Earlier this year OpenAI made a big impact by opening ChatGPT to the public, which prompted Google to follow suit with their own AI application named Bard. Since then, the use of these applications has been growing and related risks are becoming more and more apparent. One of these risks relates to the protection of confidential information and trade secrets. In this second part of our three-part blog series on 'free' AI applications, you will read more about the relationship between the use of AI applications and the protection of trade secrets.

What is a trade secret?

Trade secrets consist of valuable know-how and business information which have not been made public and are meant to be kept confidential. Examples include commercial information, work processes, project plans, information about (potential) customers, and recipes. To protect this information, intellectual property law cannot be invoked in all cases. Reliance on the Dutch Trade Secrets Act (hereafter: Wbb)) may however be possible instead.

Why is this distinction essential? 

Certain information does not qualify for protection under intellectual property law or only to a limited extent, copyright being a good example. As we discussed in our previous blog on copyright, a work only enjoys copyright protection when it contains a certain extent of the creator's own creativity, among other criteria. When a technical innovation is involved, this can be protected through a patent. Trade secrets, on the other hand, are considered a residual category that, while enjoying protection, do not qualify as intellectual property rights.

Protection of a trade secret

The Wbb provides protection against the unlawful acquisition, use or disclosure of undisclosed know-how and trade secrets. This offers organisations and/or individuals a significant advantage, as the holder of a trade secret can act against an infringer through the courts. To qualify for protection, the trade secret must meet three criteria: 

  1. The information must be secret. 

  2. The information must have commercial value because it is secret. 

  3. The right holder must himself have taken reasonable measures to maintain the secrecy.  

An organisation may, for example, introduce a measure to register its trade secrets internally to restrict access to confidential information. Another example is the inclusion of confidentiality clauses in contracts or even the physical protection of secret information.

AI applications and confidentiality

With the entry of AI applications, things are getting a bit more exciting. The use of these applications and the protection of trade secrets do not exactly go together. Take ChatGPT, an application that summarises and refines texts and can even help inspire new ideas. There are many different occupations in which the use of AI applications can significantly benefit your work. However, it is important to stay attentive to what is used as input in ChatGPT. For example, for an employee under high pressure it may seem very tempting to use ChatGPT to quickly and easily summarise the minutes of a closed meeting. However, doing so has serious consequences.

By agreeing to the terms of use, users give ChatGPT the right to use the text (hereinafter: input) they have entered for other ChatGPT services. This does not include a confidentiality clause. Most likely, your organisation also did not enter into a separate agreement with OpenAI. Therefore, if someone within your organisation enters a trade secret as input into ChatGPT, this has major implications for its legal protection. As you might recall, one of the criteria to be able to protect a trade secret is its confidential nature. If a trade secret is shared with ChatGPT, it is no longer a secret. The information thus loses its protected status under the Wbb.

So how do you deal with that?

Previously, more general measures were discussed, such as entering into a confidentiality agreement or keeping and maintaining a register of proprietary trade secrets within closed circles. Application of these measures continues to be recommended. Regarding the use of AI applications, the risk lies mainly in the use of these applications by people within your organisation. It is therefore very important to take appropriate measures to this end. 

AI applications such as ChatGPT are very accessible, and more and more people are starting to use them. Since the launch of ChatGPT many organisations have taken mitigating measures, however not all of them reacted quickly enough. Take Samsung for instance, the company decided to ban the use of AI applications after discovering staff uploaded confidential code to the platform.

To prevent unintentional disclosure of your trade secrets, it is therefore very important to have awareness of these risks within your organisation. You can then consider targeted policies and, for example, training to raise awareness. KPMG Digital Law is happy to think along with you in this regard.

Want to learn more?

With our blogs and other publications, we aim to address relevant legal issues in a pragmatic way. We always do so from a regulatory, intellectual property and contractual perspective. If you would like to know more or have (other) questions, please feel free to contact us. If you would like more information about our team and our services, please also take a look at our website

Contact us

Cagla Tagi 
Senior Consultant, TechLaw
KPMG Netherlands

Anouk Atema 
Manager, TechLaw
KPMG Netherlands

Jasper Oomen
Consultant, TechLaw
KPMG Netherlands

We will keep you informed by email.
Enter your preferences here.