The Trade Secrets Act (GeschGehG) - What needs to be done?

CONTENT

• When did the GeschGehG come into force?
• What exactly is a trade secret?
• What is the purpose of the Trade Secrets Act?
• What are the special features of the GeschGeG?
• What options are available to aggrieved companies?
• What must companies do now?
• How you should proceed
• Conclusion: The GeschGehG

Most companies have trade secrets. They have knowledge that should not fall into the hands of third parties without authorization or be used without authorization. Examples of company knowledge worthy of protection include recipes, manufacturing processes, prototypes, customer data, balance sheets, construction plans, market analyses and business strategies.

Such information represents significant economic value for a company - not only for established large corporations, but also to a particular extent for start-ups with their new ideas and business models.

In order for know-how worthy of protection and confidential information entrusted to a company to become a trade secret, it was previously sufficient to declare it a trade secret (subjective non-disclosure). From this point onwards, all internal information was protected, even if the information was not explicitly designated as a trade secret to employees.

This changed with the GeschGehG. Since the new law on the protection of trade secrets came into force, the company must prove that it has protected its know-how through externally recognizable (objective) appropriate confidentiality measures.

When did the GeschGehG come into force?

The Trade Secrets Protection Act (GeschGehG) came into force on April 26, 2019, without a transition period. It serves to implement the European Know-how Directive (Directive (EU) 2016/943) and replaces the criminal provisions of the Unfair Competition Act (UWG).

What exactly is a trade secret?

Definition: A trade secret is information that is not "generally known or readily accessible" either as a whole or in a precise arrangement and composition to persons who normally deal with information of this kind. (Source: Section 2 para. 1 no. 1 GeschGehG)

Such information is secret and therefore has an economic value. The legitimate owner must protect it with appropriate confidentiality measures, as there is a legitimate interest in maintaining confidentiality.

What is the purpose of the Trade Secrets Act?

For the first time, the Trade Secrets Act provides an applicable definition of what constitutes a trade secret. It also offers comprehensive protection of this confidential information and good ideas against unlawful acquisition and unlawful use.

It is intended to strengthen the existing protection against the infringement of trade secrets in Germany, improve the claims for injunctive relief and damages arising from an infringement - and thus increase legal certainty for companies.

As the law on the protection of trade secrets is based on an EU directive, the other member states are also obliged to create a comparable level of protection. This will facilitate the cross-border exchange of sensitive information.

What are the special features of the GESCHGEHG?

• Previously, whistleblowers and journalists had no clearly regulated protection against criminal prosecution. That is now different. Trade secrets may now be published without prosecution if this reveals misconduct or unlawful actions. This also includes legal but unethical behavior.
  
  If there is a public interest in the information, whistleblowers may make it public. The same applies to obtaining, using or disclosing a secret if the person making the disclosure can invoke the right to freedom of expression, freedom of information or freedom of the press.
• The decryption of trade secrets through "reverse engineering" is now also expressly permitted. This means that a product may be observed, examined, tested and even dismantled. However, patented products are excluded from this.
• Furthermore, employees may disclose protected business knowledge to a company's works council as long as this is necessary to fulfill the works council's duties.

What options do injured companies have?

The company has a right to information from the infringer about the origin and recipients of unlawfully obtained or disclosed trade secrets. Furthermore, the company is entitled to compensation and to have the product, documents, objects or files containing confidential business information destroyed, returned, recalled or removed from the market.

What do companies need to do now?

Confidentiality protection and the flow of know-how must be organized since the GeschGehG came into force. The specific confidentiality measures that need to be taken depend on the type of trade secret and its specific use.

Companies that have already taken organizational, technical and legal measures as part of management systems such as ISO 9001 or ISO 27001 or the implementation of the GDPR (General Data Protection Regulation) can now use these measures. Here are some recommendations:

• Organizational measures
  Develop clear responsibilities for know-how worth protecting. Mark relevant information as confidential and offer employees training in dealing with trade secrets and legal requirements. Also inform them about whistleblowing.
• Technical measures
  Encrypt electronic documents and set clear rules regarding IT access to sensitive information. Create guidelines on the minimum requirements for passwords. Take all technically possible measures to protect company knowledge from unauthorized access.
• Legal measures
  Adapt employment and supplier contracts. A general confidentiality clause is no longer sufficient under the new law on the protection of confidential business information.

You should proceed as follows

Review the confidentiality measures taken at regular intervals and update your protection concept. Set up a know-how management system that clearly shows where responsibilities lie, which measures are appropriate and in which these are documented in detail. This know-how management should be located in the Compliance department.

Our tip

Do you have any questions? Our free webinar recording provides you with further information on the GeschGehG.

Conclusion: The GeschGehG

At first glance, the protection of good ideas and the new Trade Secrets Protection Act (GeschGehG) seem like an incredible amount of extra work. And yes, if you want to effectively protect your company-specific know-how, you need to take appropriate measures. But if you take consistent care of your know-how management and align it in a targeted and strategic manner, you can enforce injunctions, damages or contractual penalties more quickly and easily and maintain your competitive advantage in the long term. Existing management systems or organizational structures for data protection provide a good basis for this.

Trust and expertise

Our texts and white papers are written exclusively by our standards experts or long-standing auditors. If you have any questions about the text content or our services to our author, please do not hesitate to contact us. Your DQS.

Note: For reasons of better readability, we use the generic masculine. However, the directive includes persons of all gender identities where necessary for the statement.