USA – MASSACHUSETTS Trends and Developments Contributed by: Adam Gershenson and Audrey Pope, Weil, Gotshal & Manges LLP
A shifting landscape: what protective measures are “reasonable” in the AI era? Under the DTSA, trade secret owners must take “rea - sonable measures” to maintain the secrecy of their information. The reality that more information is readily ascertainable raises the issue of what will be recog - nised as a “reasonable measure” sufficient to protect one’s information. It is possible, for example, to envi - sion an arms race in which parties must continually improve their protective measures to ensure their information is not readily ascertainable. While this may have certain salutary deterrent effects, it could also lead to over-investment in protective measures, which would divert resources from potentially more produc - tive uses of time, energy, and capital – like generating the valuable information in the first place. Whether information is “readily ascertainable” will likely be determined in part by what types of technologies develop and by the relative ease with which consum - ers and competitors are able to access them. Trade secret owners should thus remain vigilant and ensure their trade secret protocols are up to date. By way of an extreme example, security measures that could have stopped stagecoach robbery will not likely be deemed reasonable when the omnipresent threat is digital piracy. In general, courts have considered evidence of con - fidentiality agreements, physical and digital security protocols, need-to-know restrictions, return-of-mate - rials obligations, employee training, document label - ling, and other similar policies to support a conclusion that reasonable measures were taken. Recent First Circuit decisions applying Massachusetts law suggest that this inquiry will, at least for the immediate future, continue to rely heavily on whether the owner imposed tangible contractual and technical limits on the use, dis - closure, and dissemination of the information at issue. For more conventional trade secrets – like manufactur - ing blueprints, customer lists, and pricing models – the “reasonable measures” standard has historically done a decent job of separating information that a company truly treats as secret from information that it merely would prefer its competitors not have. But AI may be changing our expectations for rea - sonableness. OpenEvidence, for example, described its system prompt code as one of the company’s
“crown jewels”, but it could not very well keep the code locked in a vault (as Coca-Cola does with its formula). User-facing AI models require widespread public dissemination, much like compiled software source code. But the availability of techniques like system injection prompts means AI distributors may be more vulnerable than traditional software distribu- tors because the AI models themselves alleviate the friction associated with acquiring sensitive informa - tion. For companies deploying public-facing mod - els, reasonableness may therefore come to require more than ordinary NDA-and-password hygiene. Courts may increasingly expect layered governance: companies may want or need to test against prompt injection and extraction; separate user-facing outputs from back-end instructions where feasible; log inter - actions to facilitate investigations of misuse; narrow credentials; and document responses when a model disgorges information it should not reveal. In the OpenEvidence case, for example, OpenEvi - dence argued that its terms of use, which prohib - ited “prompt injection hacking and other methods designed to extract proprietary code and information”, were reasonable measures to protect its system code. The company also cited measures like encryption and model training to defend against prompt injection, as well as employee confidentiality agreements and physical security measures. But Pathway was alleg - edly able to circumvent these measures when it used a healthcare provider’s “National Provider Identifier” number and ignored the terms of use restrictions. The fact pattern underscores two discrete risks. First, if a public-facing identifier or other easily obtainable cre - dential is enough to get a user through the gate, defend - ants will argue that the door was effectively unlocked. Second, if the operative terms of use do not clearly impose continuing limits on use, disclosure, retention, and downstream training, plaintiffs may find their claims vulnerable under both contract and trade secret law. Recent First Circuit precedent reinforces the point. In Allstate Insurance Co. v Fougere , 79 F.4th 172 (1st Cir. 2023), confidentiality obligations and access restrictions helped support trade secret protection. In Analog Tech- nologies, Inc. v Analog Devices, Inc. , 105 F.4th 13 (1st Cir. 2024), by contrast, the plaintiff’s trade secret claim
207 CHAMBERS.COM
Powered by FlippingBook