Safeguarding trade secrets in Horizon Europe

 

This month, we have chosen to focus on a recurring question among the users of our Helpline service: how to conciliate the protection of project results as a trade secret with the obligations of disclosure and reporting inherent to Horizon Europe?

Trade secrets are protected in the European Union under Directive 2016/943. A trade secret refers to information which: is secret (meaning not generally known among or readily accessible to persons within the circles that normally deal with the kind of information in question), has commercial value because it is secret, and has been subject to reasonable steps under the circumstances, by the person in control of the information, to keep it secret.

Protecting project results as trade secrets is allowed in Horizon Europe as the European Commission does not impose one type of IPR over another – valuable results simply must be protected, and protection choices have to be appropriate. However, in projects involving multiple people, multiple entities and multiple disclosure and reporting obligations, choosing this path has to be planned carefully, to avoid breaching confidentiality and thus destroying secrecy.

Several aspects can be considered here: the obligation to disseminate results, the disclosures to other consortium members, and the contents and status of deliverables submitted to the funding authority.

 

Trade secrets vs. Dissemination obligations

 

The model grant agreement for Horizon Europe, in its Annex 5, contains a general obligation to disseminate project results. Accordingly, “the beneficiaries must disseminate their results as soon as feasible, in a publicly available
format, subject to any restrictions due to the protection of intellectual property, security rules or legitimate interests”.

The exception to dissemination obligations is therefore laid out clearly: the protection of project results prevails over their dissemination in case of conflict. If a result can be protected by patent, utility model or industrial design (three types of IPR which require novelty at the time of filing), then no dissemination may (or in fact should) occur until the filing has been made. If a result is foreseen to be protected as a trade secret, then no dissemination may occur at all in order to preserve the secrecy.

Thus, project partners should keep in mind that the dissemination obligations applicable in Horizon Europe are not a barrier to trade secret protection: if trade secrets are involved, it is possible to avoid dissemination activities about these outputs altogether, or to only disseminate general information without going into details.

 

Trade secrets vs. consortium partners (and external contributors)

Trade secrets have to be managed tightly. This is done primarily by ensuring that only people (staff, external contributors…) who really need to know about it are given access to the information – for example, if they need access to specific confidential know-how in order to perform their tasks in the project. Granting access to the confidential information on a strict need-to-know basis will reduce the risks of leaks.

Of course, all the people who may potentially become privy to this confidential information have to be bound by appropriate confidentiality and non-disclosure obligations. This is the only way to ensure that the information is treated as confidential, not disclosed any further, and is not used for purposes other than project-related purposes.

In the context of a Horizon Europe project:

• In principle, the consortium agreement signed by all partners already contains a confidentiality clause. This clause is often limited to 5 years to reflect the confidentiality clause of the grant agreement and therefore it will not be sufficient to protect the trade secret on the long term.
• An additional NDA should then be signed in parallel, to cover the trade secret in question more thoroughly. Here, the parties should ensure that the trade secret is identified clearly as the object of the agreement, and should include specific procedures to follow in this regard (for example, agreeing that every discussion and internal document related to the trade secret be identified as sensitive / confidential and treated as such). Importantly, the parties should define for how long the obligation to keep the information confidential will apply – this can be indefinite if there is no plan to drop trade secret protection soon.
• Signatories to the NDA should commit to keep the information secret (this is the purpose of the agreement) and only to disclose it to their staff or third parties on a need-to-know basis and provided that NDAs or confidentiality clauses are in place. It should be ensured that those individual NDAs or clauses are at least as stringent as the ones in force in the consortium.

To conclude on this part, keep in mind that while the use of an NDA is basically “mandatory” practice when it comes to protecting trade secrets, it remains "only" a legal tool. For this reason, know that it is always safer to disclose too little rather than too much whenever possible. At the same time, it can be useful to complement the use of NDAs by technological protection measures (e.g. encryption devices), by implementing a proper trade secret protection policy for the partners concerned, or by duly training project staff on trade secret protection.

 

Trade secrets vs. reporting obligations

A common concern among project beneficiaries is how to deal with deliverables and reporting when seeking to protect project results as a trade secret. Often, the Description of Action and the deliverables / milestones planned therein foresee the provision of specific reports to the funding entity, some of which may be containing technical information. There are therefore legitimate concerns about the protection of the information contained in such documents.

On this topic, remember that the best way to protect a trade secret is to always disclose as little as possible. You may be bound by disclosure / reporting requirements that impose that you describe some of your outputs in a project deliverable - however (to the extent possible and depending on the requirements of the funding authority) it will be useful to try and strike a balance if you can, between disclosing enough to allow the funding authority to assess the project's work and keeping the non-necessary elements out of that document.

The other way to ensure that the information is protected is to correctly set the confidentiality level of your deliverables. In Horizon Europe, "sensitive information" is the terminology used to label what was before known as "confidential information". By declaring a deliverable as "SEN - Sensitive":

• you ensure that it is treated as confidential / sensitive by the Commission, as per article 13 of the grant agreement
• this means that the EC will treat it confidentially for the duration of the project plus minimum 5 years afterwards
• this also means that the EC cannot disclose it to staff / evaluators / other institutions except on a "need to know" basis and provided that the recipient is bound by confidentiality obligations (NDA).

Note that when it comes to classification levels for deliverables, SEN is sufficient. There are higher / more restrictive levels, but they refer to classified information (which a trade secret is not) and would typically apply in security-related actions. Labelling deliverables as classified comes with a lot of additional rules and restrictions (e.g. not being able to use the Participant Portal for such deliverables, having to follow specific rules and instructions and in particular Decision 2015/444) and it is likely that the funding authority would not accept such labelling outside of security concerns.

Finally, keep in mind that if you are planning to protect specific know-how / technical information as a trade secret (which can in fact last forever), the 5 years foreseen by the grant agreement for the protection of sensitive information will not be enough.

In that case it is advisable to request from the funding authority that they keep the deliverable in question (and the related information) confidential for a longer period - this is possible in Horizon Europe, in accordance with article 13.1 of the grant agreement. Therefore, do not hesitate to reach out to your project officer on this topic.

 

 

 

Photo by Beth Macdonald on Unsplash