Protecting Trade Secrets in Europe – An Update

Negotiating the trade secret protection landscape in Europe can be a complicated business. Each country has its own rules on what can be protected, how it’s protected and the remedies available. Rules on maintaining secrecy during court proceedings also differ between jurisdictions. All this is (theoretically) set to change on June 9 when the deadline for EU Member States to implement the EU’s new Trade Secrets Directive expires.

What will change?

The Directive defines what can be protected as a trade secret and the activities which amount to its unlawful acquisition, use or disclosure. It also provides a uniform set of civil law remedies and requires Member States to provide procedures to protect trade secrets during the litigation process.

Some jurisdictions are going to be more affected than others by these new rules. Belgium, in particular, will need to make some significant changes to the protection it currently offers while Denmark, Italy, Spain and the UK already offer the majority of the protections required by the Directive. However, even in the less affected jurisdictions, the Directive will result in some changes to the national law. Important changes introduced by the Directive include:

  • The Directive will provide a right to take action against third parties who acquire a trade secret from another where they ought to have known under the circumstances that it had been unlawfully used or disclosed. This will strengthen the protection currently available in Germany, Italy, France, the Netherlands, Spain, Belgium, Denmark, and Poland. This increased protection could help clamp down on the market for stolen trade secrets (e.g. those obtained through cyber-attacks) by increasing the likelihood that a downstream recipient would also be found liable, despite their lack of actual knowledge that the information was stolen.
  • The Directive will also strengthen the protection available in relation to goods whose design, functioning, production or marketing significantly benefit from a trade secret. This will be of benefit to those seeking to enforce trade secret protection against parties who deal in such goods, especially in cases where goods are imported into the EU, having been manufactured in jurisdictions with less stringent trade secret protection.
  • The Directive provides protection for trade secrets during the course of litigation. This will improve the protections available in a number of jurisdictions including France, the Netherlands, Spain, Belgium, Poland, and Finland. In particular, the Directive allows confidentiality clubs, private hearings and the redaction of judgments. This will give trade secret owners more confidence to bring enforcement actions by removing the risk that the proceedings themselves could result in disclosure of their trade secret(s).
  • The Directive provides that interim and preliminary measures to protect trade secrets should be available in all jurisdictions. Such measures include interim prohibitions on the use or disclosure of a trade secret and preliminary injunctions and seizures relating to goods which significantly benefit from a trade secret. This will improve the range of interim remedies available in France, Belgium and Finland and provide greater legal certainty in other jurisdictions, where the status of some interim remedies has been somewhat unclear.

What’s the current state of play?

With the June 9 deadline for national implementation fast approaching, we surveyed colleagues in our other European offices to check the state of play in their jurisdiction. The picture which emerged was mixed.

Much progress has been made towards national implementation of the Directive in the UK, Italy, France, The Netherlands, Denmark, Sweden, and Hungary. Implementation in these jurisdictions is expected on or around the June 9 deadline. Work is also underway in Poland and Finland, but it’s possible that implementation could slip a few months past the deadline. Slightly further behind are Spain, Belgium, and the Czech Republic. Germany is currently lagging behind as the recent political deadlock surrounding the formation of the new government has delayed the legislative agenda, although a draft bill has been promised for the first half of 2018.

Approaches to implementation also vary significantly. The Netherlands, Denmark, Hungary, and Finland are planning new legislation which will replicate much of the wording of the Directive. Other jurisdictions such as the UK, Italy, Poland and the Czech Republic are planning to enact only those changes required to bring their existing law on trade secret protection in line with the Directive.

The Directive only mandates a minimum level of protection which each jurisdiction must provide and some jurisdictions are also using the opportunity to introduce additional trade secret protections. Italy is planning to include new criminal sanctions, with increased penalties where the unlawful acquisition of a trade secret includes the use of “IT instruments”, with the aim of dissuading the use of hacking to obtain trade secrets. Finland is also planning to use its new legislation as an opportunity to define the circumstances in which third parties such as a company’s directors, employees, auditors and parties to a confidential business relationship will have a secrecy obligation.

Best practice

Once fully implemented the Directive will improve trade secret protection in Europe but there are a number of steps which businesses can take now to benefit from this enhanced protection. These include:

  • Familiarizing themselves with the definition of what can be protected as a trade secret under the Directive.
  • To qualify as a trade secret under the Directive information must have been “subject to reasonable steps … to keep it secret“. Companies should, therefore, take steps to identify the categories of information they want to protect as a trade secret and ensure they would be able to document the steps taken to keep it secret.
  • Often the key to protecting trade secrets is moving quickly once an information security breach has been identified. Companies should put in place (and regularly review) incident response plans to define responsibilities and lines of communication along with internal and external legal and technical support which can be called upon. Being prepared to take action quickly will help companies best leverage the benefit from the potential interim remedies provided by the Directive.


Warning & Disclaimer: The pages, articles and comments on do not constitute legal advice, nor do they create any attorney-client relationship. The articles published express the personal opinion and views of the author as of the time of publication and should not be attributed to the author’s employer, clients or the sponsors of Read more.

Join the Discussion

No comments yet.