Bennett & Belfort P.C.
The B&B Docket Blog
Developments in the Dynamic World
of Business and Employment Law

Archive for the ‘Privacy’ Category

The Defend Trade Secrets Act Creates New Employer Disclosure Requirements and Whistleblower Rights

Posted on: June 29th, 2016 by admin

Photo_vaultUnder the Defend Trade Secrets Act of 2016 (“DTSA”),  trade secret misappropriation is now an issue of federal law.  This federal statute takes a field which was once nearly the exclusive domain of state law and adds a number of significant new rights for entrepreneurs seeking to preserve the secrets of their success – and for whistleblowing employees who report trade secret theft to the government.

DTSA Prohibitions And New Remedies.  The DTSA broadly prohibits the misappropriation of trade secrets – a term which includes sensitive financial, business, scientific or technical information.  The owner of the information must take reasonable steps to keep it secret and its secrecy must provide independent economic value to the owner.  State laws are not preempted by the DTSA, so the particular nuances of Massachusetts law regulating trade secrets Mass. Gen. Laws Ann. ch. 93, § 42 and Mass. Gen. Laws Ann. ch. 93A, §§ 1 to 11 still apply.  The DTSA creates an additional federal cause of action which may be in filed in federal court.  Not only does the DTSA allow the victim of trade secret misappropriation recovery of double damages and attorney fees, but in some exigent circumstances the law provides for a procedure to secure court ordered seizure of trade secret data in order to avert irreparable harm and preserve a matter for judicial review.

Employer’s Notice Requirement Under The DTSA.  The DTSA requires employers give employees, independent contractors and consultants notice of their qualified right to disclose trade secrets when done as a whistleblower reporting other violations of law.  Employers are obligated to give such notice “in any contract or agreement with an employee that governs the use of a trade secret or other confidential information,” – an obligation which likely calls for updates to employment contracts, confidentiality agreements, and many employment policy handbooks.  Failure to make this disclosure bars an employer from collecting exemplary damages or attorney’s fees under the DTSA from an employee who steals trade secrets – and may in itself be the basis for a violation of the DTSA.

Whistleblower Rights Under the DTSA.  The DTSA protects whistleblowers who confidentially disclose trade secrets to a federal, state or local government official where such disclosure is solely for the purpose of reporting or investigating a suspected violation of law.  Under the DTSA, qualifying whistleblowers are immune from civil or criminal liability under both federal and state trade secret law.  Furthermore, an employer may not retaliate against an individual for reporting suspected violations of the DTSA.  If an employer retaliates against an employee who is a legitimate DTSA whistleblower, it faces civil liability to the employee for its unlawful employment actions.

The attorneys at Bennett & Belfort, P.C. are pleased to advise you relative to the implementation of the new trade secret rules which protect businesses and whistleblowers.  Should you have any questions on this or any other trade secret legislation, please feel free to contact Bennett & Belfort P.C.

Attorneys Belfort and Amundson Present at Hobart and William Smith Colleges Networking Event

Posted on: June 26th, 2015 by admin

HWS Dave & SarahOn June 17, 2015, Bennett & Belfort partner, David E. Belfort and associate, Sarah E. Amundson, co-lectured a presentation entitled “Employment Law:  Primer and Pitfalls” for their alma mater Hobart and William Smith Colleges‘ Professional Networking Group. The discussion constituted a broad introduction to Massachusetts employment law and covered topics such as at-will employment, employee privacy, and the Wage Act.  The event was held at the offices of Moors & Cabot at 200 Devonshire Street, Boston. 


When Personal or Financial Data Is Compromised – Act Fast! Data Breach Enforcement Action Leads To $110K Fine By The AG

Posted on: May 19th, 2011 by admin No Comments

The Massachusetts Attorney General’s office (“AG”) recently announced that it had entered a consent judgment with Briar Group, LLC, a restaurant operator, due to Briar’s 2009 release of patron credit card information at the hands of computer hackers.

Briar was notified of its data breach on October 29, 2009, but did not remove the ‘malware’ from its network until December 10, 2009, all the while continuing to accept credit and debit cards from its customers.  Over 125,000 transactions were impacted by the breach.  The AG specified a number of grounds for its action including Briar’s failure to regularly change passwords, its failure to limit administrative access to its networks and its delay in notifying consumers of the breach while continuing to accept credit and debit cards.

The AG alleged that Briar failed to properly secure the personal information of its customers and therefore violated consumer protection laws, including M.G.L. c.93A, the Massachusetts Consumer Protection Act.  Interestingly, the AG relied upon the charge card security standards erected by the Payment Card Industry trade association in arguing Briar’s deviation from acceptable industry protocol.  Briar was fined $110,000, even through its claimed violations preceded Massachusetts’ new Data Privacy Act (201 CMR 17.00), which went into effect on March 1, 2010 and effectively codifies many of the standards underlying this enforcement action.  In addition to the financial penalty, Briar was required to agree to expressly comply with this new privacy regulation.

As technology advances, companies and consumers must remain vigilant in protecting personal and financial information.  Ongoing evaluations of systemic vulnerabilities and immediate action to resolve security lapses in advance of a breach are critical.  Furthermore, the AG has made it clear that it will not tolerate delays in investigating, reporting, or resolving data breaches, and that such violations will result in significant penalties and fines.  Stay tuned for updates as cases premised upon the Massachusetts Data Security Regulation make their way through the system.