Abstract
Many companies are convinced they possess information that is decisive for their business: ideas, procedures, technical solutions, commercial strategies that constitute a real competitive advantage. For this reason, they tend to assume that such information is, in itself, protected. However, this belief often collapses when a collaborator ends the relationship, a supplier becomes a competitor, or a former partner starts operating in the same market. In such cases, what the company considers “obviously confidential” may prove, in court, to be legally irrelevant.
This is where the frustration of many businesses originates: the perception of having suffered unfair conduct is not matched by effective legal protection, and litigation ends with the unexpected dismissal of their claims. The reason, however, is not found solely in the conduct of others. More often, the problem lies upstream, in the absence of a conscious and structured strategy for protecting know-how.
What trade secrets really are (according to the Italian law)
To understand why many companies fail in disputes of this kind, one must start from an essential premise: the law does not automatically protect everything a company considers important. It is not enough for information to be useful or strategic, nor is it sufficient that the company regards it as confidential. Trade secret protection is built on strict requirements and does not tolerate approximation.
In Italy, the relevant framework is set out in Article 98 of the Italian Industrial Property Code, which protects so-called trade secrets (see: Protection of trade secrets: strategies and tools for businesses – Canella Camaiora). The provision establishes that information may qualify as a trade secret only when three requirements are met simultaneously.
The first is secrecy: the information must not be generally known or readily accessible to industry operators. It must not be something that can be obtained from outside sources or that is already available on the market. The mere fact that a company does not disclose it is insufficient; the knowledge must actually remain restricted, and that restriction must constitute a distinctive element.
The second requirement is economic value. The information must have value precisely because it is secret – that is, it must confer a competitive advantage on the company. It may consist of a technical solution, a production process, an organizational method, or significant commercial data. Protection is justified to the extent that the information concretely affects the company’s position in the market.
The third requirement, often decisive, is the adoption of adequate protection measures. The law requires the company to have implemented reasonable steps to preserve the confidentiality of the information. A secret is not such merely because it exists; it is such because it is treated as such – through rules, procedures, and safeguards designed to prevent unauthorized disclosure or use.
It follows that it is not enough to claim confidentiality, nor to rely on trust in employees or collaborators. The company must be able to demonstrate the existence of a concrete protection system, based on contractual agreements, access limitations, internal protocols, and organizational measures consistent with the value of the information. In the absence of these elements, the information may well be relevant from a business perspective, but it will not qualify as a legally protectable trade secret, and it will hardly support an effective claim in court.
The most frequent mistakes made by companies
In judicial practice, the mistakes companies make in relation to trade secrets are recurrent and, in some respects, predictable. These are not exceptional behaviors, but widespread practices, often adopted in good faith and with the conviction of having done what was necessary (see: When a company’s value depends on know-how… that can walk out the door – Canella Camaiora). The issue is that what appears reasonable from an organizational standpoint is not always sufficient from a legal perspective – especially when it comes to proving the existence of a legally protectable secret.
The first mistake consists in relying on generic protection tools. Passwords for company computers, internal email access controls, shared folders, or simple verbal instructions about confidentiality are frequently considered sufficientmeasures. In reality, these are tools that fall within the ordinary IT management of any business and, precisely for that reason, do not demonstrate the adoption of a specific strategy for protecting trade secrets. The ordinary use of credentials or access systems alone does not suffice to qualify certain information as legallyprotected.
A second, equally frequent mistake is the confusion between know-how and ordinary commercial information. Companies tend to include within the notion of “secret” everything related to client relationships: operational needs, service delivery methods, pricing, contractual conditions. However, much of this information is, by its nature, meant to circulate in the market and is often shared with consultants, suppliers, or other third parties. Without a clear delineation, the boundary between confidential information and ordinary information becomes too uncertain to support effective protection.
The third mistake, perhaps the most insidious, emerges at the time of filing a lawsuit. Judicial claims are often limited to generically invoking concepts such as “software,” “platform,” “process,” or “working method,” without distinguishing between the container and the content, between what is visible externally and what should remain confidential. For a judge, however, it is not sufficient to refer to an abstract idea of know-how: it is necessary to precisely identify the object of protection and explain why, in concrete terms, it must be considered a secret.
When these clarifications are lacking, the claim progressively loses substance until it becomes inadmissible. Not because the company has not suffered harm, but because that harm has not been translated into a legally recognizable and provable violation.
The Courts’ response: a recent decision from Florence
A recent ruling of the Court of Florence (Judgment no. 5/2026) provides a very clear answer to the difficulties many companies face when attempting to protect their know-how in court. The case arose from a far from uncommon situation: a company that had collaborated for years with an external professional lost a client to that same collaborator, who had in the meantime established his own company (see: Former employees: when the “transfer” of company information is not unlawful – Canella Camaiora). According to the claimant, the former collaborator had exploited technical and commercial information acquired during the collaboration to submit a more competitive offer and secure the contract.
In the claimant’s view, that information represented the core of its business and should have been considered tradesecrets. However, the Court dismissed all claims. The reason did not lie in a “moral” assessment of the conduct, but in the strict application of the statutory requirements. In particular, the judge found that the company had failed to precisely identify which specific secrets had been violated. Software, platforms, processes, and commercial information were mentioned in general terms, without clearly defining the object of protection.
Even more decisive was the issue of protective measures. The Court held that tools such as passwords for company computers, widespread access to IT systems, or ordinary email management could not be regarded as adequate secrecy measures. These are instruments common to any organization and insufficient to demonstrate the existence of a genuine strategy for protecting confidential information. In the absence of a clear distinction between what was secret and what was not, and without specific rules aimed at limiting access and use, trade secret protection was denied.
Another passage of the ruling clarifies a frequent misunderstanding: the existence of an industrial secret cannot be “admitted” or recognized merely because the opposing party does not contest it. The qualification of information as a trade secret is not a simple matter of fact, but a legal assessment requiring strict verification of the statutory requirements. Consequently, the company bringing the action must always prove the existence of the secret and the measures adopted to protect it, regardless of the defensive strategy of the opposing party.
For these reasons, the Court excluded not only the violation of trade secrets but also unfair competition, dismissing the claims in their entirety. The message is clear: the protection of know-how does not originate in the courtroom; it must be planned and managed strategically long before litigation arises.
How to avoid losing a case, before it even begins
The lesson that emerges from these disputes is clearly preventive. Know-how protection is not built when the conflict has already started, but must be consistently planned over time. Protecting strategic information first requires the ability to clearly distinguish what is truly central to the business from what belongs to its ordinary operations. Not everything is a secret, and precisely for that reason it is essential to clearly identify which information deserves stronger protection.
Once the assets to be protected have been identified, it is necessary to establish an appropriate contractual framework. Relationships with collaborators, consultants, and suppliers must be governed by confidentiality agreements (NDAs) and carefully drafted written contracts specifying in detail which information is confidential, how it may be used, and the consequences of any breach. Where permitted by law, non-compete clauses may further contribute to preventing future conflicts and protecting the company (see: Non-compete clauses: a useful tool that must be handled with care – Canella Camaiora).
Alongside proper contractual regulation, companies must adopt internal policies for selective access to information. The indiscriminate circulation of data, even within the organization, weakens any claim to legal protection. It is essential that only those who genuinely need certain confidential information have access to it, thereby creating a clear boundary between what may be shared and what must remain protected.
Finally, technical and organizational measures must be aligned with the value of the information to be safeguarded. Secure IT systems, data management procedures, archiving methods, and strict access controls are not merely operational aspects; they must be considered integral components of the company’s know-how protection strategy. The more strategic the information, the greater the level of protection that must be ensured.
Only by adopting this integrated approach will a company, in the event of conflict, be able to demonstrate not only that it possesses confidential information, but also that it has effectively treated it as trade secrets. For this reason, specialized legal support becomes fundamental – not only to intervene when litigation is already underway, but to help the company build an effective protection system capable of preventing disputes and, if necessary, strengthening its position in court.
© Canella Camaiora S.t.A. S.r.l. - Tutti i diritti riservati.
Data di pubblicazione: 11 Marzo 2026
È consentita la riproduzione testuale dell’articolo, anche a fini commerciali, nei limiti del 15% della sua totalità a condizione che venga indicata chiaramente la fonte. In caso di riproduzione online, deve essere inserito un link all’articolo originale. La riproduzione o la parafrasi non autorizzata e senza indicazione della fonte sarà perseguita legalmente.
Margherita Manca
Avvocato presso lo Studio Legale Canella Camaiora, iscritta all’Ordine degli Avvocati di Milano, si occupa di diritto industriale.