Trade secret cases often arrive in court wearing a dramatic trench coat. They promise betrayal, secret files, suspicious emails, and at least one spreadsheet that should never have existed. This one delivered all of that, right down to a password document that made IT professionals everywhere want to lie down in a dark room for a minute.
But the real lesson from the Third Circuit’s decision is surprisingly clean: not every confidential business item is a trade secret, and not every bad workplace decision becomes a federal case with trade-secret superpowers. In affirming dismissal of the DTSA and PUTSA claims, the court drew a sharp line between valuable information and the mere keys used to reach it. That distinction matters for employers, employees, litigators, and anyone tempted to think that a password alone automatically deserves a velvet rope and a bodyguard.
This case is important because it clarifies how courts in the Third Circuit will analyze trade secret misappropriation claims under the Defend Trade Secrets Act and the Pennsylvania Uniform Trade Secrets Act when the alleged secret is a set of passwords rather than the underlying business data itself. It also sends a broader message: trade secret law still protects genuinely valuable proprietary information, but courts expect plaintiffs to identify the asset carefully and prove why it meets the statute’s elements.
What Happened in the Case?
The dispute arose from a workplace mess that was already plenty messy before the trade secret claims entered the room. An employee who was out sick needed access to login information to help address an urgent licensing problem. A coworker used the employee’s credentials, opened a spreadsheet containing passwords for dozens of systems and accounts, and sent the information so the licensing issue could be handled. That spreadsheet, in a detail almost too on-the-nose to be real, was titled My Passwords.xlsx.
From the employer’s perspective, this was a major security breach. The passwords unlocked systems connected to sensitive business information and personally identifiable information. From the employees’ perspective, the access occurred in the middle of an urgent work situation, not as part of some cinematic midnight data heist involving hoodies and green text on a black screen.
When the litigation reached the Third Circuit, the court focused on a practical legal question: were the passwords themselves trade secrets under the DTSA and PUTSA? The answer was no.
Why the DTSA and PUTSA Claims Failed
The missing ingredient: independent economic value
Under both the DTSA and PUTSA, information must do more than be confidential. It must derive independent economic value from not being generally known and not being readily ascertainable. That sounds technical, but the concept is straightforward. A trade secret is not just hidden; it is commercially valuable because it is hidden.
The Third Circuit concluded that the passwords did not satisfy that requirement. Yes, the passwords were useful. Yes, they protected access to important company systems. Yes, no responsible business wants them floating around in inboxes like party invitations. But usefulness and secrecy are not enough by themselves. The court held that the passwords were merely barriers guarding other information that may have had real economic value.
In other words, the court treated the passwords as the lock, not the treasure. And trade secret law, at least on these facts, protects the treasure more naturally than the lock.
Why a compilation argument did not save the claim
The employer argued that the spreadsheet was a protectable compilation of data. That is not a crazy argument. Compilations can absolutely qualify as trade secrets when the assembled information has independent value, such as a curated customer list, a pricing structure, a formula, a process map, or a research package developed through time and money.
But the Third Circuit said this spreadsheet was not that kind of compilation. It was a list of passwords. The list did not become protectable simply because the systems behind those passwords contained valuable information. A list of keys does not magically become a vault just because the vault is important.
No special formula, no special trade secret treatment
The court also noted that the employer had not alleged the passwords were generated through some proprietary formula or algorithm. That point matters. If a company develops a unique method for creating or managing credentials and that method itself has economic value, the analysis may look different. But ordinary passwords, even sensitive ones, were not enough here.
The opinion’s reasoning was refreshingly practical. If the passwords could be changed quickly after disclosure, and if what truly mattered was the data behind them, then the economic value lived in the underlying business information, not in the strings of letters and numbers themselves.
What the Decision Does Not Mean
The Third Circuit did not gut trade secret law
Let’s not overreact and announce the funeral for trade secret litigation. The Third Circuit did not say passwords can never matter, and it certainly did not say companies are helpless when confidential information is mishandled. It said these passwords, in this case, were not trade secrets under the DTSA and PUTSA because they lacked independent economic value.
That is a narrower holding than some hot takes suggest. In earlier and related Third Circuit trade secret cases, the court has shown a willingness to protect legitimately valuable proprietary information when plaintiffs identify it clearly and connect it to plausible misuse. In Oakwood Laboratories v. Thanoo, for example, the court revived a DTSA claim where the complaint adequately identified the trade secrets and plausibly alleged misappropriation. In Mallet & Co. v. Lacayo, the court stressed that if a plaintiff wants injunctive relief, the alleged trade secrets must be identified with real specificity. Those cases, taken together with this one, show a court trying to enforce boundaries, not erase the cause of action.
Underlying proprietary data may still be protectable
This is the part businesses should circle in red ink. The court did not say the company’s underlying customer databases, business records, pricing information, or sensitive internal systems were worthless from a trade secret standpoint. Quite the opposite. The opinion strongly suggests that the truly valuable information may still qualify for protection if it satisfies the statutory elements.
So if a plaintiff can identify the actual confidential data, explain why it has independent economic value, and show improper acquisition, use, or disclosure, a DTSA or PUTSA claim may still survive just fine. The problem here was that the lawsuit centered the wrong asset.
Why This Opinion Matters for Employers
Policy violations are not a substitute for trade secret elements
Many employers have excellent computer-use policies, password-sharing rules, and confidentiality acknowledgments. Those are useful and necessary. But this case is a reminder that internal policy violations do not automatically establish a trade secret claim. A court still wants the statutory math to add up.
That means businesses should avoid the common litigation mistake of pleading everything confidential as though confidentiality alone proves trade secret status. It does not. Courts look for specificity, economic value, and reasonable secrecy measures. The label on the file is not the same thing as the legal status of the file.
Better trade secret hygiene starts before litigation
Employers who want stronger DTSA and PUTSA protection should build a record long before a dispute arises. That includes identifying which information is genuinely proprietary, limiting access by role, separating especially sensitive materials from ordinary operational data, and documenting why the information creates competitive value.
It also helps to use confidentiality agreements, access logs, need-to-know restrictions, multifactor authentication, and internal classifications that distinguish “confidential” from “trade secret.” If every file is treated as equally precious, courts may suspect that none of them has been analyzed carefully enough.
And, while this should go without saying, maybe do not let employees maintain a spreadsheet named My Passwords.xlsx. Sometimes the best cybersecurity advice sounds suspiciously like common sense wearing glasses.
Why This Opinion Matters for Employees and Litigators
Employees are not automatically trade secret thieves
The decision is also important for employees accused of misappropriation. Courts are willing to distinguish between serious theft of proprietary business assets and conduct that is sloppy, policy-violating, or ill-advised but does not meet the legal test for trade secret misappropriation. That distinction matters because trade secret claims can be expensive, reputationally damaging, and emotionally draining.
For litigators, the opinion is a warning against overreach. If the alleged trade secret is really just access credentials, and the real business value lies elsewhere, the complaint should be structured accordingly. Pleading the wrong thing as the secret can collapse the case before discovery becomes useful.
Alternative claims may still matter
The Third Circuit practically waved a flashlight toward other possible causes of action. Depending on the facts, a company may have stronger theories in contract, fiduciary duty, unfair competition, negligence, or other business torts. But those claims have their own elements and their own evidentiary demands. A disappointed plaintiff cannot simply yell “trade secret” and expect the statutes to do all the heavy lifting.
The Bigger Trend in Third Circuit Trade Secret Cases
Viewed alongside recent and earlier precedent, this ruling fits a clear pattern in Third Circuit trade secret law. The court is asking disciplined questions.
First, what exactly is the trade secret? Not “confidential information generally,” not “our systems,” and not “a bunch of important stuff in a folder.” The answer needs detail.
Second, why is that information economically valuable because it is secret? If the plaintiff cannot explain that link, the claim gets wobbly fast.
Third, what conduct counts as misappropriation? The court wants more than vibes, suspicion, or policy violations dressed in legal formalwear.
That framework is good for the law and, frankly, good for businesses too. It encourages companies to define and protect their real competitive assets instead of trying to stretch trade secret law over every confidential inconvenience.
Practical Experience: What Cases Like This Feel Like in the Real World
In real trade secret disputes, the emotional temperature is usually much hotter than the legal theory first suggests. Employers often feel betrayed before they feel analytical. Someone broke a rule, sensitive systems were touched, documents moved where they should not have gone, and leadership wants a legal response immediately. That instinct is understandable. When internal security policies are violated, it can feel like a direct attack on the business itself.
But the courtroom experience tends to be less dramatic and more forensic. Judges slow everything down. They ask what the secret actually is, how it was protected, why it had independent economic value, who used it, and whether the alleged misuse caused competitive harm. That is where many cases change shape. A company may walk in believing it has a trade secret slam dunk and walk out realizing it really has a contract case, an HR problem, a cybersecurity training problem, or all three.
Employees, meanwhile, often experience these cases very differently. From their side, the events may have unfolded in the blur of a deadline, a request from a supervisor, a messy handoff, or an urgent work problem that seemed practical in the moment. That does not make policy violations harmless, but it does explain why courts are reluctant to treat every questionable access event as statutory misappropriation. Real workplaces are chaotic. Trade secret statutes are not supposed to convert every chaotic workplace decision into industrial espionage.
Lawyers who handle these matters learn quickly that precision wins. The strongest plaintiffs are usually the ones who can point to a narrow set of clearly valuable assets: source code modules, pricing models, customer intelligence, research data, formulas, manufacturing processes, or strategic plans. They can explain exactly how the information creates competitive advantage and exactly what the defendant did with it. The weakest cases often sprawl. They accuse the other side of taking “everything,” which sounds powerful until a judge asks for names, categories, dates, and proof.
There is also a practical business lesson here. A surprising number of companies discover the true state of their information governance only after litigation starts. They find shared passwords, overbroad permissions, vague confidentiality labels, inconsistent offboarding, and informal workarounds that developed because people were trying to get their jobs done quickly. By the time lawyers arrive, the organization is trying to build trade secret doctrine on top of messy operational habits. That is rarely a relaxing afternoon.
The healthiest takeaway from decisions like this is not panic. It is discipline. Identify the crown jewels. Limit access. Document value. Train employees. Use contracts intelligently. Revoke permissions cleanly. And when litigation becomes necessary, lead with the information that truly gives the business an edge, not with whatever happened to be sitting in the nearest spreadsheet. Courts are willing to protect real secrets. They just want the plaintiff to bring the secret, not merely the password to the secret.
Conclusion
The Third Circuit’s decision affirming dismissal of the DTSA and PUTSA claims is a useful correction for trade secret litigation in the employment context. It reminds courts and litigants that secrecy alone is not enough, and that access credentials do not automatically become protectable trade secrets just because they open the door to valuable systems.
For employers, the opinion is a nudge toward better information governance and sharper pleading. For employees, it is a reminder that not every workplace access dispute fits the mold of trade secret misappropriation. And for the broader development of trade secret law, it reinforces a healthy principle: legal protection follows the economic value of the information itself, not the drama surrounding it.
That may be less flashy than some litigation narratives, but it is a lot more useful. And in trade secret law, useful usually beats flashy. Even if flashy occasionally arrives as a smiling email attached to My Passwords.xlsx.
