Guarding Trade Secrets: What Rippling v. Deel Teaches HR And Legal Leaders

Unpacking the do’s and don’ts of trade secret protection in the digital age

Corporate espionage. A sting operation. An international CEO who disappears before someone serves him. This may sound like the plot of a James Bond movie, but these are actual allegations from the unfolding legal saga between human resources (HR) software provider Rippling and its competitor, Deel Inc. For HR leaders and corporate stakeholders following the story, there are lessons to be learned. Below are key takeaways regarding protecting confidential corporate information in the workplace.

Deel’s Alleged Misconduct

On March 17, 2025, Rippling filed a complaint in California federal court against Deel Inc., alleging that its Global Payroll Compliance Manager was serving as a “spy” to its direct competitor, Deel. According to the filing, the employee wrongfully used his access to Rippling’s internal systems, including Slack and Salesforce, to repeatedly search for internal mentions of Deel, sharing highly confidential and proprietary information and trade secrets with the competitor. At this time, Deel has denied all allegations and has stated its intention to assert counterclaims.

 

Trade Secret Security Measures

Regardless of whether these allegations are factual, this dispute is a great case study on the company's measures to protect its trade secrets, demonstrating both standard courses of action and surprising extremes. 

Rippling’s complaint identifies that it had several standard security measures to protect its proprietary information when the spying allegedly occurred. The company required employees to sign a detailed non-disclosure agreement, employee handbook, and code of conduct detailing the restrictive use of confidential information. Rippling also utilized password protection and authentication software to protect access levels. In addition, the company maintained detailed logs of employee activities within its internal servers, an extremely wise practice as these activities have now been compiled (via screenshots and graphs) to provide the courts with direct evidence of the alleged corporate espionage. The availability of this data demonstrates the high level of detail that a modern HR company like Rippling has at its fingertips when investigating employee activity within its systems.

The measures taken by Rippling to catch the corporate spy are more unusual, with the company acknowledging it used a sting-like operation known as a “honeypot” trap. To spring the trap, Rippling claims that it created a new, unused Slack channel on its systems and later referenced the Slack channel by name in a letter privately sent to Deel’s senior leadership by Rippling’s General Counsel. Subsequently, within hours of sending the letter, the alleged spy within Rippling’s ranks searched Rippling’s Slack software for this same channel by name, which Rippling provides as proof of the misconduct. 

It is not every day that a company goes to such extremes. Rippling even claims that when a court-appointed solicitor confronted this alleged spy, the employee locked himself in a bathroom to hide from the solicitor and fled the premises. The events sound more like an action film than a typical workday occurrence. Still, they showcase the value of proprietary information and how a company’s systems and security measures can help combat such theft.

Legal Challenges in Trade Secret Enforcement

The allegations against Deel have undoubtedly raised concerns regarding the vulnerability of trade secrets across all industries. Corporate espionage is not an everyday occurrence; therefore, standard protective measures are usually sufficient - they certainly helped in this case. However, protective measures should always be taken thoughtfully and in consultation with experienced legal counsel to ensure effectiveness and enforceability.  

Nearly every state has adopted the Uniform Trade Secrets Act (UTSA) in some fashion, which determines the degree to which a company possesses trade secrets. The USTA requires businesses to make reasonable efforts to ensure that their trade secrets are not disclosed to third parties. If the company fails to do so, the information may no longer be legally recognized as a trade secret, resulting in the loss of the company’s legal rights to own and protect that information. 

These “reasonable efforts,” as demonstrated by Rippling, include requiring employees to sign a contract, such as a Confidentiality Agreement, an Invention Assignment Agreement, and/or a Non-disclosure Agreement, that clearly defines the company’s trade secret information and prohibits disclosure without explicit authorization. Employees may also be asked to formally acknowledge employer policies, such as a code of conduct and prohibition on conflict of interest, which are often found in an employee handbook. As an additional step, employers may also be required to use authentication software to limit access to confidential information and monitoring software to scan for unusual activity, as allegedly seen in the Rippling case. 

While these measures may appear straightforward, employee-initiated lawsuits and evolving legislation, such as the Federal Trade Commission or FTC’s 2024 rule banning non-compete agreements (which now has an uncertain fate due to a challenge in federal court), continue to present legal challenges for businesses. For example, California prohibits employees from entering into non-competes or non-solicitation provisions, barring minimal exceptions. In 2024, all preexisting agreements with such prohibited provisions were voided, and employers were required to notify employees of such (See, e.g., Cal Bus & Prof Code Section 16600, 16600.1, and 16600.5). The state has also created a civil right of action allowing employees to sue employers who attempt to enforce an invalid non-compete agreement. To get around this, employers may incorporate excessively restrictive confidentiality provisions into employment agreements. However, they must exercise caution in doing so, as clauses construed to “operate as a de facto non-compete provision” are legally unenforceable if they bar the employee from continuing to work in their chosen profession.

Walking the tightrope between protecting your business’s trade secrets as required by the UTSA while simultaneously complying with state and federal employment laws is challenging for any business. Determining the right approach requires careful consideration of a company’s needs and risk tolerance, as well as consultation with knowledgeable counsel. Headline-making cases like Rippling v. Deel, Inc., where corporate leaders can witness these issues play out in extremes, present an excellent opportunity for leadership to evaluate their current strategies and readiness to protect and defend the proprietary interests that businesses rely on.

	Kelly M. Raney is a Partner at Greenberg Glusker LLP.
	James W. Hill is a Partner at Greenberg Glusker LLP.