FirmAdapt is an AI-powered business diagnostics platform that audits companies to expose operational inefficiencies and broken processes. We then deploy custom AI agents, robotic process automation, and engineered solutions to fix the problems we find. Our diagnostic tools include company audits, website audits, competitive intelligence, and faith-based compliance screening.

Does FirmAdapt have a free API?

Yes, FirmAdapt offers free open API endpoints that require no authentication. AI agents and developers can make up to 10 requests per week without signing up. The API supports company profile lookups, faith-based compliance screening, and stock searches across 12 global markets.

What is faith-based stock screening?

Faith-based stock screening analyzes a company's financial ratios and business activities to determine compliance with religious investment guidelines. FirmAdapt supports 9 frameworks including Shariah (AAOIFI, S&P), Christian (BRI), Catholic (USCCB), Jewish (Halakhic), LDS/Mormon, ESG Religious, and Evangelical standards.

Can AI agents use FirmAdapt?

Yes, FirmAdapt is designed for native AI agent integration. It provides an MCP (Model Context Protocol) server for Claude Desktop, Cursor, and other AI tools. AI agents can access company profiles, run faith-based compliance screens, and search stocks across 12 global markets using free open endpoints with no API key required.

What markets does FirmAdapt support?

FirmAdapt supports 12 global markets: US (NYSE/NASDAQ), UK (London Stock Exchange), Germany (XETRA), France (Euronext Paris), Japan (Tokyo Stock Exchange), India (NSE/BSE), Saudi Arabia (Tadawul), UAE (Dubai/Abu Dhabi), Malaysia (Bursa), Indonesia (IDX), Canada (TSX), and Australia (ASX).

Back to Blog

AI complianceregulatorytrade secretsIPconfidentialityTrade secret

The Departing Employee, the AI Chat History, and the Trade Secret Lawsuit

By Basel IsmailMay 21, 2026

The Departing Employee, the AI Chat History, and the Trade Secret Lawsuit

A pattern is emerging in trade secret litigation that should concern every company with employees who use generative AI tools. Departing employees are taking company knowledge with them, not by emailing files to personal accounts or downloading databases onto thumb drives, but by feeding proprietary information into AI chatbots during the course of their work. And when the lawsuits land, the chat histories are becoming Exhibit A.

This is not theoretical. It is happening right now, and the discovery phase of these cases is revealing just how much proprietary information flows through AI conversations that nobody is monitoring.

What the Cases Look Like

The typical fact pattern goes something like this. An employee at Company A uses ChatGPT, Claude, Copilot, or some other generative AI tool as a productivity aid. Over the course of months, they paste in customer lists, pricing models, source code, strategic plans, or technical specifications. They ask the AI to summarize, reformat, analyze, or improve this material. Then they leave for Company B. Within weeks, Company B launches a suspiciously similar product or undercuts Company A's pricing with eerie precision.

Company A sues under the Defend Trade Secrets Act (DTSA), 18 U.S.C. 1836, or the relevant state's version of the Uniform Trade Secrets Act (UTSA). During discovery, they subpoena the former employee's AI chat logs. And there it all is, timestamped and searchable.

In Zheng v. TikTok (ByteDance), filed in 2023, allegations included that proprietary algorithms were discussed in contexts involving AI tools. The Singularity Future Technology v. Tong case in the Southern District of New York involved claims about misappropriation where digital forensics played a central role. Courts are increasingly comfortable treating AI interaction logs the same way they treat email, Slack messages, or browser history: as discoverable evidence of what someone knew, when they knew it, and what they did with it.

The Forensic Gold Mine

Here is what makes AI chat histories uniquely damaging compared to traditional evidence. They contain both the proprietary information and the employee's intent in a single artifact. When someone pastes a customer list into ChatGPT and types "reformat this so it looks like it came from a different source," that is not just evidence of possession. It is evidence of willful misappropriation. Under the DTSA, willful and malicious misappropriation can trigger exemplary damages up to twice the actual damages, plus attorney's fees.

Plaintiffs' attorneys have caught on. Discovery requests in trade secret cases now routinely include demands for AI chat histories, prompt logs, and any outputs generated by AI tools during the relevant period. Some firms are hiring digital forensics specialists who focus specifically on reconstructing AI interactions, including conversations that employees thought they deleted.

What Defendants Are Doing Wrong

The mistakes fall into a few predictable categories.

No AI acceptable use policy. A shocking number of companies still have no written policy governing how employees interact with generative AI tools. When a trade secret case arises, the absence of a policy cuts both ways. The departing employee argues they had no guidance, so they cannot be held to a standard that did not exist. The former employer struggles to prove that the employee knew the information was confidential, because they never told anyone not to paste it into a chatbot.
Using consumer-grade AI tools for sensitive work. When employees use free-tier ChatGPT or similar consumer products, the company typically has no access to logs, no audit trail, and no ability to enforce data handling policies. Worse, depending on the terms of service in effect at the time, the AI provider may have used that data for model training. Under the DTSA and most state UTSA versions, a trade secret loses protection if the owner fails to take "reasonable measures" to maintain its secrecy. Letting employees paste proprietary data into a consumer chatbot with no controls is a strong argument that reasonable measures were not taken.
Failing to preserve AI-related evidence. Litigation hold obligations under Federal Rule of Civil Procedure 37(e) extend to AI chat logs. Companies that do not preserve these records when litigation is reasonably anticipated face spoliation sanctions. In GN Netcom v. Plantronics (D. Del. 2018), the court imposed severe sanctions for intentional destruction of electronic evidence. AI logs are no different.
Assuming the NDA covers everything. Standard non-disclosure agreements were written for a world where information moved through documents, emails, and conversations. Many NDAs do not explicitly address AI-mediated disclosure. A well-drafted NDA should now specifically prohibit inputting confidential information into unauthorized AI systems and should define AI-generated derivatives of trade secrets as covered material.

The "Reasonable Measures" Problem

This is the part that should keep general counsel up at night. Under both the DTSA and the UTSA (adopted in some form by 48 states plus DC), trade secret protection requires that the owner took "reasonable measures under the circumstances" to keep the information secret. Courts evaluate this on a sliding scale, and the standard evolves with technology.

Five years ago, not having an AI policy was understandable. Today, it is increasingly difficult to argue that a company took reasonable measures to protect its trade secrets if it had no controls whatsoever on AI tool usage. The Compulife Software v. Newman (11th Cir. 2020) decision reinforced that trade secret owners bear the burden of demonstrating affirmative protective steps. Passive reliance on general confidentiality obligations is not enough.

A 2024 survey by Cisco found that 27% of organizations had banned the use of generative AI at some point due to data privacy and security risks, and that 48% of employees admitted to entering company data into AI tools. The gap between policy and practice is enormous, and it is exactly the gap that trade secret plaintiffs exploit.

What Reasonable Measures Look Like Now

Courts have not issued a definitive checklist, but based on recent case law and enforcement trends, a defensible posture probably includes the following.

A written AI acceptable use policy that specifically addresses confidential and proprietary information.
Technical controls that prevent or log the input of sensitive data into unauthorized AI systems.
Enterprise AI deployments with audit trails, access controls, and data retention policies.
Regular training that covers AI-specific scenarios, not just generic confidentiality reminders.
Exit procedures that include review of AI tool usage during the offboarding process.
Updated NDAs and employment agreements that explicitly address AI-mediated disclosure.

None of this is exotic. It is the same information governance discipline that companies already apply to email and cloud storage, extended to a new category of tools.

The Offensive Side

If you are on the plaintiff side of a trade secret case, AI chat histories are powerful evidence. But obtaining them requires knowing where to look. Discovery requests should specifically name AI platforms (ChatGPT, Claude, Gemini, Copilot, and others), should cover both employer-provided and personal accounts, and should request both prompts and outputs. Expert testimony on AI interaction forensics is becoming a recognized specialty, and courts in the Northern District of California and the District of Delaware have already admitted such testimony without significant Daubert challenges.

The damages in these cases can be substantial. In Epic Systems v. Tata Consultancy Services (W.D. Wis. 2016), the jury awarded $940 million in trade secret damages, later reduced to $420 million. While that case predated the AI era, the underlying principle applies: when you can show systematic, intentional extraction of proprietary information, juries respond accordingly. AI chat logs that show an employee methodically feeding trade secrets into a chatbot over weeks or months tell a compelling story.

How FirmAdapt Addresses This

FirmAdapt's architecture was designed around exactly this kind of risk. Because all AI interactions on the platform run through a compliance layer with full audit logging, organizations maintain a complete, tamper-evident record of what data was processed, by whom, and when. Access controls enforce data classification policies at the point of interaction, so sensitive information can be blocked from AI processing or routed through approved workflows before it ever reaches a model.

For trade secret purposes, this means two things. First, you have the technical controls to demonstrate "reasonable measures" under the DTSA and UTSA. Second, if a departing employee circumvents those controls by using an unauthorized tool, the existence of a well-implemented enterprise system strengthens your argument that the employee acted willfully. FirmAdapt does not eliminate the risk of trade secret misappropriation, but it closes the evidentiary and policy gaps that make these cases so difficult to win or defend.

Ready to uncover operational inefficiencies and learn how to fix them with AI?

Try FirmAdapt free with 10 analysis credits. No credit card required.

Get Started Free