As companies race to integrate artificial intelligence (AI) into their operations, an urgent question arises: How do you protect the value created by AI innovation?
While patents remain a cornerstone of traditional intellectual property (IP) portfolios, AI presents novel challenges that often make patent protection challenging or even unavailable. For many, trade secret designations are becoming the preferred strategy, as they are particularly well-suited for protecting AI-driven innovation. However, businesses should be intentional in the deployment of trade secrets and pay careful attention to what emerging case law suggests about the associated risks and opportunities.
How Traditional Patent Strategies Often Fall Short
To obtain a patent, an invention must involve patent-eligible subject matter. Under the U.S. Supreme Court’s decision in Alice Corp. v. CLS Bank International and as recently clarified by the U.S. Court of Appeals for the Federal Circuit in Recentive Analytics, Inc. v. Fox Corp., claims that merely apply generic machine learning or AI techniques to a new field or data environment without disclosing a specific improvement to the machine learning model or underlying technology, are generally not patent-eligible. Simply citing the use of machine learning or AI in a particular context alone is typically viewed as an abstract idea. To meet the threshold for patent eligibility, AI-related claims must describe a specific, inventive application or a technological improvement to how the AI or machine learning itself operates rather than just using AI as a tool for automating known processes.
The rapid pace of AI development compounds these issues. The patent process typically takes several years from application to grant, during which time the underlying technology may have already evolved or become obsolete. While patent protection lasts for 20 years from the filing date, the speed of innovation in AI means that the commercial value of a patent may diminish long before its term expires, raising questions about the cost-effectiveness of pursuing patent protection for many AI advancements.
Moreover, the most valuable aspects of AI systems, such as training data, model architectures, source code and propriety methodologies, are often better suited to trade secret protection. Raw data and confidential processes are generally not eligible for patenting, and the requirement to publicly disclose an invention as part of the patent process can undermine a company’s ability to keep these assets secret. As a result, many organizations opt to maintain the confidentiality of their AI-related data and methods, leveraging trade secret law to safeguard their competitive advantage.
A Strategic and Flexible Framework for AI Protection
Unlike patents, trade secrets do not require public disclosure. If you can keep valuable information confidential—and take reasonable steps to do so—you can protect it indefinitely. For fast-moving and opaque technologies like AI, that flexibility can be invaluable.
From a legal standpoint, the definition of a trade secret is broad. Things that may qualify include: training data, model architecture, source code, tuning methods, the “system prompt” in large language models or other foundational instructions embedded into an AI system, user interaction data, and even knowledge of what does not work (so-called “negative know-how”).
There are three conditions for trade secret protection: the information is not generally known; it derives independent economic value from being secret; and the business takes reasonable measures to maintain its secrecy. When these three conditions arise, trade secret protection is automatically extended. The reasonable measures prong is where many businesses struggle and, in the context of AI, the bar for reasonableness is rapidly evolving.
However, trade secret protection is not without risk. If your information becomes public, whether through a leak, reverse engineering or inadvertent disclosure, you lose your rights. There is also no federal registry to stake your claim in advance, and enforcement often requires proof of reasonable efforts to protect the information.
But for AI, where the pace of innovation can outstrip the patent process and where secrecy is often feasible, trade secrets designation offers a compelling path.
Trade Secrets Under Attack in Litigation
A recent lawsuit filed in the District of Massachusetts, OpenEvidence, Inc. v. Pathway Medical, Inc., illustrates how the legal and technical risks of AI-related trade secret loss are not hypothetical and that companies must act aggressively to protect them.
OpenEvidence, a billion-dollar AI healthcare startup, alleges that competitor Pathway Medical Inc. engaged in a month-long scheme to extract confidential model architecture and system prompt data from OpenEvidence’s AI platform. Pathway allegedly used “prompt injection” attacks, an increasingly common method for exploiting large language models.
By disguising malicious inquiries as legitimate medical questions, Pathway allegedly tricked OpenEvidence’s platform into divulging portions of its system prompt, which is the instruction set that governs how the AI model interprets and responds to inputs. The complaint alleges that this system prompt constitutes a core trade secret akin to proprietary source code. According to OpenEvidence, Pathway’s efforts gave it an unfair shortcut to scaling a competing AI product.
OpenEvidence’s claim spans trade secret misappropriation under the federal Defend Trade Secrets Act (DTSA), violations of the Computer Fraud and Abuse Act (CFAA), breach of contract (via the platform’s Terms of Use), and unfair competition under Massachusetts law.
The case offers several timely lessons for businesses developing or deploying AI systems:
- Prompt injection is a real and growing threat. Trade secrets embedded in model instructions, prompts or system behavior may be vulnerable to clever adversarial inputs.
- Terms of use matter. OpenEvidence’s claim rests in part on a well-drafted user agreement prohibiting reverse engineering and unauthorized access. This reinforces the need for clear, enforceable platform rules.
- Secrecy must be actively maintained. To qualify for trade secret protection, companies must be able to show that they took reasonable measures to protect confidentiality. OpenEvidence has emphasized both technological safeguards and policy-level protections, for example, limiting access to its system prompt, monitoring suspicious activity and restricting public access.
While the litigation is still in its early stages and ongoing, the allegations alone underscore the fragility of AI-related secrets and the need for a multi-layered defense, including legal, contractual and technical controls. Companies investing in AI should treat model components—especially prompt engineering, fine-tuning strategies and training data selection—as protectable assets and be prepared to enforce those rights aggressively when needed.
6 Best Practices for AI Trade Secret Protection
If your business uses or develops AI, consider the following steps to secure your competitive advantage:
- Classify and segment AI assets. Break down your systems into components, for example, data sets, training methods, model weights and outputs, and assess what qualifies as protectable trade secrets.
- Limit access and track usage. Implement technical and procedural safeguards to restrict who can view, modify or export AI-related assets, and keep logs.
- Implement clear employee policies. Educate your workforce on confidentiality obligations and enforce non-disclosure agreements at onboarding and exit. AI development teams are high-risk targets for misappropriation.
- Vet your vendors. Ensure third-party tools or models do not expose your proprietary data. Review license terms and avoid feeding confidential data into publicly available systems.
- Draft and enforce terms of use. If your company deploys an AI tool to external users, your user agreements should prohibit reverse engineering, prompt injection or data scraping, and the organization should monitor for violations.
- Document human contributions. In case you do pursue patents, record the human inputs and design decisions behind AI-generated results. The law requires a natural person to be listed as an inventor.
AI is transforming how companies operate and how they think about IP protection. While patents still have an important role to play, trade secrets are often the more practical, powerful strategy for securing competitive advantage in the AI era.
However, trade secret protection is only as strong as the steps a company takes to enforce it. With AI’s complexity, opacity and rapid development cycles, now is the time to ensure your organization’s protocols are calibrated for this new landscape.