Template Guide
Trade Secret Log
A trade secret log is a living register of every confidential asset in your organisation. Without one, you cannot prove what you protected, when you identified it, or who had access — all of which courts demand.
What Is a Trade Secret Log and Why Is It Essential?
A trade secret log (also called a trade secret register or inventory) is a centralised record of all trade secrets your organisation owns. It documents what each secret is, when it was identified, who has access, what protections are in place, and its commercial value. Courts in the US, UK, and EU increasingly expect companies to maintain such records as evidence of reasonable protective measures. In the landmark Waymo v. Uber case, detailed trade secret documentation was instrumental in proving misappropriation. Without a log, you may struggle to even define the trade secret you are trying to protect in litigation.
Essential Components
Key Sections to Include
A comprehensive trade secret log should cover each of these areas.
Unique Identifier and Name
Assign a unique reference number and descriptive name to each trade secret. This makes it easy to reference in NDAs, access requests, and legal proceedings without revealing the actual content.
Description and Classification
Provide a sufficiently detailed description to identify the secret without disclosing it. Classify by type (formula, process, customer list, algorithm) and by sensitivity level (confidential, highly confidential, restricted).
Date of Creation or Identification
Record when the trade secret was first created or recognised as confidential. This date is critical for establishing priority and proving the information existed before any alleged misappropriation.
Owner and Custodian
Identify the business unit or individual responsible for the trade secret and the custodian who manages day-to-day access. Clear ownership prevents internal disputes and ensures accountability.
Access List and Permissions
Maintain a current list of every person who has access. Record when access was granted, by whom, and for what purpose. Update immediately when access is revoked — especially when employees leave.
Protection Measures in Place
Document the specific safeguards applied: NDAs signed, encryption used, physical security, access controls, marking, and training provided. This becomes your evidence of reasonable steps in litigation.
Commercial Value Assessment
Estimate the economic value of the trade secret. Courts consider commercial value when evaluating trade secret claims. Even a rough assessment helps prioritise protection efforts and resource allocation.
Review and Update History
Log every review, update, or change to the trade secret entry. Include dates, the person who made the update, and what changed. A complete history demonstrates ongoing diligence.
Watch Out
Common Mistakes to Avoid
These pitfalls can undermine your IP protection even with the right template in place.
Describing the Secret in Too Much Detail
The log should identify the trade secret without fully disclosing it. If the log itself is compromised, overly detailed descriptions effectively leak your secrets. Use reference codes and general descriptions.
Not Updating Access Lists When Employees Leave
A stale access list is a litigation liability. If a former employee misappropriates a trade secret and your log still shows them as an authorised accessor, it undermines your protection claims.
Keeping the Log in an Insecure Location
The trade secret log itself is highly sensitive. Storing it in an unencrypted shared drive or general-access folder defeats its purpose. Apply the same security controls to the log as to the secrets it tracks.
No Proof of When Entries Were Made
If you cannot independently verify when a trade secret was added to the log, its evidentiary value drops significantly. Timestamps can be disputed unless they are independently verifiable.
Best Practices
How to Get It Right
Blockchain-Timestamp Every Entry
When you add or update a trade secret in your log, timestamp the entry on the blockchain. This creates independently verifiable proof of when each secret was identified and documented.
Review Quarterly at Minimum
Schedule quarterly reviews to add new trade secrets, remove obsolete ones, update access lists, and verify that protection measures are still in place. Document each review in the log.
Integrate With Onboarding and Offboarding
Update the log as part of every employee or contractor onboarding (grant access) and offboarding (revoke access). Make this a mandatory step in your HR processes.
Cross-Reference With NDAs and Policies
Link each trade secret entry to the specific NDAs, employment agreements, and policies that protect it. This creates a complete protection matrix that strengthens your legal position.
How immut Helps
Build a Court-Ready Trade Secret Register
immut timestamps each trade secret log entry on the blockchain, creating independently verifiable proof of when you identified and began protecting each confidential asset.
Timestamp new trade secret entries instantly to prove the exact date each asset was identified
Create an immutable audit trail of log updates, access changes, and reviews
Generate blockchain certificates that prove your log existed at specific dates without revealing its contents
Demonstrate ongoing reasonable steps with a verifiable history of regular reviews and updates
Provide court-admissible evidence that is accepted in the UK, EU, US, and China
FAQ
Frequently Asked Questions
What is the difference between a trade secret log and a trade secret policy?
A trade secret policy defines the rules and procedures for protecting confidential information across your organisation. A trade secret log is the actual register of specific assets being protected under that policy. You need both: the policy sets the framework and the log implements it for each individual secret.
How many trade secrets does a typical company have?
More than most realise. A mid-sized company typically has dozens to hundreds of trade secrets spanning customer lists, pricing models, supplier terms, manufacturing processes, software algorithms, marketing strategies, and internal tools. The IP audit process helps identify them all.
Should I include the actual trade secret content in the log?
No. The log should identify and describe each trade secret at a level sufficient for management and legal reference, without disclosing the secret itself. Use reference numbers and general descriptions. Store the actual confidential information separately with appropriate security controls.
Who should have access to the trade secret log?
Limit access to senior management, legal counsel, and the IP or compliance team. The log itself reveals what your most valuable secrets are and who knows them, making it a high-value target. Apply strict need-to-know principles.
Can a trade secret log help in litigation?
Absolutely. A well-maintained log with verifiable timestamps is powerful evidence in trade secret litigation. It proves you identified the secret before the alleged misappropriation, maintained reasonable protections, and tracked access. Courts view this as strong evidence of reasonable steps.
Ready to Protect Your IP?
A good trade secret log is essential — but proving when it was created is just as important. immut gives you instant, blockchain-verified proof that stands up in court.