On June 8, 2016, the European Union adopted a directive on the protection of know-how and undisclosed commercial information (also called trade secrets) against their unlawful acquisition, use and disclosure. This directive was transposed in France by the law of June 30, 2018 and codified in articles L.151-1 and following of the Commercial Code. These provisions offer companies a new means of preserving their know-how and their innovations in a competitive context.

Article L.151 of the Commercial Code defines trade secrets as follows:

“Any information meeting the following criteria is protected as business secret:

1° It is not, in itself or in the exact configuration and assembly of its elements, generally known or easily accessible for people familiar with this type of information because of their field of activity;

2° It has a commercial value, actual or potential, because of its secret nature;

3° It is the subject on the part of its legitimate holder of reasonable protection measures, taking into account the circumstances, to preserve its secrecy. »

Therefore constitutes a business secret:

• Information that is not known to the professional sector concerned;

• Valuable information given its secrecy;

• Information that the company tries to keep secret by taking reasonable protective measures.

Business secret therefore covers information produced by research and development, relating to commercial strategy, business acquisition projects, customer files (which are themselves covered by the general data protection regulations) , the company’s methods and know-how, the original processes, the mathematical formulas (which cannot be protected by copyright) etc…

However, business secrecy is not intended to hide illicit practices.

In order to duly protect business secrecy, companies have an interest in identifying confidential information, classifying it as confidential, and establishing a protection body within the company. The company has an interest in physically and digitally securing this information and can possibly classify it into different levels limiting more or less access to members of the company (the higher the level of security, the fewer the number of people with access to it).

It could be useful for the company to keep evidence that on a given date it was indeed the holder of the information protected by business secret. As such, it could be useful either to send these elements by registered mail with acknowledgment of receipt and to keep the envelope closed until any litigation in the course of which it would be opened by a bailiff or ideally to resort to a Soleau envelope with the INPI which will allow to benefit from the proof of the anteriority of the information. It could also be relevant to use a secure blockchain service when the information placed on the blockchain is a priori not falsifiable.

It may, in addition to the specific regulations on business secrecy, be relevant to consider protection by the sui generis right of databases. Indeed, when a database is the result of substantial human and financial investment in terms of time, the database will be protected. It is necessary to constitute an evidence of these investments. In any case, any substantial extraction (in one go or several times) of the content will be prohibited. It will also be necessary to impose rules for the data processing either by a company agreement or directly in the employment contract. It may also be useful to enter into a confidentiality agreements with business partners or even non-competition and non-drafting clauses. It will also be useful to resort to digital insurance.

The firm is able to support you on these various issues.