new ones, and explaining changes to employees. This might include a new personal device use policy with an explanation of the employer's right to track and monitor its own devices as well as those of the employee who uses them for their work–all legal in Thailand, as it is in most jurisdictions so long as employees are made aware. Personal devices will be at greater risk of hacking than fenced-in company IT architecture, so the IT team should also install necessary security on personal devices used for company work. If employees are allowed virtual private networks (VPNs) or other remote access, employers should decide about potential restrictions on downloading, copying, or transferring files.

While no business in Thailand can completely insulate itself from leakage of proprietary information, most can take steps to significantly reduce the risk, mitigate damages, and prove that reasonable care was taken to protect their property.

adcock-alan.jpg

Alan Adcock

more from across site and ros bottom lb

More from across our site

Former Jenner & Block litigators say they plan to capitalise on a ‘huge uptick’ in life sciences work after joining Fish & Richardson’s newly formed life sciences industry team
Pravin Anand and Vaishali Mittal of Anand & Anand explain how they helped Swiss pharma company Vifor secure a landmark win against generic companies in India
Malisheia Douglas, who spent six years at Eaton Corporation, said she was attracted by the firm's global footprint
The European Parliament has voted in favour of overhauling the SEP framework, a proposal that has sparked deep division among patent owners and implementers
Daniel Poh talks about his journey to becoming managing partner and how firms can win new business from Chinese companies
Missing a deadline can have serious consequences but law firms should consider being lenient to those responsible
Each week Managing IP speaks to a different IP practitioner about their life and career
CMS, which was told to respond to a cancellation action by February 12 but filed its response a day later, has rowed back on claims about an IT error
The deal could help Rouse gain a foothold in Australia and New Zealand for the first time
With a team of more than 80 patent lawyers and attorneys across 21 European offices, the firm is acting in some of the most high-profile UPC cases
Gift this article