Fourth Circuit Revives DTSA Trade Secret Claim

Trade secret law rarely gets the blockbuster treatment. There are no dramatic courtroom sketches of stolen spreadsheets wearing sunglasses, and nobody kicks down a door yelling, “Step away from the source code!” Yet for companies built on proprietary software, customer data, pricing models, internal processes, or specialized know-how, trade secret disputes can be every bit as serious as a patent war or a messy shareholder breakup.

That is why the Fourth Circuit’s decision reviving a Defend Trade Secrets Act claim in Samuel Sherbrooke Corporate, Ltd. v. Mayer deserves attention. The court reversed a district court’s dismissal of a federal trade secret claim after finding that the plaintiffs plausibly alleged the existence of proprietary software, reasonable efforts to keep it secret, and misappropriation by insiders who allegedly used the software to support a competing insurance business.

The decision is especially important because it addresses a practical question that comes up in almost every DTSA case: What counts as “reasonable measures” to protect a trade secret at the pleading stage? According to the Fourth Circuit, confidentiality agreements and invention-assignment provisions can be enough to get a plaintiff past judgment on the pleadings. Translation: a trade secret plaintiff does not have to show Fort Knox-level security in the complaint just to stay in the game.

What Happened in the Sherbrooke Case?

Samuel Sherbrooke Corporate, Ltd. was a captive insurance company incorporated in North Carolina. Its business involved providing insurance services to nursing homes and related entities. According to the complaint, the company developed proprietary software that used medical records and risk-related information to help price insurance contracts more effectively.

That software was not treated as a casual office tool, at least according to the plaintiffs. The complaint alleged that the software was confidential, economically valuable, and created for the exclusive use of Sherbrooke and its related entities. The company also alleged that the relevant individuals were bound by employment agreements containing confidentiality and invention provisions.

The dispute arose when two minority shareholders and officers, along with a Chief Technology Officer, allegedly prepared to form a competing insurance entity. The plaintiffs claimed the defendants used Sherbrooke’s proprietary software to assist that competing venture. In plain English: the company alleged that insiders took the secret sauce and opened a rival kitchen.

Sherbrooke and its principal sued under the Defend Trade Secrets Act, along with state-law claims related to corporate misconduct. The district court dismissed the DTSA claim, concluding that the complaint did not sufficiently allege reasonable measures to protect the secrecy of the software. Once the federal claim was dismissed, the district court declined to keep the state-law claims.

The Fourth Circuit reversed. It held that, taking the complaint’s allegations as true, Sherbrooke plausibly alleged that it owned a trade secret, that it took reasonable measures to protect it, and that the defendants misappropriated it.

Why the DTSA Matters

The Defend Trade Secrets Act, commonly called the DTSA, gives trade secret owners a federal civil cause of action for misappropriation. Before the DTSA, trade secret claims were primarily handled under state law, often through versions of the Uniform Trade Secrets Act. The DTSA did not replace state trade secret law, but it gave businesses a powerful federal route when their trade secrets relate to products or services used in interstate or foreign commerce.

Under the DTSA, information may qualify as a trade secret if it includes business, technical, financial, scientific, engineering, economic, or similar information that derives independent economic value from not being generally known and is subject to reasonable measures to keep it secret.

That definition sounds simple until a dispute begins. Then the questions multiply quickly. Was the information actually secret? Did the company identify the trade secret with enough detail? Did the alleged wrongdoer acquire, disclose, or use it improperly? Did the owner do enough to protect it? Was the information valuable because it was secret, or merely useful in an ordinary business sense?

The Sherbrooke decision fits directly into this messy but important middle ground. The plaintiffs did not need to prove their case at the pleadings stage. They needed to allege enough facts to make the DTSA claim plausible. The Fourth Circuit said they did.

The Court’s Key Holding: Confidentiality Agreements Can Be Enough

The most headline-worthy part of the decision is the Fourth Circuit’s treatment of “reasonable measures.” The district court appeared to view the company’s allegations as insufficient because the complaint relied heavily on contractual confidentiality obligations. The Fourth Circuit disagreed.

The court emphasized that the complaint alleged the proprietary software was confidential property, that employees were prohibited from disclosing confidential information, and that inventions or systems developed during employment belonged to the company. Those allegations connected the software to the contractual protections.

Importantly, the Fourth Circuit did not say that confidentiality agreements will always be enough to win a DTSA case. A plaintiff still may need evidence later showing that its protections were reasonable under the circumstances. But at the pleading stage, the court refused to impose a rule requiring plaintiffs to allege additional security measures beyond confidentiality and invention-assignment provisions.

That distinction matters. Pleading is not trial. A complaint is not supposed to contain every password policy, access log, employee training slide, and late-night Slack reminder about not emailing the crown jewels to a personal Gmail account. The complaint must tell a plausible story. Sherbrooke’s complaint, the Fourth Circuit concluded, did exactly that.

Reasonable Measures Are Context-Specific

The Fourth Circuit also reinforced a flexible principle: what counts as reasonable depends on the nature of the trade secret and the business context. A pharmaceutical formula, a pricing algorithm, a customer list, a software architecture, and a manufacturing process may require different forms of protection.

For some information, strict access controls, encryption, badge-restricted laboratories, and monitoring systems may be expected. For other information, confidentiality agreements, limited access, invention assignments, and consistent internal treatment as confidential may be enough, at least at the early stage of a lawsuit.

This is good news for small and mid-sized businesses that do not have enterprise-grade security departments but still take confidentiality seriously. The law does not demand perfection. It demands reasonable steps. The difference is enormous. Perfect secrecy is a fantasy; reasonable secrecy is a legal standard.

How the Fourth Circuit Viewed Misappropriation

The defendants argued that the complaint’s allegations of use were too conclusory. The Fourth Circuit rejected that argument, looking at the allegations as a whole. The complaint said the CTO created and maintained the software, the officer-shareholders knew about it, the defendants formed a competing insurance business, and the software was allegedly used to help operate that competitor.

The court found that this was more than a bare accusation. The allegations created a plausible narrative of use. In trade secret litigation, “use” does not always mean copying a file and pasting it into a rival company’s folder. It can include relying on proprietary information to build, price, operate, improve, or compete.

That is particularly relevant for software-based trade secrets. A program may be misused not only by duplicating its source code but also by using its outputs, logic, risk model, architecture, or business function to benefit a competing operation. If the secret gives a rival a shortcut, the law may care very much about that shortcut.

Why This Decision Matters for Software Companies

Software is one of the most common battlegrounds in modern DTSA litigation. Unlike patents, trade secrets do not require public disclosure. That makes them attractive for companies that want to protect source code, algorithms, internal tools, data structures, pricing engines, automation workflows, and machine-learning models.

But software trade secret claims can be difficult. Plaintiffs must identify the trade secret clearly enough to give notice, while avoiding public disclosure of the very secret they are trying to protect. Courts often reject complaints that describe trade secrets too broadly, such as “all confidential technology” or “the company’s entire platform.” That is not a trade secret description; that is a fog machine.

Sherbrooke’s claim survived because the complaint described proprietary software tied to a specific business function: using medical records and risk information to price insurance contracts more effectively. The court did not require the plaintiffs to reveal the source code in the complaint. Instead, the allegations were specific enough to make the claim plausible.

How Sherbrooke Fits With Other DTSA Cases

The Fourth Circuit’s decision should be read alongside other recent appellate trade secret cases. In some cases, courts have dismissed DTSA claims because plaintiffs failed to identify the alleged trade secrets with enough precision. In others, courts have allowed claims to proceed where the plaintiff described the information, its value, and the steps taken to protect it.

The message is not that plaintiffs get a free pass. The message is that pleading standards require plausibility, not proof. A company that merely waves at a pile of business information and calls it “secret” may still lose early. But a company that identifies a concrete proprietary tool, explains its business value, and alleges confidentiality obligations has a stronger path past dismissal.

The Sherbrooke decision also shows the importance of contractual discipline. Confidentiality agreements, invention-assignment clauses, and employment contracts are not decorative paperwork. They can become key evidence that a company treated its information as secret and expected employees or insiders to do the same.

Practical Lessons for Businesses

1. Put Confidentiality Duties in Writing

Written confidentiality provisions matter. They help show that employees, executives, contractors, and shareholders had a duty to protect sensitive information. A handshake may be charming, but in litigation, a signed agreement is much less likely to develop amnesia.

2. Use Invention-Assignment Clauses

If employees or contractors create software, processes, systems, designs, or other business assets, invention-assignment provisions can clarify ownership. Without them, disputes over who owns what can become expensive and awkward fast.

3. Identify Trade Secrets Specifically

Companies should maintain an internal inventory of key trade secrets. The list does not need to be public, but it should be clear enough for leadership, legal teams, and security personnel to understand what is protected. “Our stuff” is not a legal strategy.

4. Match Security to the Value of the Information

Reasonable measures may include confidentiality agreements, access restrictions, password protection, encryption, employee training, monitoring, exit interviews, device-return procedures, and policies governing downloads or personal email use. The more valuable the information, the more thoughtful the protection should be.

5. Act Quickly When Misuse Is Suspected

Delay can weaken a trade secret claim. If a company learns that insiders may be misusing proprietary information, it should preserve evidence, review access logs, secure systems, consult counsel, and avoid dramatic but unhelpful office theatrics. Calm documentation beats panic every time.

What Employees and Executives Should Learn

The decision is not only a warning for companies. It is also a warning for employees, executives, founders, and contractors. Information learned at one company is not automatically yours to carry into the next venture. Even if you helped create a tool, your employment agreement may assign ownership to the company.

Before launching a competing business, departing employees should review confidentiality, invention, non-solicitation, and intellectual property provisions. They should return company devices, avoid downloading restricted files, and separate general skills from protected information. Knowing how to price insurance products is one thing. Using a former employer’s proprietary pricing software is another.

The line between experience and misappropriation can be thin, but it is real. Courts generally allow people to use their general knowledge, skill, and industry experience. They do not allow people to walk out with trade secrets tucked under their arm like a souvenir hoodie.

Why the Pleading Stage Matters So Much

Many trade secret cases are won or lost before discovery. If a DTSA claim is dismissed at the pleading stage, the plaintiff may never get access to documents, emails, code repositories, financial records, or communications that could prove misuse. That is why defendants often attack complaints early, arguing that the alleged trade secrets are too vague or the security measures too weak.

The Fourth Circuit’s ruling gives plaintiffs in the Fourth Circuit a useful response when confidentiality agreements are central to the protection strategy. It supports the argument that contractual confidentiality obligations can plausibly establish reasonable measures at the beginning of a case.

Still, plaintiffs should not become overconfident. Surviving dismissal is not winning. After discovery, a court may ask harder questions: Who had access? Were passwords shared? Was the software marked confidential? Were former employees cut off promptly? Did the company enforce its own policies? A complaint can open the courthouse door, but evidence must carry the case through the hallway.

Experience-Based Insights: What This Case Teaches in the Real World

In real business life, trade secrets rarely sit in a folder labeled “Extremely Valuable Secrets, Please Do Not Steal.” They are usually embedded in everyday operations: a pricing spreadsheet used by sales, a software tool maintained by one trusted developer, a customer-risk model known by a small team, or a workflow that helps the company move faster than competitors. That practical reality is what makes the Sherbrooke decision feel so relevant.

One common experience in growing companies is that legal protection lags behind innovation. A founder hires a developer, the developer builds a useful internal tool, the tool becomes essential, and only later does someone ask, “Wait, who owns this?” By then, the software may be tied to revenue, customer relationships, and competitive advantage. The better approach is to set ownership and confidentiality expectations before the first line of code is written.

Another lesson is that access should follow business need. Many companies begin with a culture of trust, which is healthy. But trust does not mean everyone needs access to everything. If pricing software, risk models, source code, or customer analytics drive competitive value, access should be limited to people who need it to do their jobs. That is not paranoia; it is maintenance, like changing the oil in a car before the engine starts making expensive noises.

Documentation also matters. Companies often believe they are protecting trade secrets because “everybody knows” the information is confidential. Courts prefer something more concrete. Employee agreements, contractor agreements, onboarding materials, internal policies, access controls, confidentiality labels, and exit checklists all help create a record. When litigation arrives, memories get fuzzy. Documents stay annoyingly crisp.

For executives, the case is a reminder that insider disputes can become trade secret disputes quickly. Shareholders, officers, directors, and technical employees often have deep access to sensitive information. If those insiders start building a competing business, the company’s best protection is a combination of clear contracts, careful access management, and fast response once suspicious activity appears.

For startups, the practical takeaway is simple: do not wait until a funding round, acquisition, or lawsuit to organize your trade secret protection. Investors and buyers often ask whether key technology is owned by the company and protected by proper agreements. A startup with clean invention assignments and confidentiality practices looks more mature. A startup without them looks like a treasure chest with no lid.

For employees, the experience-based lesson is equally important. Before leaving a company, do not copy files “just in case.” Do not email internal tools to yourself. Do not assume that because you helped build software, you can reuse it elsewhere. Take your skills, your judgment, and your experience. Leave behind the proprietary materials that belong to the company. It is much easier to build a clean new venture than to explain a suspicious download trail later.

The Sherbrooke ruling does not make confidentiality agreements magical. They are not legal fairy dust. But it confirms that they can matter a great deal, especially when paired with allegations that the information was proprietary, economically valuable, and used by insiders for a competing business. The smartest companies will treat this decision not as permission to do the minimum, but as motivation to build a practical, layered trade secret protection program before trouble knocks.

Conclusion

The Fourth Circuit’s revival of the DTSA trade secret claim in Samuel Sherbrooke Corporate, Ltd. v. Mayer is a meaningful decision for businesses that rely on proprietary software and confidential business systems. The court made clear that, at the pleading stage, confidentiality agreements and invention-assignment provisions can plausibly establish reasonable measures to protect secrecy.

For plaintiffs, the decision offers a roadmap: describe the trade secret with enough specificity, explain its economic value, connect it to confidentiality protections, and allege facts showing improper use or disclosure. For businesses, it offers a reminder that trade secret protection begins long before litigation. Good agreements, smart access controls, and consistent confidentiality practices are not paperwork chores. They are part of protecting the company’s competitive engine.

In the end, the Sherbrooke decision is not a dramatic rewrite of trade secret law. It is more practical than that. It tells companies that reasonable protection still counts, context matters, and a well-pleaded DTSA claim should not be dismissed simply because the plaintiff has not yet proven every lock, password, and policy in discovery. Sometimes, the law simply says: tell a plausible story, protect your secrets like they matter, and you may get your day in court.