Somewhere in a vault in Atlanta, the story goes, sits a piece of paper that two executives are never allowed to fly on the same plane to see. The paper is said to hold the formula for Coca-Cola, a recipe guarded since 1886, never patented, and never — despite a century of reverse-engineering attempts, defectors, and one infamous 2006 case in which an employee tried to sell it to PepsiCo, who promptly turned her in to the FBI — successfully extracted by a competitor. Whether the "two executives, one plane" detail is literally true or company lore, the legal point is real and worth pausing on. Coca-Cola's most valuable asset is protected not by a government-granted monopoly with an expiration date, but by secrecy. It is a trade secret, and as long as the company keeps the secret, the protection never ends.

That is the strange and wonderful thing about trade secrets. Patents (which we cover in general_information_concerning_patents and utility_patent_basics) expire after twenty years. Copyrights eventually run out too, as we explain in renewal_of_copyright. But a trade secret can outlive its creator, its company, and quite possibly the republic, so long as it stays secret and the owner keeps guarding it with reasonable care. There is no registration office, no application fee, no examiner. You create a trade secret the moment you have something valuable that others do not know and you take sensible steps to keep it that way.

The flip side is that trade secret protection is fragile in a way no other intellectual property is. A patent survives the inventor's carelessness; a trade secret does not. Spill it, and it is gone forever — there is no un-ringing the bell. Which is why this is, more than any other area of IP, a field where the law rewards good habits and punishes sloppiness, and where the most important work happens long before anyone sets foot in a courtroom.

This guide is your map of U.S. trade secret law: what qualifies, the two great statutes that govern it (the federal Defend Trade Secrets Act and the state-by-state Uniform Trade Secrets Act), what counts as "misappropriation," the remedies — including the federal seizure power that lets a court send marshals to a defendant's premises before the defendant even knows there is a lawsuit — and the practical program of "reasonable measures" that turns information you happen to possess into a legally protectable asset. We will walk the enforcement playbook from the first forensic image to the injunction, untangle non-disclosure agreements and non-competes (including the dramatic rise and quiet death of the FTC's nationwide non-compete ban), explain employee mobility and the controversial inevitable-disclosure doctrine, and weigh the strategic fork between patenting an invention and keeping it secret.

If you want the deeper operational playbook for building the program, this article pairs with building_a_trade_secret_protection_program_from_scratch; if your concern is laptops, the cloud, and a workforce scattered across the country, see trade_secrets_in_the_age_of_remote_work_and_cloud_computing. This piece is the foundation under both: what the law actually protects, and why.

A note before we begin. This is general legal information, written to be useful to a judge, a practicing lawyer, and a small-business owner all at once. We will define every term of art in plain English the first time it shows up. But trade secret law varies in important ways from state to state, and the facts of your situation matter enormously. Treat this as a well-lit map, not as advice for your specific journey.

What Exactly Is a Trade Secret? (And Why "Secret" Is the Easy Part)

Lawyers love a precise definition, and here trade secret law obliges. Under the federal Defend Trade Secrets Act of 2016 (DTSA), codified at 18 U.S.C. §§ 1836–1839, a "trade secret" includes "all forms and types of financial, business, scientific, technical, economic, or engineering information" — formulas, patterns, compilations, programs, devices, methods, techniques, processes, and the like — if two things are true. First, the owner has "taken reasonable measures to keep such information secret." Second, the information "derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable through proper means by, another person who can obtain economic value from the disclosure or use of the information." (18 U.S.C. § 1839(3).)

The Uniform Trade Secrets Act (UTSA) — the model statute that, in one version or another, has been adopted by virtually every state — says nearly the same thing in slightly different words. Under the UTSA, a trade secret is information that "derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable by proper means by, other persons who can obtain economic value from its disclosure or use," and that is "the subject of efforts that are reasonable under the circumstances to maintain its secrecy." (Uniform Trade Secrets Act § 1(4).) The DTSA was deliberately modeled on the UTSA so that the federal and state regimes would line up, and courts confirm that decisions interpreting misappropriation under the DTSA generally analyze federal and state claims consistently. For most purposes, the analysis is the same under both.

Notice what these definitions are really doing. They are not one test but a three-part test wearing a trench coat:

  1. The information is secret — not generally known and not readily ascertainable by proper means.
  2. The secrecy gives it value — it has "independent economic value" precisely because competitors don't have it.
  3. The owner took reasonable measures to keep it secret.

Most newcomers assume the first element — secrecy — is where cases are won and lost. In practice, it's usually the third. Courts will protect almost any genuinely useful, genuinely confidential commercial information if you guarded it sensibly. The graveyard of trade secret claims is full of plaintiffs who had a real secret but treated it like a billboard: posted it on an unsecured server, handed it to vendors without an NDA, let former employees walk out with it, or told a jury under oath that it was "super important and confidential" while admitting on cross-examination that they'd never marked a single document or locked a single door. As one Practical Law treatise dryly warns, employers "should not assume that simply referring to information as a trade secret entitles that information to trade secret protection." The label is not the thing.

Let's take the elements one at a time, with examples.

Element 1: "Not Generally Known" and "Not Readily Ascertainable"

A trade secret has to be, well, secret — but secrecy in the law is relative, not absolute. The information must not be "generally known" within the relevant industry, and it must not be "readily ascertainable" by proper means. Those last two words do a lot of work.

Suppose Acme Bakery has perfected a sourdough that stays fresh for ten days (this and the other named businesses in this article are hypothetical). If the trick is simply "add more salt," and any competent baker could figure that out by tasting the bread, it is readily ascertainable and not a trade secret. But if the trick is a specific proprietary blend of cultures, hydration ratios, and a fermentation schedule developed over years of failed batches — information a competitor could only match by repeating the same years of expensive trial and error — that is a protectable secret even though the bread is sold to the public every day. The finished product is public; the recipe is not.

Two corollaries follow, and both surprise people:

  • Reverse engineering is fair game. If a competitor lawfully buys your product on the open market and figures out how it works by taking it apart, that is "proper means" of acquisition. The UTSA and DTSA both treat reverse engineering and independent development as legitimate. This is the great trade-off of secrecy: a patent stops reverse engineering cold, but a trade secret does not. (Which is exactly why Coca-Cola's defense isn't a lawsuit against anyone who tries to clone the taste — it's that the formula is, apparently, genuinely hard to reverse-engineer.)
  • A compilation of public facts can be a secret. A customer list is the classic example. The names of the businesses in your town are public. But a curated list of which customers buy what, at what price, on what schedule, with which decision-maker — built through years of effort — can be a protectable trade secret precisely because the compilation isn't readily ascertainable even though every individual data point arguably is. Courts split on how much "sweat" a customer list needs, so this is fact-intensive.

Courts have recognized a wide and sometimes surprising range of information as trade secrets: manufacturing processes and "negative" know-how, source code, chemical formulas, pricing structures and margins, bid and cost data, marketing and strategic plans, vendor and supplier terms, and customer information of the curated kind above. The unifying thread is not glamour but competitive utility plus genuine secrecy. A spreadsheet of customer renewal dates is no less protectable than a billion-dollar formula if it meets the test.

Element 2: "Independent Economic Value" From Secrecy

The secret has to be worth something because it's secret. This is usually the easiest element to satisfy and the one litigants spend the least time on, but it has teeth. Information that is merely embarrassing, or trivial, or that has no competitive value, is not a trade secret no matter how carefully you hide it. The classic shorthand: would a competitor pay to know this, or save real money and time by knowing it? If yes, it has independent economic value.

The "actual or potential" language matters here. A failed experiment can be a trade secret. Knowing which 999 approaches don't work is enormously valuable to a competitor who would otherwise have to run those experiments themselves — Thomas Edison's famous "I have not failed, I've just found 10,000 ways that won't work" is, in trade secret terms, 10,000 valuable data points. Practitioners call this negative know-how, and it is one of the most underappreciated categories of protectable secret.

Element 3: "Reasonable Measures" — The Element That Actually Decides Cases

Here is where most of the action is, and where this guide will spend real time later. The law does not require perfect secrecy — that would be impossible, since secrets have to be used to have value. It requires measures that are "reasonable under the circumstances." That is a sliding scale: a two-person startup is held to a different standard than a multinational, and a formula worth billions warrants more protection than a mildly useful internal spreadsheet.

But "reasonable" has a floor, and courts enforce it. If you claim something is a trade secret, you should expect a judge — and certainly opposing counsel — to ask: Did you tell employees it was confidential? Did you have them sign agreements? Did you mark documents? Did you limit access on a need-to-know basis? Did you use passwords, encryption, locked rooms? Did you get NDAs from vendors and contractors? If the honest answer to most of those is "no," your secret may not be a secret in the eyes of the law, regardless of how valuable it actually was. We devote a full section below to building this program, and the companion guide building_a_trade_secret_protection_program_from_scratch goes deeper still.

A Very Short History: How We Got Two Statutes

For most of American history, trade secret law was pure common law — judge-made rules, varying from state to state, drawing on old doctrines of breach of confidence, breach of contract, and unfair competition. (This is still essentially how trade secrets are protected in many countries; several major economies still rely heavily on contract and common-law breach-of-confidence theories rather than a dedicated statute. The U.S. has now mostly statutized the field, but those common-law roots still show, especially in causes of action like breach of the duty of loyalty and breach of fiduciary duty that often ride alongside a misappropriation claim.)

The push for uniformity produced the Uniform Trade Secrets Act in 1979 (amended 1985), drafted by what is now the Uniform Law Commission. State by state, legislatures adopted it — New York is the famous holdout that still relies primarily on common law, and a few states adopted meaningfully different versions — so that today the UTSA, in some form, is the backbone of state trade secret law almost everywhere. It gave the field a shared vocabulary: a single definition of "trade secret," a single definition of "misappropriation," a uniform statute of limitations (typically three years from when the misappropriation was or should have been discovered), and a menu of remedies.

For decades, though, there was no general federal civil trade secret statute. There was a federal criminal statute — the Economic Espionage Act of 1996 (EEA), 18 U.S.C. §§ 1831–1839 — under which the Department of Justice could prosecute trade secret theft, especially theft benefiting foreign governments. But a company that wanted to sue had to go to state court under the UTSA (or, where diversity jurisdiction existed, to federal court applying state law). As trade secrets became increasingly digital, increasingly mobile, and increasingly stolen across state and national lines, the lack of a uniform federal civil remedy started to feel like a real gap.

Congress filled it in 2016 with the Defend Trade Secrets Act, which amended the EEA to add a civil cause of action at 18 U.S.C. § 1836(b). President Obama signed it on May 11, 2016, and that date matters: the DTSA is not retroactive and covers only misappropriation occurring on or after it. (Where wrongful use continues after that date, plaintiffs often can still plead a DTSA claim for the continuing conduct — but the timing question is a live defense worth anticipating.) The DTSA did not preempt or replace state law — a plaintiff can, and usually does, plead DTSA and state UTSA claims together — but it gave trade secret owners a federal claim, a federal forum without needing diversity, and one striking new tool we'll come to: the ex parte civil seizure. The information has to be "related to a product or service used in, or intended for use in, interstate or foreign commerce" — an easy bar to clear for almost any modern business.

So when you see a trade secret complaint today, you'll typically see two counts marching in lockstep: a DTSA count under federal law and a UTSA count under the law of whichever state the parties and conduct touch. They cover much the same ground, with a few important differences we'll flag.

Misappropriation: The Wrong the Law Actually Punishes

Owning a trade secret doesn't by itself give you anything to sue about. What you sue about is misappropriation — the legal term for the wrongful acquisition, disclosure, or use of someone else's trade secret. Both the DTSA (18 U.S.C. § 1839(5)) and the UTSA define it carefully, and the definition is more subtle than "someone stole my secret."

Misappropriation comes in two basic flavors:

1. Acquisition by improper means. If you acquire a trade secret knowing (or having reason to know) that it was acquired by "improper means," you've misappropriated it. "Improper means" includes theft, bribery, misrepresentation, breach or inducement of a breach of a duty to maintain secrecy, and espionage. It does not include reverse engineering, independent derivation, or other "proper means." So if a competitor lures away your engineer and asks her to bring the source code, that's improper. If the competitor buys your product and figures out the algorithm, that's proper.

There's a wonderful old case here worth knowing: E.I. duPont deNemours & Co. v. Christopher, 431 F.2d 1012 (5th Cir. 1970). DuPont was building a secret methanol plant; the Christophers hired a plane and photographed the half-built plant from the air, capturing the secret layout before the roof went on. They broke no law of trespass — they were in public airspace. But the Fifth Circuit held this was an "improper means" of acquiring the secret. As the court memorably put it, "our ethos has never given moral sanction to piracy," and a competitor need not "fence with every wind that blows" to protect a secret that was, until the plane showed up, reasonably secure. The lesson: "improper means" reaches conduct that is wrongful even if it isn't independently illegal.

2. Disclosure or use after a breach of confidence. This is the workhorse of trade secret litigation, because most secrets aren't stolen by spies — they walk out the door in the heads and hard drives of departing employees, contractors, and business partners. If someone acquired a secret legitimately (an employee learned it on the job, a vendor received it under contract) but then uses or discloses it in breach of a duty to keep it confidential, that's misappropriation. The duty can come from an express agreement (an NDA), from the employment relationship itself, or from the circumstances in which the secret was shared.

A few critical nuances:

  • You need a culpable mental state down the chain. A defendant who innocently receives information, with no reason to know it's a misappropriated trade secret, isn't liable — until they're put on notice. The statute reaches a person who, "before a material change of position," knew or had reason to know the information was a misappropriated trade secret. This is why a well-drafted cease-and-desist letter matters: it can convert an innocent recipient into a knowing one. (For the mechanics of demand letters generally, see writing_a_demand_letter_basics.)
  • "Use" is broad. Misappropriation doesn't require copying the secret verbatim and selling it. Using the secret as a springboard to develop a competing product, to shortcut R&D, to solicit the rightful owner's customers, or to negotiate against the owner can all qualify.
  • Threatened misappropriation counts. Both the DTSA and UTSA allow injunctions against "actual or threatened" misappropriation — which sets up the inevitable-disclosure debate we'll reach shortly.

One more structural point that trips people up: in most UTSA states, the statute displaces (preempts) other common-law claims that are based on the same misappropriation of confidential information. You usually can't dress the same facts up as "unjust enrichment" or "conversion" or "unfair competition" to escape the UTSA's requirements and remedies. The federal DTSA, by contrast, does not preempt state law — it sits alongside it. That said, well-pleaded complaints frequently pair the trade secret counts with claims that rest on different duties: breach of contract (the NDA itself), breach of the duty of loyalty or fiduciary duty (for employees who competed or diverted opportunities while still employed), tortious interference, and — where computers were involved — the Computer Fraud and Abuse Act, 18 U.S.C. § 1030. Knowing which claims survive in which forum, and which the UTSA swallows, is one of those lawyerly details that decides cases.

The Remedies: Injunctions, Damages, and the Marshals at the Door

So you've proven you own a trade secret and someone misappropriated it. What can a court do about it? Quite a lot, and the menu under the DTSA and UTSA is similar.

Injunctive Relief

The headline remedy in most trade secret cases is an injunction — a court order telling the defendant to stop. This can range from a temporary restraining order and preliminary injunction early in the case (to freeze the situation before the secret is irretrievably spilled) to a permanent injunction after trial. Courts can order defendants to stop using or disclosing the secret, to return or destroy stolen materials, and sometimes to refrain from working on a competing project for a period of time. Because a leaked secret can be unringable as a bell, the threat of irreparable harm — the traditional ground for injunctive relief — is often easy to show. Trade secret plaintiffs frequently move for a TRO almost simultaneously with the complaint, and courts will entertain expedited discovery (early forensic imaging, depositions, document demands) to support the request.

The DTSA does include an important guardrail for employee mobility: a court may not issue an injunction that "prevents a person from entering into an employment relationship," and any conditions placed on a former employee's new employment must be based on "evidence of threatened misappropriation and not merely on the information the person knows." (18 U.S.C. § 1836(b)(3)(A)(i).) That language was Congress's deliberate rejection of the broadest version of the inevitable-disclosure doctrine, which we'll unpack below.

Damages

A successful plaintiff can recover damages for the actual loss caused by the misappropriation and for the defendant's unjust enrichment to the extent it isn't captured by the actual-loss number. Alternatively — and this is often the more practical measure when actual losses are murky — the plaintiff can recover a reasonable royalty: what the defendant would have had to pay to license the secret. (18 U.S.C. § 1836(b)(3)(B); UTSA § 3.) Proving any of these typically requires expert testimony and a credible trade secret valuation, which is its own discipline; the value of a secret can be measured by cost (what it took to develop), market (what a willing licensee would pay), or income (the profits or savings it generates).

If the misappropriation was willful and malicious, both statutes authorize exemplary (punitive) damages — up to two times the compensatory award under the DTSA — and an award of attorney's fees to the prevailing plaintiff. Fee-shifting cuts both ways: if a claim of misappropriation is made in bad faith, the defendant can recover its fees. That two-way fee provision is a meaningful deterrent against using trade secret suits as a weapon to harass a departing employee or a new competitor.

The DTSA's Civil Seizure: The Most Dramatic Tool in IP Law

Here is where the DTSA did something genuinely new — and something the UTSA has no analog for. Section 1836(b)(2) lets a court, "in extraordinary circumstances," issue an order on an ex parte basis (meaning without notice to the defendant and without the defendant in the room) directing federal law enforcement to seize property necessary to prevent the propagation or dissemination of the trade secret. Picture it: a court issues a sealed order, and U.S. Marshals show up at a defendant's office or home and take the servers, laptops, phones, papers, and even email and cloud accounts before the defendant has any chance to delete files or flee.

This is an awesome power, and Congress wrapped it in awesome restrictions, precisely because it can be abused as a competitive cudgel. To get a seizure order, an applicant must satisfy eight separate requirements (18 U.S.C. § 1836(b)(2)(A)(ii)). The court must find that: an ordinary TRO or injunction would be inadequate because the defendant would "evade, avoid, or otherwise not comply"; immediate and irreparable injury will occur absent seizure; the harm to the applicant outweighs the harm to the target and substantially outweighs harm to third parties; the applicant is likely to succeed on the merits; the target has actual possession of the secret and the property to be seized; the application describes the matter to be seized with reasonable particularity and its location; the target is likely to destroy, move, or hide the material if given notice; and the applicant has not publicized the request. The court must take custody of the seized material, hold a hearing within seven days, and the target can recover damages for a wrongful or excessive seizure.

How does that play out in practice? Courts have used the power sparingly and demand evidence of real bad faith and flight or spoliation risk — usually a track record of deceit. In AVX Corp. v. Kim, 2017 WL 11316598 (D.S.C. Mar. 13, 2017), the court granted seizure where the defendant "repeatedly lied" and "attempted to conceal" his downloading of the plaintiff's files. In Solar Connect, LLC v. Endicott, 2018 WL 2386066 (D. Utah Apr. 6, 2018), the deciding factors were the defendants' technical sophistication, their attempts to delete data, their false statements to conceal their identities, and their moving of files rather than complying with demands. In Shumway v. Wright, 2019 WL 8137119 (D. Utah Aug. 26, 2019), the court relied on prior adjudications of untruthfulness and a defendant's continued use of a trade secret patient list in violation of a settlement. The unifying lesson for both sides: seizure is for the demonstrably untrustworthy defendant. A defendant who voluntarily surrenders devices for forensic inspection generally defeats the "extraordinary circumstances" showing entirely, as in Hayes Healthcare Servs., LLC v. Meacham, 2019 WL 2637053 (S.D. Fla. Feb. 1, 2019). One practical trap worth flagging: sending a cease-and-desist letter first can "publicize" the request and foreclose a later seizure motion — so applicants must decide early which tool they want.

The seizure power's mere existence changes the strategic landscape, especially against a flight-risk defendant or one likely to destroy evidence. But it is the exception, not the rule. The everyday remedy remains the injunction backed by forensic proof.

Criminal Liability

Don't forget the criminal track. Trade secret theft can be a federal crime under the Economic Espionage Act: 18 U.S.C. § 1832 reaches theft of a trade secret related to a product or service in interstate or foreign commerce, while § 1831 carries enhanced penalties when the theft is intended to benefit a foreign government or instrumentality. And prosecutors have a deeper toolbox than the EEA alone — the same conduct often implicates the Computer Fraud and Abuse Act (18 U.S.C. § 1030), the interstate transportation of stolen property (18 U.S.C. § 2314, for property worth $5,000 or more), and mail and wire fraud (18 U.S.C. §§ 1341, 1343, 1346). The PepsiCo informant case mentioned at the top of this article ended in federal convictions. We survey the broader criminal-and-civil consequences of IP theft in what_are_the_consequences_of_pirating_intellectual_property.

For a business victim, the criminal option is a double-edged sword. A referral can bring the FBI's investigative muscle and subpoena power to bear, and the mere threat of prosecution can loosen tongues and deter copycats. But it also means handing some control to prosecutors, whose priorities may differ from yours, and the criminal process can risk further disclosure of the very secret you are trying to protect. Many victims pursue civil litigation and a criminal referral in parallel, carefully managing both.

A Cautionary Tale: Waymo v. Uber

For a sense of what the high end of trade secret litigation looks like, consider Waymo LLC v. Uber Technologies, Inc., filed in the Northern District of California in 2017 under the DTSA and California's UTSA. Anthony Levandowski, a leader of Google's self-driving car project (Waymo), allegedly downloaded more than 14,000 confidential files relating to LiDAR — the laser sensing technology at the heart of autonomous driving — before leaving to found a startup that Uber promptly acquired and installed him to run its own self-driving effort. The case is a near-perfect storm of trade secret risk: a departing insider, a mass download, a direct competitor, and a "springboard" use theory.

It also illustrates how these cases actually resolve. After explosive pretrial litigation, the parties settled five days into trial in February 2018, with Uber paying Waymo roughly $245 million in equity and agreeing to an independent monitor to ensure none of Waymo's confidential information made it into Uber's technology. The story then crossed into the criminal track: Levandowski pleaded guilty to trade secret theft and was sentenced to 18 months in prison and ordered to pay restitution of more than $750,000 (he was later pardoned). The civil and criminal systems, in other words, ran on parallel rails — and the mass download at the center of it all is exactly the kind of pre-departure conduct a good program is built to detect and deter.

Building the "Reasonable Measures" Program

Now to the part that actually keeps your trade secrets protectable — and the part most businesses underinvest in until they're standing in a courtroom explaining why they did nothing. Remember the third element: the law protects information only if you took reasonable measures to keep it secret. Reasonableness is contextual, but a sound program generally works on three layers: legal, administrative, and technical. Think of it as locks, lists, and law.

Legal Measures (Contracts and Notices)

Contracts are the spine of the program. The most important is the non-disclosure agreement (NDA) — also called a confidentiality agreement — which creates the express "duty to maintain secrecy" that converts a recipient's later disclosure into misappropriation. Every employee, contractor, vendor, prospective business partner, and investor who touches the secret should be under one. Our companion piece drafting_enforceable_non-disclosure_agreements_for_technology_transactions digs into the drafting; the headline is that an NDA should define confidential information clearly, state the permitted purposes, impose return-or-destroy obligations, survive the relationship, and (for employees) pair with a proprietary information and invention assignment agreement so the company actually owns what employees create. On employee invention assignment specifically, see employee_invention_assignment_agreements--drafting_for_enforceability_across_jurisdictions.

One often-missed legal requirement under the DTSA itself: § 1833(b) gives whistleblower immunity to individuals who disclose trade secrets in confidence to a government official or attorney solely to report or investigate a suspected legal violation, or under seal in a lawsuit. Crucially, an employer that wants to recover exemplary damages and attorney's fees against an employee under the DTSA must have given that employee notice of the immunity in any contract governing trade secrets or confidential information (a cross-reference to a separate policy works). Skip the notice clause and you forfeit the DTSA's most punishing remedies against that employee. It is one line of boilerplate that is genuinely worth real money. Make sure your NDA template has it.

Administrative Measures (People and Process)

Locks and contracts mean little if your people don't know the rules. Administrative measures are the human-process layer:

  • Identify and classify what actually is a trade secret. You can't protect — or, later, prove you protected — what you haven't catalogued. Many programs maintain a trade secret inventory or register and conduct periodic trade secret audits. A well-run audit gives the company a complete picture of its portfolio, surfaces gaps before a competitor or a litigation adversary does, and makes it far easier to "identify with reasonable particularity" the secrets at issue when you sue — a requirement that has sunk more than a few cases where the plaintiff couldn't articulate what, exactly, was stolen.
  • Need-to-know access. Limit disclosure to employees who genuinely need the information. Broad, undisciplined access is the single most common reason a court finds secrecy measures inadequate.
  • Mark confidential materials. "CONFIDENTIAL — PROPRIETARY" labels aren't magic, but their absence is frequently used against plaintiffs.
  • Onboarding and offboarding discipline. Train new hires on confidentiality, and — just as important — make sure incoming employees don't bring a former employer's secrets into your shop (a fast track to being sued yourself). At departure, conduct exit interviews, remind departing employees of their continuing obligations in writing, collect devices and credentials, and disable access promptly. The end-of-employment moment is when most secrets walk; treat it as a controlled procedure, not an afterthought.
  • Vendor and partner discipline. No NDA, no secret. Period.

Technical Measures (Locks, Digital and Physical)

Finally, the technical layer: passwords, multi-factor authentication, encryption, access logging, network segmentation, physical locks on file rooms, restricted printing, and data-loss-prevention tools that flag a departing employee suddenly downloading the entire customer database to a personal drive. In the modern workplace — laptops, personal devices, and the cloud — this layer has become decisive, and it's the focus of trade_secrets_in_the_age_of_remote_work_and_cloud_computing and the breach-response companion cybersecurity_incident_response_and_ip_protection--preventing_trade_secret_loss_during_data_breaches.

Two technical points are worth internalizing here. First, secrecy measures must be proportionate — a court doesn't expect a corner bakery to run a security operations center, but it does expect something. Second, and this cannot be overstated: your logs are your evidence. When you eventually sue, the digital forensic trail of who accessed what, who plugged in a USB drive at 11 p.m., and who exfiltrated the customer file on the way out is often the whole case. The same controls that prevent a theft are the controls that prove one. A program with no logging is a program that has thrown away its evidence in advance.

When source code is involved, there's a clever interaction with copyright registration worth knowing: you can register the copyright in software (which we cover in copyright_registration_of_computer_programs) while still preserving trade secret protection for the code, because the Copyright Office permits depositing redacted source code — blocking out portions, or filing only the first and last 25 pages — so registration doesn't blow your secret. That's a small but elegant example of how the IP regimes layer together, a theme explored in legal_protection_of_software--copyrights_patents_trade_secrets_and_contracts.

The Enforcement Playbook: From Suspicion to Injunction

Most articles stop at "you can get an injunction." But the difference between winning and losing a trade secret case is usually decided in the first 72 hours, before a complaint is even drafted. Here is the sequence experienced practitioners run when they suspect a secret has walked.

Investigate first, sue second. The moment suspicion arises, preserve the evidence: image the departing employee's laptop and email, pull access and badge logs, and look for the tell-tale signs — emails forwarded to a personal Gmail account, USB devices plugged in during the last week, large downloads, cloud-sync activity, deleted files. The investigation should be run by an experienced forensic analyst who can later testify as an expert, because that same analyst's findings will anchor your TRO motion and, eventually, your damages case. A clean forensic narrative ("4,000 files copied to a thumb drive at 11 p.m. on the last day of employment") is worth more than any amount of indignation.

Decide on the cease-and-desist letter — carefully. A demand letter can be a cheap and effective off-ramp: it reminds the former employee of contractual obligations, demands return of materials, and — critically — puts an innocent new employer on notice, converting it into a knowing recipient if it keeps using the information. But there are two traps. First, sending it can "publicize" a seizure request and foreclose the DTSA's most aggressive remedy, so if seizure is on the table, weigh the sequencing. Second, an unsubstantiated demand can expose you to a tortious interference counterclaim from the employee or the new employer. The rule of thumb: investigate and substantiate before you accuse. See writing_a_demand_letter_basics.

Choose your forum and your defendants. Because the DTSA confers federal jurisdiction without diversity, plaintiffs often prefer federal court, pleading the DTSA and state UTSA counts together. A key strategic call is whether to name the new employer alongside the individual — doing so raises the stakes and reaches the deeper pocket, but also invites a vigorous defense and the tortious-interference risk above.

Move fast for emergency relief. File the complaint with a TRO/preliminary injunction motion and a request for expedited discovery. The goal is to freeze the situation — stop use, secure the devices, preserve evidence — before the secret propagates. Irreparable harm is usually the easy part; the contested ground is likelihood of success, which is why the forensic record built in step one is decisive.

Protect the secret during the lawsuit. A peculiar danger of trade secret litigation is that the litigation itself can expose the secret. Plaintiffs routinely seek protective orders, sealing, and "attorneys'-eyes-only" designations to keep the secret out of the public record and out of the competitor's hands while the case proceeds. Forgetting this can mean winning the case and losing the secret.

NDAs, Non-Competes, and the Tangle of Restrictive Covenants

This is the part of trade secret law where the ground has shifted dramatically in the last two years, so let's be careful and current.

To protect secrets that walk on two legs, employers historically reach for three kinds of restrictive covenants:

  • Non-disclosure / confidentiality agreements — promise not to disclose or use confidential information. These are nearly universally enforceable and are the least controversial tool.
  • Non-solicitation agreements — promise not to poach the employer's customers or employees for a period after departure. Generally enforceable if reasonable in scope and duration.
  • Non-compete agreements (covenants not to compete) — promise not to work for a competitor (or start a competing business) for a period of time in a defined geography. These are the most restrictive, the most litigated, and the most regulated, because they directly limit a person's ability to earn a living.

The FTC Non-Compete Rule: A Rule That Lived and Died

In April 2024, the Federal Trade Commission issued a landmark final rule that would have banned most non-compete agreements nationwide as an "unfair method of competition" under Section 5 of the FTC Act, voiding existing non-competes for most workers going forward. It was one of the most consequential employment-law actions in decades — and it never took effect.

In Ryan, LLC v. FTC, the U.S. District Court for the Northern District of Texas held that the FTC lacked statutory authority to issue the rule and set it aside nationwide in August 2024 (granting summary judgment against the Commission). The FTC under its prior leadership appealed to the Fifth Circuit; a parallel challenge proceeded in the Eleventh Circuit (Properties of the Villages v. FTC). But in September 2025, the FTC — now under new leadership — voted to drop its appeals and accede to the vacatur of the rule. The Non-Compete Rule, which had been codified at 16 C.F.R. Part 910, was formally removed from the Code of Federal Regulations effective February 12, 2026.

So as of mid-2026, there is no federal ban on non-competes. The proposed nationwide rule is dead. However — and this matters — the FTC has signaled it will continue to scrutinize non-competes through targeted, case-by-case enforcement under its existing Section 5 authority, rather than through a sweeping rule. The era of the blanket federal rule is over; the era of selective federal enforcement, plus a vigorous patchwork of state law, is what employers now navigate. (For more on the rulemaking-and-litigation saga, see non-compete_agreements_under_siege--ftc_rulemaking_and_state_law_developments.)

State Law Is Now the Main Event

With the federal rule gone, state law governs non-compete enforceability, and it varies wildly:

  • California is the famous outlier: it bans most employee non-competes outright by statute (Cal. Bus. & Prof. Code § 16600), treating them as void, and recent amendments have strengthened that prohibition, even reaching some out-of-state agreements and requiring employers to notify affected employees. Oklahoma and North Dakota likewise broadly prohibit them.
  • Many states (e.g., Massachusetts, Washington, Illinois, Colorado, Oregon) permit non-competes only under significant conditions — minimum salary thresholds, "garden leave" or consideration requirements, notice rules, and limits on duration and on use with low-wage workers.
  • Most remaining states enforce non-competes under a common-law reasonableness test: the restriction must protect a legitimate business interest (and trade secrets are the paradigmatic legitimate interest), be reasonable in duration and geographic scope, and not impose undue hardship on the employee or harm the public. Some states will "blue-pencil" (judicially narrow) an overbroad covenant; others void it entirely.

The practical upshot for protecting trade secrets: don't rely on a non-compete as your secrecy plan. Non-competes are increasingly disfavored, geographically inconsistent, and sometimes flatly unenforceable. The durable protections are the confidentiality agreement, the invention assignment, the non-solicit, and — above all — the reasonable-measures program. A non-compete may be a useful supplement where it's lawful, but a trade secret program that collapses the moment a key employee moves to a non-compete-hostile state was never really a program.

Employee Mobility and the Inevitable-Disclosure Doctrine

Trade secret law lives in permanent tension with a value the law also cherishes: the right of people to change jobs and use their general skills, knowledge, and experience. The law draws a line — sometimes a blurry one — between an employee's general knowledge (which they own and may take anywhere) and the employer's trade secrets (which they may not). A software engineer who leaves Acme for a competitor is free to use everything she learned about coding in C++ and managing a team; she is not free to bring Acme's proprietary algorithm or customer pricing model.

Enter the inevitable-disclosure doctrine — one of the most controversial ideas in the field. The doctrine, most famously associated with PepsiCo, Inc. v. Redmond, 54 F.3d 1262 (7th Cir. 1995), holds that in some circumstances a court may enjoin a former employee from taking a new job — even without proof that they've actually stolen or disclosed anything — if their new role would inevitably require them to use or disclose the former employer's trade secrets. In PepsiCo, a senior executive who knew Pepsi's strategic plans for its sports-drink and juice lines jumped to a direct competitor (Quaker/Gatorade) into a strikingly similar role; the Seventh Circuit, applying Illinois law, upheld an injunction reasoning he could not help but rely on what he knew. As the court framed it, the plaintiff faced the threat that the defendant would have its strategic playbook "in his head" while making the very same decisions for the rival.

The doctrine is powerful and contested, and its acceptance varies sharply by state. Some states embrace it; California rejects it outright, viewing it as an end-run around its ban on non-competes (a court can't enjoin you from a job you're legally free to take just because you carry knowledge in your head). And as we noted, the DTSA deliberately limited the doctrine at the federal level: an injunction may not bar someone from taking a job based "merely on the information the person knows" — there must be "evidence of threatened misappropriation." Congress, in other words, declined to write inevitable disclosure into federal law in its strongest form.

For the departing employee and the hiring company, the practical takeaways are: (1) where the doctrine is recognized, an employee can be enjoined even if they sincerely intend never to misuse anything, which makes pre-departure conduct (especially mass downloads) radioactive; (2) the hiring company should take affirmative steps — clear instructions not to bring or use the former employer's secrets, walling the new hire off from directly competitive projects for a time, and documenting all of it — to defuse a threatened-misappropriation claim; and (3) clean exits matter enormously. The employee who returns every device, signs an acknowledgment, and starts the new job without a trove of the old employer's files is in a vastly stronger position than the one whose laptop shows 4,000 files copied to a thumb drive at 11 p.m. on their last day. As Waymo v. Uber illustrates, the mass download is the fact pattern that turns a defensible job change into a nine-figure problem.

Trade Secret or Patent? The Strategic Fork in the Road

One of the most consequential decisions an innovator makes is how to protect an invention — and trade secret versus patent is the central fork. They are, in a sense, opposites: a patent is a bargain in which you disclose your invention to the public in exchange for a time-limited monopoly (twenty years from filing for a utility patent), while a trade secret protects information precisely by not disclosing it, potentially forever. You generally cannot have both for the same information, because the patent application, once published, destroys the secret. So you must choose. Here's how to think about it.

Choose a patent when:

  • The invention is detectable in the product — a competitor can reverse-engineer it once it's on the market. A patent stops reverse engineering; a trade secret does not. If your innovation is visible the moment you sell the product, secrecy is a losing game.
  • The invention is patentable — novel, non-obvious, useful, and directed to eligible subject matter. (Software and business methods face eligibility hurdles after Alice Corp. v. CLS Bank, 573 U.S. 208 (2014); we explore patentability in general_information_concerning_patents and utility_patent_basics.)
  • You want a clean, assignable, exclusive right you can license, enforce against independent inventors, and put on a balance sheet.

Choose a trade secret when:

  • The innovation can be kept genuinely secret in use — a manufacturing process, a formula, an algorithm running server-side, a customer database. Coca-Cola's formula is the textbook case: it lives inside the product but resists reverse engineering, so secrecy has protected it far longer than any patent could.
  • The subject matter is hard or impossible to patent — abstract ideas, certain software, compilations of data, negative know-how (the 999 failed experiments).
  • You value speed and cost (no multi-year, multi-thousand-dollar prosecution) and duration (potentially perpetual).
  • The technology evolves so fast that a twenty-year patent is irrelevant by the time it issues.

The great danger of the trade secret path is its Achilles' heel: independent invention and reverse engineering are complete defenses. If a competitor lawfully arrives at the same secret on its own, you have no claim against them — and, worse, they might patent it and try to exclude you (though prior-user defenses and the AIA's first-inventor framework complicate that). With a patent, by contrast, even an independent inventor who never saw your work infringes. Many sophisticated companies run a hybrid strategy: patent the parts that are detectable and patentable, keep secret the parts that aren't (the manufacturing tricks, the tuning parameters, the data), and blanket everything in confidentiality agreements. The choice isn't always all-or-nothing — but for any given piece of information, it usually is.

Famous Examples: What the Greats Keep Secret

A few illustrative trade secrets, real and instructive:

  • The Coca-Cola formula ("Merchandise 7X"), guarded since 1886, never patented — the paradigm of perpetual protection through secrecy. Patenting it in the 1880s would have put it in the public domain decades ago.
  • KFC's "11 herbs and spices," WD-40's formula, and Google's search ranking algorithm — all famously protected as trade secrets rather than patents, for the same reason: disclosure would end the advantage, and the information resists easy reverse engineering.
  • Self-driving sensor designs — as Waymo v. Uber shows, cutting-edge, expensively developed technology often lives as a trade secret in the gap between "too new to have a patent yet" and "too detectable to keep secret forever." That gap is where the most explosive litigation happens.
  • Customer lists, pricing models, and supplier terms — the unglamorous but constantly litigated trade secrets of ordinary businesses, which is where most real-world disputes actually live. The dramatic cases involve formulas; the typical case involves a salesperson who left with the customer spreadsheet.
  • Negative know-how — a pharmaceutical company's record of which 10,000 compounds failed is a trade secret with enormous value to a competitor who would otherwise have to repeat the failures.

Key Takeaways

  • A trade secret is information that (1) is secret, (2) has independent economic value because it's secret, and (3) is the subject of reasonable measures to keep it secret. The third element is where most cases are won and lost.
  • Two statutes govern: the federal Defend Trade Secrets Act (18 U.S.C. § 1836), which adds a federal civil claim and an extraordinary ex parte seizure power, and the state Uniform Trade Secrets Act, adopted in some form by nearly every state. They run in parallel, and most complaints plead both. The DTSA is not retroactive (it reaches conduct on or after May 11, 2016).
  • The actionable wrong is misappropriation — wrongful acquisition, disclosure, or use. Reverse engineering and independent development are proper means and are not misappropriation.
  • Remedies include injunctions, actual damages or a reasonable royalty, and — for willful and malicious conduct — exemplary damages and attorney's fees. Bad-faith claims can shift fees the other way. Seizure is real but rare, reserved for demonstrably untrustworthy, flight-risk defendants (AVX v. Kim; Solar Connect v. Endicott).
  • Enforcement is won early: preserve forensic evidence, investigate before you accuse, weigh the cease-and-desist sequencing, and move fast for a TRO — while protecting the secret from disclosure in the litigation itself.
  • Protect your secrets with a layered program: confidentiality and invention-assignment agreements (with the DTSA whistleblower-immunity notice), need-to-know access and document marking, disciplined onboarding/offboarding, periodic audits, and technical controls whose logs double as your evidence.
  • The FTC's nationwide non-compete ban is dead — vacated in Ryan v. FTC and removed from the C.F.R. effective February 12, 2026 — so state law now governs non-competes, and it varies enormously (California bans most; many states impose strict conditions). Don't build your secrecy strategy on a non-compete.
  • The inevitable-disclosure doctrine (PepsiCo v. Redmond) can, in some states, enjoin a job change based on threatened use of secrets — but the DTSA and states like California sharply limit it.
  • Patent vs. trade secret is a real choice: patents stop reverse engineering but expire and require disclosure; trade secrets can last forever but evaporate the moment the secret gets out or a competitor independently discovers it.

Frequently Asked Questions

Do I have to register a trade secret somewhere to protect it? No. Unlike patents, trademarks, and copyrights, trade secrets require no government registration — there is no office, application, or fee. Protection arises automatically the moment you possess qualifying information and take reasonable measures to keep it secret. The flip side is that there's no certificate to wave in court; you have to prove, with evidence, that the information was secret, valuable, and reasonably guarded. That's why the program — and especially your access logs and a current trade secret inventory — matters so much.

How long does trade secret protection last? Potentially forever — as long as the information remains secret and you keep guarding it. The Coca-Cola formula has been protected for well over a century. But protection ends the instant the secret becomes generally known, whether through your own carelessness, a lawful reverse engineering, an independent discovery by a competitor, or public disclosure. There is no fixed term, and no renewal to file.

Can someone legally reverse-engineer my trade secret? Yes. Reverse engineering a lawfully obtained product, and independent development, are "proper means" of acquiring information under both the DTSA and UTSA — they are not misappropriation. This is the central limitation of trade secret protection and the main reason to choose a patent instead when your innovation is visible or extractable from the product you sell. A contract (like a license prohibiting reverse engineering) can sometimes restrict this between the parties to the contract, but it can't bind the world.

What's the difference between a trade secret and a patent, in one breath? A patent trades public disclosure for a 20-year monopoly that even stops independent inventors; a trade secret trades nothing — you keep it secret — for protection that can last forever but evaporates if the secret gets out or a competitor discovers it on their own. Patent what's detectable and patentable; keep secret what can stay genuinely hidden. See general_information_concerning_patents and legal_protection_of_software--copyrights_patents_trade_secrets_and_contracts.

Are non-compete agreements still enforceable? Didn't the FTC ban them? The FTC issued a rule in 2024 that would have banned most non-competes nationwide, but courts blocked it (Ryan, LLC v. FTC), the FTC dropped its appeals in September 2025, and the rule was removed from the federal regulations effective February 12, 2026. So there is no federal ban. Enforceability is governed by state law, which ranges from outright prohibition (California, North Dakota, Oklahoma) to permission-with-conditions (salary floors, notice, garden leave) to a common-law reasonableness test. The FTC may still challenge specific non-competes through case-by-case enforcement. For trade secret protection, lean on confidentiality and non-solicitation agreements, which are far more reliably enforceable.

An employee just quit and went to a competitor. Can I stop them from using what they know? You can stop them from using your trade secrets, but not their general skills, knowledge, and experience — the law protects the former and frees the latter. In some states, the inevitable-disclosure doctrine may let you enjoin the new job if the role would inevitably require using your secrets, but many states (notably California) reject that, and the DTSA requires evidence of threatened misappropriation, not just knowledge. Your strongest position comes from clean exit procedures, a signed confidentiality agreement, and forensic evidence (or its absence). If you suspect files walked out the door, preserve the logs and forensic images immediately, then consider a prompt cease-and-desist letter; see writing_a_demand_letter_basics.

Someone stole our secret and is about to flee or wipe the drives. Can a court act before they're even served? Possibly. The DTSA's ex parte civil seizure (18 U.S.C. § 1836(b)(2)) lets a court, in "extraordinary circumstances," order U.S. Marshals to seize the relevant computers, phones, and accounts without notice to the defendant — but only if you satisfy all eight statutory requirements, the centerpiece of which is that an ordinary injunction would be inadequate because the defendant would evade or destroy. Courts grant it sparingly and reserve it for defendants with a demonstrated record of deceit (AVX Corp. v. Kim; Shumway v. Wright). Note two traps: a defendant who volunteers to surrender devices usually defeats the motion, and sending a cease-and-desist letter first can "publicize" the request and foreclose seizure.

Is trade secret theft a crime, or just a civil matter? Both. The Economic Espionage Act makes it a federal crime to steal trade secrets in interstate or foreign commerce (18 U.S.C. § 1832), with stiffer penalties when the theft benefits a foreign government (§ 1831). The same conduct can also trigger the Computer Fraud and Abuse Act, interstate-transportation-of-stolen-property charges, and mail/wire fraud. A criminal referral brings the FBI's muscle but cedes some control to prosecutors and can risk further disclosure of the secret. Many victims pursue civil suit and a referral in parallel — as happened in Waymo v. Uber, where the civil case settled for $245 million and the key defendant separately drew an 18-month criminal sentence.

What should a small business actually do tomorrow to protect its trade secrets? Three things. First, identify what your real secrets are (the formula, the code, the customer/pricing data) — you can't protect what you haven't named. Second, get confidentiality and invention-assignment agreements in place for every employee, contractor, and vendor who touches them, and include the DTSA whistleblower-immunity notice. Third, impose need-to-know access and basic technical controls (passwords, encryption, access logs) and mark sensitive materials confidential. That's the reasonable-measures floor. From there, build out using building_a_trade_secret_protection_program_from_scratch.

Can I have a copyright on my software and still keep the code a trade secret? Yes — and you should consider it. The U.S. Copyright Office lets you register software while depositing redacted source code (blocking out portions, or submitting only the first and last 25 pages), so registration doesn't surrender the secret. You get copyright's benefits (a public record, statutory damages, the ability to sue) and keep trade secret protection over the confidential portions of the code. The mechanics are in copyright_registration_of_computer_programs.

Related Articles

This article provides general legal information and is not legal advice. Trade secret law varies by state and turns heavily on specific facts; consult qualified counsel about your particular situation before acting.