Imagine spending years compiling proprietary analyses of an asset’s untapped potential – reserve data, operational cost savings, strategic development plans – only to discover that the very firm you shared this information with passed it to a portfolio company that used it to outbid you. This scenario is not hypothetical. It reflects a recurring pattern in which confidential information entrusted to private equity (PE) firms or board members migrates to affiliated entities, short-circuiting the competitive advantages that took years to build. When organizations share confidential information with board members or across portfolio company structures, they risk undermining the very secrecy that legally protects their intellectual assets.

The reasonable secrecy standard

Under the U.S. Defend Trade Secrets Act and the state-level Uniform Trade Secrets Act, information qualifies for trade secret protection only if the owner takes reasonable measures to keep it secret. Courts examine the totality of the circumstances, including who has access, what confidentiality agreements are in place, and how information is secured. Think of trade secret protection as a vessel holding water: Each additional person with access is another potential leak, and enough small leaks can eventually drain the vessel entirely. When trade secrets are shared too broadly or without adequate safeguards, companies risk forfeiting the very protection they seek to preserve.

Risks in board communications

Board members occupy a unique position requiring access to sensitive company information to fulfill their fiduciary duties – yet therein lies a fundamental tension. Withhold too much, and directors cannot provide meaningful oversight; share too freely, and the company may inadvertently surrender its legal protections. The risk intensifies when a single individual wears multiple hats – serving as the founder of a PE firm, the manager of its investment fund, and a board member of one of its portfolio companies. In such structures, confidential information shared during a board presentation or investment pitch can travel directly to an affiliated entity pursuing the same opportunity. Courts have found against companies in cases where trade secrets were shared with directors without corresponding confidentiality measures, treating such disclosure as evidence that the owner did not genuinely value secrecy.

Board materials are frequently distributed electronically and may be retained on personal devices or cloud storage outside the company’s control. Meeting minutes and presentations become permanent records that can be subpoenaed in litigation, potentially exposing trade secrets to adversaries. Without robust protocols for handling and destroying sensitive materials, companies expose themselves to significant risk.

Portfolio company complications

PE and venture capital structures present a paradox. The very synergies that make portfolio investments attractive – shared expertise, operational playbooks, cross-pollinated talent – simultaneously threaten the confidentiality that protects each company’s crown jewels. Parent companies and investors naturally seek to replicate success across their holdings, but each transfer of proprietary methodology expands the universe of individuals with access and multiplies potential leakage points. The danger is particularly acute when a portfolio company is pursuing the same transaction or market opportunity as the entity that originally shared its confidential information. Proprietary research, reserve analyses, cost-reduction strategies, and development plans can be weaponized by a competitor that receives them through affiliated channels, enabling it to structure a competing bid without investing years of independent study.

Portfolio companies may share common service providers, consultants, or even management personnel who rotate between entities. Each additional touchpoint represents an opportunity for inadvertent disclosure and a potential argument that the information was not treated as confidential.

Mitigation strategies

Companies can protect their trade secrets while engaging in necessary information sharing by implementing key safeguards. First, all recipients of trade secret information should execute fully signed confidentiality agreements that specifically identify the categories of protected information and impose clear obligations regarding use and disclosure. A non-disclosure agreement (NDA) that is sent but never countersigned by the receiving party creates a dangerous gap – companies should never disclose sensitive information until the agreement is fully executed by all parties.

Second, companies should limit the scope of shared information to what is genuinely necessary, employing need-to-know principles even at the board level. Where overlapping interests exist between portfolio companies, formal information barriers should prevent confidential data from migrating across affiliated entities.

Third, organizations should implement technical controls such as secure document portals, access logging, and automatic expiration of sensitive materials.

Fourth, companies should maintain contemporaneous documentation of their secrecy efforts, as this evidence proves invaluable in any subsequent litigation.

Companies must also anticipate emerging threats. Remote work has scattered sensitive materials across home networks and personal devices, while board members increasingly use AI-powered tools to analyze documents – tools that may retain or learn from confidential inputs. Forward-thinking organizations are already adapting their protocols to address these evolving risks.

Conclusion

Trade secrets, once lost, cannot be recaptured. Unlike patents or copyrights, their value depends entirely on maintained confidentiality – a single careless disclosure can permanently extinguish protection that took years to build. The question for companies is not whether to share sensitive information with boards and across portfolios, but how to do so without sawing off the branch they sit on. Those who treat this challenge as a compliance checkbox will likely learn its importance through painful litigation; those who approach it thoughtfully will preserve both effective governance and the competitive moats that define their value.