The advent of cloud computing and storage has drastically changed the way companies store their data. It is not only cost effective but makes sharing information in the work place convenient. But now, sensitive data earlier secured in-house under strict supervision is ‘protected’ by third parties who store it on the internet. This raises major issues including theft of sensitive information, as well as whether the changing safety protocols affect trade secret status and subsequent protection afforded. For intellectual property to be considered a trade secret, it must be established that a company took reasonable steps to protect their information. By streamlining data sharing through cloud storage, employees can access sensitive information on the fly (whether in an office setting or not), diluting the amount of protection afforded to such information.
Companies should always be certain they understand the terms and services of any cloud storage provider. Is there anything that hints towards them claiming ownership of data or duplicating it? Do they guarantee that the information stored online will be kept secret? For example, Dropbox’s terms of service clearly state they will not share information with any third party without the user’s permission. On the other hand, Apple’s iCloud service reserves the right to divulge stored information when they deem necessary. Therefore, it is advisable to always read the fine print before signing up for a service to make sure that it does not give itself broader control over your sensitive information as similar services may have dissimilar terms of service. Although unlikely, terms and services may be used to show that ‘reasonable steps’ were not taken to protect ones information, hence losing its trade secret status. A court has not yet settled this issue, but exercising caution never hurt anyone!
The ability to remotely access data through cloud storage has increased the incidence of employee data theft, as well as through hackers. The lack of actual physical barriers not only makes theft easier but also seems less risky psychologically as compared to actually using USB drives or misappropriating files.
However, not every incidence that looks like theft really is. The ability to steal information easily has given employers twitchy trigger fingers, driving them call their lawyers at the drop of a hat to nab employees they believe are misappropriating company secrets. Many employees, unaware of their cloud storage account settings, may upload sensitive information unintentionally or automatically. To prevent false alarms such as these, it is important to properly train employees on how to use third party cloud storage services in conjunction with basic knowledge of trade secrets.