On May 20, 2022, the Legislative Yuan passed the amendment to the National Security Act, adding provisions on national core key technologies. A few days ago, Mr. Wellington Koo, Secretary General of the National Security Council announced in advance that the key technologies list would be published
On May20, 2022, the Legislative Yuan passed the amendment to the National SecurityAct, adding provisions on national core key technologies. A few days ago, Mr.Wellington Koo, Secretary General of the National Security Council announced inadvance that the key technologies list would be published by the end of thisyear. How will this impact businesses and their employees?
Let'sstart with a scenario that businesses often encounter: Employee A had beenworking in the R&D department of Company X for ten years. One day, Company Y,a competitor of Company X, came to Employee A, and the two negotiated terms forEmployee A to work for Company Y. When A was about to resign, he thought: SinceI will also be doing research and development in the future, although I may notbe able to use the information at hand now, but one day I might use it. As longas the company X doesn’t tell me that I can’t take it (there is no clearhandover), then I can just take it with me! Moreover, I have been with thecompany X for ten years. Although the company X has told me about theimportance of confidentiality, it has never told me which information is thecompany's trade secret (to be honest, I don't know which are the secrets tokeep confidential for). Furthermore, the company X never controls about the useof USB, camera phones, clouds, personal notebook computers and other equipmentby people in the R&D department. In addition, these are the fruits of myown efforts which I’ve accumulated little by little over the years (including goingto classes on my own on weekends and holidays). What does it have to do withthe company X?
■
Therisks faced by companies regarding trade secrets leaking and damage to businessreputation when employees resign.
Asseen from the example above, if a company does not let its employees properlyunderstand (through educational training or related protection measure) thegeneral scope of its trade secrets, then, its confidentiality agreement withits employees would, in fact, be useless. Since if the employees do not knowwhat their trade secrets are, how would they be able to keep them confidential?Moreover, based on common experience, when an employee resigns, as long as thecompany does not specify what cannot be taken away, the employee often takesaway whatever he/she can. And, in reality, companies are often perfunctory intheir handover procedures and do not do a thorough job on taking inventory.Under these circumstances, as long as there is turnover (employee resigning), companieswould face a high risk of confidentiality breach.
Furthermore,what kind of risks to the business reputation is there? To put it simply, the areasmentioned in the previous example (including the lack of reasonable protectionmeasures, etc.) that the company has not done well will be examined in the procedureof a judicial investigation or trial. And if the company cannot withstand theexamination, the likely outcome is that not only the employee whom the companybelieves that have leaked the information will be fine (nonprosecuted or not guilty),but also, to a certain extent, other employees will believe that the company mightretaliate against former employees. In addition, the company will be criticizedfor its confidentiality practices, and to some extent will be perceived as notdoing a good job in protecting confidentiality, which in turn will affect its businessreputation and the confidence of its customers and suppliers.
■The risks faced by companies regarding management of trade secretsbrought by hiring and managing the employees
Again,using the example above, even if A is considered to have stolen or oversteppedhis authority to reproduce the secrets of his former employer (Company X), thisshould be A's own business. Does it have anything to do with his new employer(Company Y)? Yes, its does! According to Article 13-4 of the Trade Secrets Act,Company Y would be subject to a fine for failing to "do its utmost toprevent a crime"! But some peoplemay think, “Is this a big risk?” Is it difficult to prove that the company has"done its utmost to prevent the crime"? I would say that the risk is veryhigh. Let's look at the reasoning of the Intellectual Property and CommercialCourt 109-Xing-Zhi-Shang-Chong-Su-Zi No. 4 judgement: "The employment contract...although there is a provision that 'Party B... shall not disclose theconfidential information of its former employer...to Party A...', but this isonly a general and abstract declaratory provision. It is not a proactive,specific, and effective act of prevention." "The defendant company... has been operating in the technology industry for decades. It is certainlyaware that it must do its best to avoid the possibility of illegal use of tradesecrets by competitors' employees. In this regard, when the defendant checked'No' to the question of whether the defendant ... had access to or handled anyconfidential information related to the operation, production, or sales of theformer employer ... the defendant company ... did not question, ask, or double-checkabout the answer, but immediately saved the document. Withrespect to … thisanswer which is obviously contrary to the facts, the defendant company did nottake any subsequent management action but directly hired the defendant. This isobviously contrary to common sense.”
■Companies are facing even more serious risks
Theexample above, when coupled with the following situations, would expose the companyto legal risks of even heavier criminal liabilities under the National SecurityAct: The information taken by A was listed by the National Science andTechnology Council as one of the "national core key technologies.” Inaddition, A was found to have acted "for a foreign country, MainlandChina, Hong Kong, Macau, foreign hostile forces, or various organizations,institutions, or groups established or substantially controlled by them or thepersons dispatched by such organizations, institutions or groups.”
Whatshould companies do then?
Due tospace constraints, it is impossible to elaborate on the establishment of acomplete intellectual property protection system. But companies should at leasttake inventory of the scope of trade secrets within the company and payattention to the future announcements of the National Science and TechnologyCouncil on the scope of "national core key technologies." Inaddition, since many of such cases are inadvertent mistakes of employees, it isrecommended that companies must pay attention to education and training. Itshould be emphasized that education and training should not be carried outperfunctorily. It is recommended that each department (target audience)receives its own customized contents (preferably case-based interactions) sothat greater results may be achieved with less effort!
