BUSINESS SECRET

1. Definition
Business secret is information obtained from financial, intellectual investment which is undisclosed and susceptible to application in business.
A trade secret is defined as any information that:
(1) Generally unknown within the relevant business community or to the general public;
(2) Generate economic benefits for its owner. This benefit must derive from information that is generally not known, and not solely by the value of that information; and
(3) Efforts are required to maintain this secrecy.
A trade secret continues to be maintained as long as the information continues to be kept private. This information is easily and completely exposed through research units, items on the market cannot be trade secrets.

2. General requirements for business secrets eligible for protection
A business secret shall be eligible for protection if it meets the following requirements:
1.  Neither to be common knowledge nor easily obtained;
2.  To be capable, when being used in the business course, to render advantages to its holder over those who do not hold or use it;
3.  To be kept secret by its owner with necessary measures so that it shall neither be disclosed nor easily accessible.

3. Subject matters not protected as business secrets
The following confidential information shall not be protected as business secrets:
1.  Personal status secrets
2.  State management secrets.
3.  Security and national defense secrets.
4.  Other confidential secret information irrelevant to business.

4. The World Intellectual Property Organization (WIPO) suggests 10 basic protection strategies for businesses that own business secrets; consists of:

  1. Trade secret identification: businesses should consider when deciding to treat information as a trade secret. At that time, enterprises will have to evaluate factors such as: the disclosed scope of information; information security capabilities; the value of the information to the business itself and its competitors; difficulty for others to collect and access information.

  2. Developing protection policies: business secret protection policies must be transparent and clear; must be able to demonstrate significant commitments of protection in the event of conducting legal proceedings.

  3. Staff education: to limit inadvertent disclosure of information; internal training of employees from the moment they entered the sense of information security; Regular remind & check.

  4. Restrict access: trade secrets should only be disclosed to those who need to know that information; limit employee's access to the database of confidential information.

  5. Document marking: building a unified document marking system and improving employee’s understanding to avoid unintentional disclosure of information.

  6. Physical isolation and protection: measures can be taken such as depositing with a separate key; access control; shred information; regular monitoring checks

  7. Isolate and protect electronic data such as access control; encryption, firewall construction; Monitor incoming and outgoing data.

  8. Restrict public access; monitor the movement of customers in the company.

  9. For third parties: making confidential contracts; restrict access.

  10. Voluntary supply; share according to the extent to exploit; restrict access.