Back to Blog
Minute Read

Navigating the FTC’s Non-Compete Ban: A Guide for Information Security Teams

Abhi Puranam

On April 23, 2024, the Federal Trade Commission (FTC) issued a ruling that banned the use and enforcement of non-compete agreements across the United States. With this ruling, enterprises that relied on these agreements to help preserve their competitive advantage must adapt their strategy for protecting proprietary information when an employee departs. Read on for a breakdown of the ruling, what strategies remain open for dealing with this risk, and how security teams can help their organization adapt.

In this article

What are non-competes and what was the FTC’s ruling?

A non-compete agreement is a contract between an employer and an employee that restricts the employee from engaging in business activities that compete with the employer’s business for a specified period after the employment relationship ends. These agreements are designed to protect the employer’s business interests, including trade secrets, confidential information, and customer relationships. The legality and enforceability of these kinds of agreements has been a question in law for centuries – dating back to English court precedents as far back as 1414.

While appeals to the new rules are on-going, the FTC narrowly passed a ban on non-compete agreements by a margin of 3-2 with an effective date of September 4, 2024. This ban prohibits companies from using non-compete agreements and voids nearly all existing non-competes. It also requires the notification of all employees that were previously covered by a non-compete agreement.

The only exceptions the FTC allowed in this ruling include the following:

  1. Industry exceptions - Banks, savings and loan institutions, credit unions, common carriers, air carriers, and companies subject to the Packers and Stockyards Act are exempt.
  2. Existing agreements for senior executives - While new non-competes will not be allowed, existing agreements with senior executives will be enforceable.
  3. Associated with business sale - Non-competes associated with the purchase of a business are still allowed and enforceable.

What can companies do to protect themselves and their trade secrets?

Non-disclosure agreements

Non-disclosure agreements are not impacted by the ban, unless they are defined too broadly such that they prevent an employee from accepting other work or starting a business.

Non-solicitation agreements

Non-solicitation agreements are also still allowed to prevent the recruitment of your workforce and solicitation of your customers. Again, these agreements must not be crafted so broadly that they prevent someone from accepting other work or starting a business

Legal action under trade secret laws

The FTC’s ruling explicitly mentions existing trade secret law as providing adequate protection of proprietary information for companies in the absence of non-competes. Specifically, both the Uniform Trade Secret Act, adopted by 47 states and D.C. at the state level, and the Defend Trade Secrets Act of 2016 at the national level provide companies with the ability to seek injunctive relief as well as monetary and punitive damages. 

The ruling also mentions the “inevitable disclosure” doctrine, which allows a court to prevent an employee from working at a competitor where there is a substantial risk that the worker will use the employer’s trade secrets in the worker’s new position.  Most famously this doctrine was used to prevent a former PepsiCo executive from joining the Quaker Oats Company for 6 months. There is currently no judicial consensus in the United States on this doctrine, with certain jurisdictions upholding it and others striking it down. We can expect more tests of this doctrine in the coming years if the ban on non-competes goes into effect.

In the cases where this doctrine was utilized, the courts required the following to intervene:

  • That the former employer took proper efforts to safeguard the trade secrets.
  • Whether the employee accessed the specific confidential information or trade secrets in question
  • That the employee's new employment will harm the former employer, due to the firms being in competition
  • That it is impossible for the former employee to perform their new job without:
    • Relying on knowledge of the former employer's trade secrets; or
    • Disclosing trade secrets to the new employer.

{{ promo }}

How should information security teams adapt in the wake of this ruling?

Connect with Legal, HR, and other business counterparts to understand how your organization is adapting

If non-competes were part of your company’s strategy, your company should already be developing their strategy for adapting to this ruling. Connect with your counterparts on the business, legal, and HR teams to understand how non-competes were being used and how your strategy should evolve

Implement and document monitoring and controls around sensitive data access and movement

By monitoring and controlling how data is accessed and moved, your information security team can reduce the risk associated with an employee departing to a competitor and taking proprietary information with them – a scenario that will probably happen more often without non-competes in place. Proper documentation of these controls will also help support any legal action your company may take to seek injunctive relief for a former employee moving to a competitor.

Additionally, the ability to audit in detail what sensitive data an employee may have accessed can also support legal action your company takes to prevent a former employee from joining a competitor and can also aid in the creation of properly targeted non-disclosure agreements your company may choose to deploy.

Be sure to check out Cyberhaven Data Detection and Response to learn more about how we help customers protect their data from insider risks.

Talk to us
Learn more about how Cyberhaven can help protect your data
Request demo
Learn the 15 top data detection and response use cases
Download now