Trade Secret vs. Copyright: Which IP Protection Is Right for Your Business?

Every business has intellectual property. Very few businesses have a clear strategy for protecting it. When founders and legal teams start thinking seriously about IP, the first question they often get wrong is also the most fundamental one: which legal mechanism applies to what we have?

Copyright and trade secret are the two most widely applicable IP mechanisms for businesses that deal primarily in information, software, creative work, and know-how. They are governed by different laws, protect different things, require different maintenance, and carry different risk profiles. Understanding the distinction is not a legal luxury — it is operational necessity for any company building a durable competitive position.

This post explains what each mechanism protects, how they interact, and when a business needs both. It also explains the role of qualified cryptographic timestamping in securing both types of IP, and why that step is often the most practically important one regardless of which legal framework applies.

What Copyright Protects — and What It Does Not

Copyright protects original expression. Under the Berne Convention for the Protection of Literary and Artistic Works (Article 2), copyright subsists in literary and artistic works — a category that includes software code, written content, graphic design, music, film, and architecture. The protection arises automatically on creation and requires no registration in the 181 member states of the Berne Convention.

Copyright protects the specific expression of an idea, not the idea itself. This distinction — known as the idea-expression dichotomy — is foundational. A novel's plot is not copyrightable; the specific text is. An algorithm is not copyrightable as an algorithm; the source code implementing it may be. A product design concept is not copyrightable; a drawing or model of it may be.

The practical implications are significant. If your business value lives in a specific creative or technical output — a book, a piece of software, a dataset, a design system — copyright is likely to apply and to provide real protection. If your business value lives in how you do something, in a formula, a process, a customer list, or a method — copyright probably does not reach it, because none of those things are expression. They are information.

Copyright protection in Switzerland is governed by the Urheberrechtsgesetz (URG SR 231.1), which requires that a work reflect the individual character of its author. In the EU, the Court of Justice has established through its Infopaq and Painer line of cases that the threshold is the author's own intellectual creation. Both standards are relatively low — most professionally produced creative work meets them — but neither protects underlying information or methods.

What Trade Secret Protects — and What It Requires

Trade secret law protects information that derives economic value from not being generally known and that is the subject of reasonable efforts to maintain its secrecy. This definition, which appears in substance in the EU Trade Secrets Directive (2016/943/EU) and in Swiss unfair competition law (UWG SR 241), is deliberately broad. Almost any commercially valuable confidential information can qualify: customer lists, pricing models, manufacturing processes, algorithms, product roadmaps, supplier terms, employee compensation structures, and sales methodologies.

Unlike copyright, trade secret protection is not automatic in practice — it requires affirmative action. The requirement for reasonable steps to maintain secrecy is a condition of protection, not just a best practice. A company that allows unrestricted access to its pricing model, shares its customer database with contractors without NDAs, or publishes its algorithm in a publicly available repository has likely forfeited trade secret protection for those assets, even if it subjectively intended to keep them confidential.

The duration of trade secret protection is theoretically unlimited, but it is conditional. The moment the information becomes generally known or available through means other than misappropriation, the protection evaporates. There is no renewal, no registration, and no official grant of rights. The right exists only as long as the secret does.

The Key Differences in One Place

Copyright arises automatically, requires no maintenance, lasts for the life of the author plus 70 years in most jurisdictions, and protects specific expression. It is lost only if the work is not original or if the copyright holder does not enforce it within limitation periods.

Trade secret requires active maintenance of secrecy, lasts as long as the information remains confidential, and protects information and methods that copyright does not reach. It is lost the moment the information becomes public, regardless of how it became public.

Copyright is enforced by demonstrating infringement — that someone reproduced, distributed, or adapted your protected expression without permission. Trade secret is enforced by demonstrating misappropriation — that someone acquired, disclosed, or used your confidential information through improper means.

The remedies differ too. Copyright infringement typically gives rise to damages measured by lost profits or statutory damages, plus injunctive relief. Trade secret misappropriation can give rise to injunctions preventing use of the secret, disgorgement of profits derived from the misappropriation, and in egregious cases, punitive damages and criminal liability.

When You Need Both

The most common mistake in business IP strategy is choosing one mechanism when the facts call for both. Consider the following examples.

Software product companies: The source code is copyrightable — it is original expression. The algorithm the code implements, the system architecture, the training data used to build any embedded model, and the business logic are trade secrets — they are information that derives commercial value from secrecy. A company that protects only the code has left its algorithmic know-how unprotected. A company that relies only on trade secret has no claim if a competitor independently writes similar code without accessing the confidential version.

Architecture and design firms: A building design is copyrightable. The proprietary specification library, the cost estimation methodology, and the supplier network are trade secrets. Both need protection, and the two mechanisms complement rather than substitute for each other. For a detailed discussion of IP in architecture practice, see our post on architecture and BIM IP protection.

SaaS startups: The frontend code and documentation are copyrightable. The product roadmap, pricing model, enterprise customer list, and deployment playbook are trade secrets. During a fundraising process, both categories require active protection — copyright for the codebase, trade secret procedures for the confidential commercial data shared with investors under NDA. For more on this, see our Series A IP checklist.

The Chronology Problem — and Why Timestamping Solves It

Both copyright and trade secret disputes frequently come down to chronology. In copyright disputes, the question is priority: who created this first, and can they prove it? In trade secret disputes, the question is attribution: did the defendant have access to the confidential information before they created their version, or did they develop it independently?

The evidential challenge is the same in both cases: you need to establish that a specific piece of information or expression existed at a specific point in time and was attributed to a specific person or organisation. This is the problem that qualified cryptographic timestamping solves most cleanly.

A qualified electronic timestamp issued by a QTSP under eIDAS Regulation (EU) No 910/2014, Article 41, carries a statutory presumption of accuracy of the date and time it indicates and of the integrity of the data. Under ZertES (SR 943.03), qualified timestamps issued by Swisscom Trust Services carry a legal presumption of accuracy of the date and integrity of the data — and qualified electronic signatures carry the same legal effect as handwritten signatures under Swiss law. This means the timestamp is presumptively accurate unless an adversary rebuts it — which requires challenging a Swisscom-issued cryptographic record, a high bar.

For copyright: sealing each version of a work creates an unbroken record of when each version was created. If a competitor later produces a similar work and claims independent creation, the sealed version chain demonstrates the prior art timeline.

For trade secrets: sealing the confidential information (or a hash of it — the actual confidential data need not be disclosed in the seal, only its fingerprint) establishes that the information existed in its current form at a specific time. If a former employee or departing contractor later claims they developed similar information independently, the sealed record establishes when you had it first.

The act of sealing does not, by itself, constitute a trade secret protection measure — you still need NDAs, access controls, and confidentiality policies. But a sealed record is powerful supporting evidence that the information existed and that you treated it as confidential from a specific date.

Practical IP Protection Workflow for Businesses

A practical approach for most businesses involves four steps, applied consistently across all IP assets of commercial significance.

First, identify and categorise the IP. Which assets are protected by copyright (original expression)? Which are protected by trade secret law (valuable confidential information)? The same asset may fall in both categories — source code is both.

Second, timestamp everything at creation and at each significant version change. Upload the work — or a manifest that describes and hashes confidential information without disclosing it — to Swiss Trust Layer and initiate a seal. This takes seconds and creates a QTSP-issued timestamp record that carries the eIDAS and ZertES presumptions.

Third, maintain active secrecy measures for trade secrets. NDAs with all parties who have access. Access controls limiting exposure to need-to-know personnel. Clear labelling of confidential documents. Regular audits of who has access to what. The seal establishes chronology; the secrecy measures establish that you treated the information as confidential — both elements are required for trade secret protection.

Fourth, link the two systems. The sealed records should be stored alongside your IP register — the internal catalogue of what you own, when you created it, and who has access. When a dispute arises, this combination of sealed timestamp evidence and documented confidentiality measures is the starting position your legal team needs to act quickly.

For context on the regulatory frameworks that make these seals legally effective, see our pages on eIDAS, ZertES, and compliance. For more on proof of authorship methods, see our post Copyright Proof of Authorship: 5 Methods Courts Accept.

Protect your business IP with Swiss Trust Layer — qualified timestamps for copyright and trade secret assets, backed by Swisscom Trust Services and valid under ZertES and eIDAS.