Legal Notice: This article is for educational and informational purposes only. It does not constitute legal advice and should not be relied upon as a substitute for consultation with a licensed attorney. Laws and court interpretations change frequently — always seek qualified legal counsel before making intellectual property decisions. See disclaimer below.
AI founders seeking an ai model weights trade secret strategy face a structural IP problem that the patent system was not designed to solve. A patent forces public disclosure of exactly how an invention works. For most AI companies, that requirement transforms a legal protection instrument into a free technical specification for every competitor who reads the filing. If training data selection, hyperparameter configuration, and loss function design are what separate your model from a commodity, publishing those details in a USPTO application is not protection; it is a roadmap for replication.
This analysis examines the legal framework governing AI model IP in 2026: when trade secret law offers a stronger defense, what the Defend Trade Secrets Act (DTSA) actually requires in federal court, and how technical controls function as legal evidence of “reasonable measures” under 18 U.S.C. § 1839(3).
At A Glance
Trade secret protection backed by technical controls and NDAs is the stronger choice for model weights and training pipeline assets. Patents require public disclosure, which is counterproductive when core value lives inside private training infrastructure. For visible, user-facing features that competitors can reverse-engineer from the deployed product, patents remain the clearer enforcement path. A hybrid approach — allocating each instrument to the asset class it protects most effectively — is the professional standard.
Key Takeaways
- Model weights — not source code — are the primary IP asset for AI companies in 2026, and they are structurally difficult to protect through patents.
- Under 18 U.S.C. § 1839(3), trade secret status requires “reasonable measures” to maintain secrecy. Technical controls such as encryption, role-based access, and API monitoring satisfy this standard and simultaneously function as litigation evidence.
- The Federal Circuit’s 2025 decision in Recentive Analytics v. Fox Corp. significantly elevated the Section 101 rejection risk for AI method patents that do not disclose concrete improvements to the model itself.
- NDAs must explicitly enumerate protected asset categories — weights, hyperparameters, training pipelines — to establish employee notice under the DTSA’s reasonable measures standard.
- The strategic framework is straightforward: patent the interface, protect the intelligence.

Why an AI Model Weights Trade Secret Outperforms Patent Protection
AI has fundamentally changed what “intellectual property” means for technology companies. Source code is no longer the primary asset; it is increasingly AI-generated and cheap to reproduce. The primary asset in 2026 is model weights: the billions of tuned numerical parameters that encode everything a model has learned from its training data and compute investment. Weights are expensive to produce, impossible to replicate without the same data and process, and trivially easy to copy once obtained.
An AI model has two components with very different IP profiles. The architecture — Transformer, diffusion model, mixture-of-experts — is generally open-source or based on published research. Having the architecture alone gives a competitor nothing but an empty scaffold. The weights, which are the direct product of spending millions on compute and proprietary training data, encode what the model actually knows. A competitor who obtains those weights can deploy your trained model immediately, without replicating a single hour of your training investment.
This creates the central IP strategy decision for AI founders: disclose the training methodology in a patent application and gain a legal monopoly on the method, while accepting that the disclosure teaches competitors exactly how to replicate your approach — or protect everything through trade secret management, accepting that trade secrets offer no protection against a competitor who independently develops the same approach through legitimate means. For most AI companies, the second path is the stronger starting position, precisely because the asset most worth protecting cannot be meaningfully patented under current law.
⚖️ What “Reasonable Measures” Means in Federal Court
Under 18 U.S.C. § 1839(3), information qualifies as a trade secret only if the owner has taken reasonable measures to keep it secret and the information derives independent economic value from not being generally known. Courts assess the totality of the owner’s protective measures against the nature and value of the claimed secret. Technical hardening — rate limiting, query monitoring, injection filters — strengthens the reasonable measures defense if litigation follows, because it produces contemporaneous forensic records of what was protected and when.
Patents vs. Trade Secrets for AI: Three Structural Problems with the Patent Path
Understanding why the patent system creates problems for AI founders requires examining three specific structural failures. These are not prosecution strategy failures that better claim drafting can fix. They are built into how patent law functions when applied to AI training methods.
Problem 1: The Enablement Requirement Converts Your R&D Into a Free Technical Specification
Patent law’s enablement requirement, codified at 35 U.S.C. § 112(a), mandates that the patent specification describe the invention in sufficient detail for a person skilled in the art to replicate it without undue experimentation. Applied to an AI system, this means disclosing the training data selection criteria, the loss function design, the hyperparameter configuration, and the architectural choices that produce the model’s performance characteristics.
Once published, that information is permanently public. A competitor who reads the patent can use the disclosed methodology to train a competing model on their own servers using different data — without infringing the patent — by implementing the method with any non-infringing variation: a different dataset, a modified loss function, an altered training schedule. The patent intended to prevent copying has instead provided a working specification. This is the disclosure trap: the legal protection mechanism requires giving away the protected information as a condition of obtaining protection.
Before deciding whether to disclose, a thorough prior art search is essential to understand what is already public. See the Vector vs. Boolean Patent Search Strategy for AI-specific search approaches that identify competitive filings before you reveal your own methodology.
Problem 2: AI Training Method Infringement Occurs on Private Servers Where You Cannot See It
A patent confers the right to exclude. Exercising that right requires proving infringement. For AI patents covering training methods, every infringing act occurs entirely on the competitor’s private infrastructure: they process their data, run their training loop, and produce their model without any of that activity being observable from outside their network.
Consider a concrete example: a startup patents a specific loss function configuration for training a domain-specific language model. A competitor reads the patent, identifies the loss function, implements it with minor parameter variations, and trains on a private cloud instance. The startup cannot observe the competitor’s training process, cannot access their code, and cannot inspect their model internals. The patent covers the method, but there is no mechanism to detect whether the method is being used.
Trade secret protection inverts this detection problem. Unauthorized access to protected assets generates observable evidence: access logs record intrusion, API abuse patterns are detectable through rate monitoring, and departing employees trigger access revocation procedures that create a contemporaneous record. The violation is harder to commit invisibly under trade secret protection than under a patent regime, specifically for AI training assets.
Problem 3: Section 101 Creates a Material Rejection and Invalidity Risk for AI Method Patents
Under the two-step Alice/Mayo eligibility framework (Alice Corp. v. CLS Bank International, 573 U.S. 208 (2014)), patent claims directed to abstract ideas are ineligible under 35 U.S.C. § 101 unless they contain an “inventive concept” that adds significantly more than applying the abstract idea on generic hardware. Mathematical concepts — which describe most training algorithms at their core — fall within the abstract idea exception.
The Federal Circuit addressed this issue directly in Recentive Analytics, Inc. v. Fox Corp., 134 F.4th 1205 (Fed. Cir. Apr. 18, 2025), a case involving four patents covering the application of machine learning to television broadcast scheduling. The court affirmed dismissal on § 101 grounds, holding that patents claiming the application of generic machine learning to new data environments — without disclosing concrete improvements to the model itself — are patent ineligible. Applying ML techniques with greater speed or accuracy than humans, or applying existing ML techniques to a novel dataset, does not transform an abstract idea into patent-eligible subject matter under this ruling.
The practical implication for AI startups: claims must delineate specific steps through which the machine learning technology achieves a concrete technical improvement to the model itself, not merely to the business outcome the model achieves. Claims that describe what the model produces rather than how the model architecture or training process was technically improved face significantly elevated rejection risk during examination and invalidity risk in post-grant proceedings. A petition for certiorari to the U.S. Supreme Court (No. 25-505, filed October 2025) is pending, signaling that the patent community regards this area as unsettled.
What Trade Secret Protection Offers That Patents Cannot: The DTSA Framework
Trade secret law under the DTSA (18 U.S.C. § 1836 et seq.) and state law equivalents offers a fundamentally different protection architecture for AI assets. Protection attaches immediately upon implementation of reasonable security measures, with no registration, no examination, and no public disclosure. The protected information remains private indefinitely, as long as the owner continues taking reasonable measures to maintain secrecy.
The core limitation is equally fundamental: lawful reverse engineering and independent development are complete defenses. A competitor who derives the same model architecture through legitimate means, without misappropriating protected information, has not violated the DTSA. This asymmetry — patents exclude all use including independent development, trade secrets do not — is precisely why the hybrid strategy described below matters: each instrument must be matched to the threat vector it actually addresses.
Trade Secret vs. Patent for Software Algorithms: Full Decision Matrix
| Factor | Patent | Trade Secret |
|---|---|---|
| Protection Duration | 20 years from filing date | Indefinite (as long as secrecy is maintained) |
| Registration Cost | $15k–$30k+ in prosecution costs, rising annually | No registration fee; cost is operational security overhead |
| Disclosure Required | Yes, permanently public after grant | No; the protected asset remains private |
| Reverse Engineering | Excludes all use of the claimed method, including by independent development | Lawful reverse engineering is not misappropriation; this is the primary limitation |
| Infringement Detectability | Very difficult for private server training processes | More tractable: access logs, API abuse patterns, and exit records generate forensic evidence |
| Section 101 Risk | High for AI training method claims under current Federal Circuit precedent | Not applicable; eligibility doctrine does not affect trade secret status |
| Best-Fit Asset Type | Visible UI workflows, interaction methods, client-side features competitors can observe in the deployed product | Model weights, hyperparameter configurations, training data pipelines, backend ranking algorithms |
Patent filing fees are rising alongside the legal complexity of AI prosecution. For a full cost comparison across US and UK jurisdictions, see US vs UK Software Patent Cost: Which is Cheaper for Startups?
Model Extraction Attacks: The Threat That Bypasses Both Legal Frameworks
Beyond the internal threat of employee misappropriation, AI companies face a technically sophisticated external attack that neither patents nor basic trade secret management anticipated. A model extraction attack does not require accessing your servers, your training data, or your weight files. It targets the API interface you have made public.
How a Model Extraction Attack Works
An attacker sends thousands of strategically crafted inputs to your public API, records the model’s outputs, and uses those input-output pairs as training data to build a “student model” that approximates the behavior of your “teacher model.” The attacker never accesses your weight files. The stolen asset is the model’s learned intelligence, reconstructed from observable outputs. This technique is well-documented in the machine learning research literature, meaning attackers have established methodological playbooks for executing it at scale.
The legal status of model extraction under the DTSA is not yet fully resolved in federal case law. The first significant test is currently pending: OpenEvidence v. Pathway Medical Inc. (Case No. 1:25-cv-10471, D. Mass.) asks whether hidden AI system prompts qualify as DTSA trade secrets and whether systematic API manipulation to extract protected model behavior constitutes misappropriation through “improper means” under § 1839(6). No precedential ruling has emerged as of this publication.
The pre-litigation implication is clear regardless of how that case resolves: if your Terms of Service do not explicitly classify model outputs and inference behavior as confidential trade secrets, and if you have not implemented rate-limiting and query monitoring as documented technical safeguards, a court evaluating a subsequent DTSA claim will have grounds to question whether you took reasonable measures to protect the information you claim was stolen.

What the DTSA Provides Against Extraction: Remedies and Procedural Requirements
Under 18 U.S.C. § 1836, the DTSA provides a federal civil cause of action for misappropriation of trade secrets. Available remedies include injunctive relief, compensatory damages for actual loss and unjust enrichment, exemplary damages up to twice the compensatory amount for willful and malicious misappropriation, and attorney’s fees in cases of bad faith.
Two procedural requirements attach to any viable DTSA claim that AI founders should address before a dispute arises, not after. First, trade secrets must be identified with sufficient particularity. The Fourth Circuit’s decision in Sysco Mach. Corp. v. DCS USA Corp., 143 F.4th 222 (4th Cir. July 9, 2025), held that DTSA plaintiffs must identify alleged trade secrets at the pleading stage to survive a motion to dismiss. For AI companies, this means maintaining a documented asset register that specifically identifies model weights, inference parameter configurations, training data pipelines, and evaluation benchmark data as distinct protected trade secrets — before any dispute arises, not retroactively when litigation becomes imminent.
Second, damages must be tied to the specific trade secrets proven to have been misappropriated. The Fifth Circuit’s January 2026 decision in Trinseo Europe GmbH v. Kellogg Brown & Root, LLC reinforced this apportionment requirement: when a plaintiff alleges multiple trade secrets and prevails on a subset, damages must be calculated per proven secret, not applied globally. For AI companies maintaining complex multi-component IP portfolios, building a legally binding ai model weights trade secret case requires documenting the independent economic value of each asset category separately.
Technical Protection Measures: How Security Controls Satisfy the DTSA’s Reasonable Measures Standard
Courts do not apply a fixed checklist when evaluating “reasonable measures” under the DTSA. They assess the totality of the owner’s protective measures against the nature and value of the secret. What follows are the technical controls that constitute the current baseline recognized in trade secret litigation for AI model assets. Each control serves a dual function: it protects the asset operationally and generates the documentary evidence needed to demonstrate secrecy in court.
1. Encrypt Model Weights at Rest and in Transit
Model weight files must never reside unencrypted on developer workstations, shared storage, or cloud instances accessible with standard credentials. AES-256 encryption at rest and TLS 1.3 in transit are the current baseline configurations recognized as security-competent in trade secret litigation. Beyond basic encryption, cryptographic weight protection techniques bind decryption to a hardware security module or cloud-based license server, ensuring that a stolen encrypted weight file cannot be loaded without the corresponding hardware key or authenticated license call.
The following AWS IAM policy structure demonstrates a documented access control architecture that satisfies the reasonable measures standard by restricting direct weight file access to the lead ML scientist role and denying it to all other principals:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "DenyModelWeightsReadExceptLeadScientist",
"Effect": "Deny",
"NotPrincipal": {
"AWS": "arn:aws:iam::ACCOUNT_ID:role/LeadMLScientistRole"
},
"Action": [
"s3:GetObject",
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::company-model-weights-prod",
"arn:aws:s3:::company-model-weights-prod/*"
]
}
]
}
This policy creates an explicit Deny that overrides any Allow statement elsewhere in the account, meaning even an administrator cannot read the weights bucket unless they assume the LeadMLScientistRole. The policy JSON itself, versioned in your infrastructure-as-code repository with a commit history, constitutes documentary evidence of the access control architecture that a court will examine when evaluating reasonable measures.
2. Implement RBAC and Immutable Audit Logs That Can Be Produced in Court
Role-Based Access Control (RBAC) limits which employees can interact with raw model assets. The lead AI scientist or ML platform team requires access to weight files for fine-tuning, evaluation, and deployment. Junior developers, contractors, and API consumers operate exclusively through frozen model endpoints with no direct file system access. The RBAC policy must be operationally enforced, not merely documented in a policy document — a court examining reasonable measures will look for evidence that access was actually restricted in practice, not just stated in an employee handbook.
Immutable audit logs document who accessed the model environment and when. AWS CloudTrail with log file validation, Azure Monitor with tamper-evident log retention, and equivalent services produce records that cannot be altered after creation. Without these logs, a DTSA claim lacks the documentary foundation to demonstrate that access controls were operational at the time of the alleged misappropriation. Logs should be retained for the duration of any applicable statute of limitations — under the DTSA, three years from the date the misappropriation is discovered or should have been discovered.
3. Use Clean Room Implementation to Create Documentary Evidence of Independent Development
Clean room implementation is a defensive technique used when a company needs to prove that its code or model design was developed independently, without access to a competitor’s protected information. The process divides the development team into two isolated groups: a specification team that analyzes the competitor’s publicly available product and writes a functional specification, and an implementation team that operates in an environment with zero access to the competitor’s proprietary materials and writes code based exclusively on that specification.
The architectural separation creates a contemporaneous documentary record of independent development. If a competitor subsequently claims misappropriation, the clean room process documentation systematically rebuts the allegation by demonstrating that the implementation team had no access to the protected information at the time of development. This documentation is most valuable when created during development — retroactive clean room claims carry significantly less weight in litigation.
Ensuring clear ownership of AI-generated code raises overlapping legal questions addressed in our guide on Agentic AI & IP Laws: Who Owns the Code Your Agent Writes?
Legal Framework: Contracts and Protocols That Address the Human Misappropriation Vector
Technical controls protect against external threats and API-based extraction. The more common source of AI trade secret misappropriation in practice is internal: employees and contractors with legitimate access to protected assets who take that access with them when they leave. According to Foley Hoag’s May 2026 analysis of the DTSA’s first decade, nearly two-thirds of trade secret cases involve departing employees. A complete protection program addresses the human element through three contractual instruments.
1. Draft AI-Specific NDAs That Name the Protected Assets Precisely
Generic NDAs referencing “confidential information” broadly are insufficient for AI trade secret protection. An AI-specific NDA must explicitly enumerate the protected categories: neural network weights, training data pipelines, fine-tuning datasets, inference parameter configurations, hyperparameter search results, and evaluation benchmark data that has not been published. Generic language does not establish that the employee was on notice that these specific asset categories were trade secrets — a threshold requirement under the DTSA’s reasonable measures standard.
These agreements must be signed before employment begins and before access is granted. A court examining the timeline of employment will want to see that the confidentiality obligation was established before the employee had access to the protected assets. Exit NDAs are useful to reinforce continuing obligations but cannot substitute for a pre-access agreement, because they do not establish notice at the moment access was granted.
2. Secure Invention Assignment Agreements Before Any Work Begins
Every weight checkpoint, every training pipeline modification, and every evaluation result must unambiguously belong to the company from the moment it is created. An invention assignment agreement (IAA) establishes that all inventions created by an employee within the scope of their employment are assigned to the employer. Without a signed IAA, a co-founder or lead AI engineer who leaves can credibly claim ownership of model components they personally designed, particularly where their employment contract did not address IP ownership explicitly. This risk is acute for AI companies where core IP was often developed by a small founding technical team before formal employment agreements were in place.
3. Execute a Structured Exit Protocol on the Day an AI Engineer Departs
When an AI engineer with access to protected model assets leaves the company, the following actions must occur on the same business day as the departure notice or termination. Sequential revocation creates a window during which assets can be exfiltrated; simultaneous revocation closes it.
- Revoke access to all source control systems, model registries, and cloud environments simultaneously.
- Initiate remote device wipe on all corporate-issued hardware, including development machines and portable storage devices provisioned under company policy.
- Conduct a documented exit interview covering continuing obligations under the DTSA, the expectation that proprietary model files and weight checkpoints are not retained on personal devices, and an explicit reminder about the NDA signed at the start of employment. Document the date and acknowledgment in writing.
4. Evaluate IP Litigation Insurance Before You Need It
Pursuing a DTSA misappropriation claim through federal litigation is expensive regardless of the merits. Legal fees in trade secret cases routinely exceed $500,000 before reaching trial, and complex AI trade secret cases with expert witnesses analyzing model architecture can run substantially higher. The Lex Machina 2026 Trade Secret Litigation Report identifies trade secret cases as among the most expensive commercial litigations by average legal cost per case. IP litigation insurance covers fees for both offensive claims and defensive claims. Evaluate coverage before litigation becomes imminent — insurers will scrutinize your existing protective measures during underwriting, and a documented security architecture strengthens the underwriting position.
Strategic Decision Matrix: Which AI Assets to Patent and Which to Protect as Trade Secrets
A balanced AI IP strategy uses both instruments, allocated to the asset class each protects most effectively. Assets visible in the product interface are patentable and produce detectable infringement. Assets embedded in private training infrastructure are protected more durably through trade secret management. The framework below reflects this allocation.
Implementing Defense in Depth: The Three-Layer AI IP Strategy
The choice between patents and trade secrets for AI assets is not binary. Each instrument protects a different category of asset against a different threat vector. A complete AI IP program layers all three protection mechanisms and allocates each to the asset class it protects most effectively.
Layer 1: Patent the interface. Protect user-facing workflows and interaction designs that competitors can observe and replicate from the deployed product. Infringement of these patents is detectable through product analysis and enforced through a legal exclusion right that does not require proving server-side conduct.
Layer 2: Protect the intelligence through trade secret management. Lock down model weights with documented cryptographic controls, strict RBAC, immutable audit logs, and API monitoring that satisfies the DTSA’s secrecy requirements. The technical architecture generates the forensic evidence needed for a viable misappropriation claim if a violation occurs.
Layer 3: Enforce through contract. AI-specific NDAs, invention assignment agreements, and structured exit protocols address the human misappropriation vector. Contracts establish notice and obligation before access is granted; the DTSA provides the federal enforcement framework that makes violation consequential.
AI model protection is a security problem first and a legal problem second. The legal framework — the DTSA, state trade secret statutes, and patent law — provides remedies after a violation occurs. Technical controls and contractual protections prevent violations or create the conditions under which violations are detectable and legally actionable. These two layers reinforce each other: technical measures satisfy the secrecy requirement, and contractual protections ensure the human vector is managed before an employee with access to protected assets departs.
Podcast
Note: This audio is a condensed summary. Please refer to the written text for precise legal definitions and strategic boundaries.
FAQs
What is better: trade secrets or patents for AI in 2026?
Trade secrets are generally the stronger protection for AI model weights and internal training algorithms because they avoid the public disclosure requirement, attach immediately upon implementation of security measures, and cannot be invalidated under Section 101 eligibility doctrine. Patents are the better choice for visible, user-facing product features where infringement is observable and enforceable. The optimal strategy allocates each instrument to the asset class it protects most effectively.
How does the Defend Trade Secrets Act (DTSA) help AI companies?
The DTSA (18 U.S.C. § 1836) provides a federal civil cause of action for trade secret misappropriation. Remedies include injunctive relief, compensatory damages, exemplary damages up to twice the compensatory amount for willful misappropriation, and attorney’s fees. To maintain a viable claim, the owner must have taken reasonable measures to maintain secrecy under § 1839(3) and must identify the specific trade secrets alleged to have been misappropriated with sufficient particularity, per the Fourth Circuit’s 2025 decision in Sysco Mach. Corp. v. DCS USA Corp., 143 F.4th 222.
Can I patent my AI model weights?
Practically, no. Weights are numerical parameters — mathematical data — which are difficult to patent under current USPTO rules. AI training algorithms face elevated Section 101 rejection risk under the Alice/Mayo framework. The Federal Circuit’s 2025 decision in Recentive Analytics v. Fox Corp. held that applying generic machine learning to new data environments, without a concrete technical improvement to the model itself, is patent ineligible. A petition for certiorari to the Supreme Court (No. 25-505) is pending as of this publication.
Why is clean room implementation important for AI code?
Clean room implementation creates a contemporaneous documentary record demonstrating that your development team had no access to a competitor’s protected materials. One team analyzes the competitor’s public product and writes a specification; a completely isolated second team writes the code from that specification alone. This documented separation systematically rebuts subsequent misappropriation claims. The documentation is most credible when created at the time of development, not retroactively.
Is encryption legally required for trade secret protection?
Encryption is not a statutory requirement, but it is strong evidence of reasonable measures under 18 U.S.C. § 1839(3). Courts assess the totality of protective measures against the nature and value of the secret. A company that stores model weight files unencrypted on developer workstations has materially weakened its DTSA position. AES-256 at rest and TLS 1.3 in transit are the current baseline; binding decryption to a hardware security module adds an additional layer supporting the reasonable measures defense.
Should startups get IP litigation insurance?
Yes, and the decision should be made before litigation is anticipated. Trade secret cases are among the most expensive commercial litigations by average legal cost per case. IP litigation insurance covers fees for both offensive claims and defensive claims. Insurers review your protective measures during underwriting; implementing RBAC, encryption, and AI-specific NDAs before applying creates a stronger underwriting profile.
Sources and Legal References
The legal standards, case law outcomes, and patent eligibility rules discussed in this analysis are drawn from federal statutes, official court records, and official USPTO guidance:
-
Defend Trade Secrets Act of 2016 — 18 U.S.C. § 1836
The federal statute establishing the civil cause of action for trade secret misappropriation, the “reasonable measures” requirement under § 1839(3), the definition of “improper means” under § 1839(6), and available remedies including injunctive relief, compensatory damages, and exemplary damages up to twice the compensatory amount for willful and malicious misappropriation.
18 U.S.C. § 1836 — Cornell Law LII -
Recentive Analytics, Inc. v. Fox Corp., 134 F.4th 1205 (Fed. Cir. Apr. 18, 2025)
The Federal Circuit’s precedential decision holding that applying generic machine learning techniques to new data environments, without a concrete technical improvement to the model itself, does not produce patent-eligible subject matter under § 101. Resolved a question of first impression on ML patent eligibility.
Official Federal Circuit Opinion (PDF) -
USPTO MPEP § 2106 — Patent Subject Matter Eligibility
The Manual of Patent Examining Procedure section governing patent eligibility analysis under § 101, incorporating the Alice/Mayo two-step framework and the August 2025 examiner memorandum reaffirming eligibility standards for AI and machine learning inventions.
MPEP § 2106 — USPTO.gov -
Sysco Mach. Corp. v. DCS USA Corp., 143 F.4th 222 (4th Cir. July 9, 2025)
Fourth Circuit decision establishing that DTSA plaintiffs must identify alleged trade secrets with sufficient particularity at the pleading stage to survive a motion to dismiss. Directly relevant to AI companies: trade secret asset registers must be specific, documented, and pre-existing before any dispute arises.
DTSA Turns Ten (2016–2026) — Foley Hoag LLP -
OpenEvidence v. Pathway Medical Inc., Case No. 1:25-cv-10471 (D. Mass., filed February 2025)
The first significant federal test of whether AI system prompts qualify as DTSA trade secrets and whether prompt injection attacks constitute misappropriation through “improper means” under § 1839(6). Pending as of this publication.
2025 AI and Trade Secret Law Retrospective — Houston Harbaugh -
Lex Machina 2026 Trade Secret Litigation Report (LexisNexis 2026)
The annual empirical litigation report identifying trade secret case volume and aggregate litigation cost data. Referenced for legal cost data cited in the IP litigation insurance section.
Trade Secrets Year in Review 2025 — Greenberg Traurig (citing Lex Machina 2026)
Disclaimer & Legal Notice
This article reflects the author’s perspective evaluating intellectual property frameworks and cryptographic protection protocols from a strategic and technical standpoint. It is intended strictly for informational purposes and does not constitute formal legal advisory services. It is not a substitute for the advice of a qualified, licensed patent or corporate attorney. Trade secret precedents and compliance parameters change frequently. Always consult certified legal counsel before structuring proprietary asset protections or initiating litigation.



1 comment