— Jessica Gutierrez Alm, Attorney

“The cloud” can refer to a lot of things, and is frequently a misunderstood concept. While cloud computing can encompass a number of Internet-based functions, in its simplest form, “the cloud” merely refers to the use of remote servers for data storage, processing, and management. Usually, the remote servers are hosted by a third party cloud service provider. The cloud service provider stores and maintains the physical servers that users access remotely. So essentially, cloud computing is the use of someone else’s server, located somewhere else, to do something on your local computer. Dropbox and Google Docs are common examples of cloud storage. As another example, software like Adobe Photoshop can be provided over the cloud, rather than requiring a user to download it locally.

Many businesses have taken to the cloud in recent years for their processing, storage, and other needs. Cloud platforms provide several benefits over more traditional, local, computing. For example, a business can increase its cloud storage space easily and fluidly, without the need to purchase and store physical drives.

Along with the benefits, however, cloud computing brings new concerns as well. One issue may be the incompatibility of the cloud with trade secrets.

A trade secret, as defined by the Uniform Trade Secrets Act, is information that is (1) secret; (2) valuable because it is secret; and (3) subject to reasonable efforts to maintain its secrecy. The Coca-Cola formula, for one. Disclosure of a trade secret to a third party can, in many cases, render the information no longer protectable as a trade secret. If Coca-Cola were to disclose its secret formula to an outsider, it may no longer be able to protect it as a trade secret in a suit for misappropriation, for example. Generally, unless subject to a confidentiality agreement, the disclosure of a trade secret to a third party can render the information no longer protectable.

So the question becomes: is a cloud service provider a third party? When a trade secret owner stores a trade secret in the cloud, and effectively “discloses” the information to the cloud service provider, has secrecy been lost? Courts have not had a chance to answer this definitively. The outcome may hinge on the often boilerplate Terms of Use agreements associated with cloud service providers. Unfortunately, such agreements often disclaim any liability on the cloud service provider for loss of confidential information. This may render it difficult for trade secret owners to argue that secrecy was not lost and that reasonable efforts to maintain secrecy were exercised for trade secrets that are or were at any time stored in the cloud.

In order to avoid the potentially harsh consequences of defending the trade secrecy status of information stored in the cloud, Professor Sharon Sandeen of Hamline Law School offers practical advice for trade secret owners to consider. For example, while a business might place a majority of its storage in the cloud, it might consider maintaining any proprietary information separately and locally. And ideally, a business or other trade secret owner may want to seek an express confidentiality agreement from the cloud service provider.

While businesses looking to the cloud for storage and other services should keep trade secret protections in mind, the cloud can still be a useful addition to many business’ computing needs.