Next Article in Journal
Aging Behind Bars: The Growth of the Older Incarcerated Adult Population and Emerging Penal Reform
Next Article in Special Issue
More than One-Dimensionality: Brief Remarks on Pensée Complexe, Harmonization and Intangible Cultural Heritage
Previous Article in Journal
The United Kingdom’s Ukraine Schemes and the Case for a Safe Passage Visa: At-Risk People, So-Called ‘Safe and Legal Routes’, and the Refugee Convention
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Laws
Volume 15
Issue 2
10.3390/laws15020034
laws-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Harmonising Trade Secret Protection in AI: Innovation, Opacity and Digital Vulnerability

by
Cristiani Fontanela
*,
Thaís Alves Costa
and
Andréa de Almeida Leite Marocco
Law Department, Law Graduate Program, Universidade Comunitária da Região de Chapecó, Chapecó 89809-900, Brazil
*
Author to whom correspondence should be addressed.
Laws 2026, 15(2), 34; https://doi.org/10.3390/laws15020034
Submission received: 16 January 2026 / Revised: 14 April 2026 / Accepted: 15 April 2026 / Published: 20 April 2026
(This article belongs to the Special Issue Harmonisation of Intellectual Property Rules: A Path Towards Global Integration?)
Review Reports Versions Notes

Abstract

This study examines how the international harmonisation of intellectual property rules, particularly trade secret protection, reshapes the governance of artificial intelligence (AI) in ways that both enable and threaten justice. We argue that convergent standards on undisclosed information are essential for legal certainty in knowledge-intensive AI investments. Such standards are anchored in TRIPS, reinforced by WIPO guidance and digital trade agreements, and complemented by regional instruments such as the EU Trade Secrets Directive. This emerging framework facilitates cross-border technological cooperation while helping prevent the “regulatory expropriation” of code, models, and data infrastructures. At the same time, when this pro-secrecy architecture is extended to opaque algorithmic systems that mediate access to credit, employment, welfare, health and justice, it can entrench digital vulnerability: information asymmetries between firms, states and citizens; barriers to meaningful transparency and audit; and pathogenic forms of exclusion that disproportionately affect already disadvantaged groups. Building on the concept of digital and structural vulnerability, the paper defends a vulnerability-sensitive approach to harmonisation in which trade secret protection is balanced against human rights, algorithmic accountability and the regulatory space of Global South states. We conclude that only an intellectual property regime guided by an ethics and politics of vulnerability can reconcile economic integration, technological development and reducing digital vulnerability in deeply unequal societies.

1. Introduction

The rapid diffusion of artificial intelligence (AI) as an invisible infrastructure mediating decisions in credit, employment, health, and justice has brought the relationship between digital vulnerability and the harmonisation of intellectual property rules back to the centre of debate (Barbosa et al. 2025; Herzog 2024; Mackenzie et al. 2014). On the one hand, the harmonisation of intellectual property rules, especially in the field of trade secrets applied to AI systems, is presented as a condition for transnational legal certainty, the protection of R&D investments, and the promotion of innovation (Dinwoodie and Dreyfuss 2012; Hughes and Bagley 2025). By defining global minimum standards for the protection of know-how (code, model architectures, trained weights, and databases), harmonisation may facilitate technological cooperation and the international circulation of AI solutions.
On the other hand, when such harmonisation is designed primarily to shield trade secrets, it tends to exacerbate information asymmetries between firms, states, and citizens, thereby hindering algorithmic transparency and independent audits. Opaque systems decide on access to credit, employment opportunities, social benefits, and judicial proceedings, while individuals and groups, especially those already affected by class, race, gender, and geographic inequalities, remain unable to understand or challenge these decisions. That’s what Dora Kaufman claims. She argues that contemporary AI systems are “structurally opaque, insofar as their decision-making processes are not readily interpretable, even by experts” (Kaufman 2021, p. 3). This opacity stems both from the technical complexity of the models and from asymmetries of knowledge between developers, users, and regulators, raising significant challenges for transparency, accountability, and governance.
Concrete examples illustrate these risks. In several jurisdictions, algorithmic credit-scoring systems used by financial institutions rely on proprietary models protected as trade secrets, preventing regulators or affected individuals from examining potential discriminatory outcomes. Similar concerns have emerged in automated hiring systems, where candidates rejected by AI-driven screening tools cannot access meaningful explanations because the decision-making logic is protected as confidential business information (Herzog 2024). In this context, robust and harmonised protection of trade secrets may itself become a source of pathogenic vulnerability, insofar as it prevents states from requiring explainability, documentation, and qualified access to models when fundamental rights are at stake, thus producing a chilling effect on more protective regulatory frameworks.
The international harmonisation of rules on the protection of trade secrets applied to AI thus represents, at the same time, a guarantee of protection for investment and innovation and a risk of opacity and increased digital vulnerability. This gives rise to a dual challenge: on the one hand, the urgency of harmonising norms in a technologically volatile field, and on the other, the need to ensure that such harmonisation is compatible with the protection of human rights, algorithmic transparency, and the possibility of independent audits. This study is guided by the following central question: the harmonisation of trade secret protection in AI systems protects whom and at what cost?
We thus argue for the need for a vulnerability-sensitive harmonisation—one that recognises the importance of trade secrets for innovation while establishing normative limits and exceptions to ensure qualified transparency, auditing mechanisms, and human rights safeguards. In this sense, we argue that a global intellectual property policy guided by an ethics of vulnerability can reconcile economic integration, technological development, and reducing digital vulnerability in contexts marked by deep structural inequalities.
Here, it is important to note that trade secrets are not always regarded as falling within the realm of intellectual property proper. Nevertheless, they are explicitly addressed within the TRIPS Agreement (notably Article 39), which situates them within the broader international framework governing intellectual property. In this sense, while conceptually distinct, trade secrets operate alongside other IP regimes as part of a global architecture of knowledge protection. For the purposes of this article, we adopt a functional and systemic approach, treating trade secrets as part of the wider intellectual property ecosystem, particularly in light of their increasing strategic role in AI-intensive sectors, where secrecy often substitutes for or complements formal IP protection.

2. Methods

This study adopts a qualitative and normative research design, combining doctrinal legal analysis with philosophical inquiry. It follows a predominantly deductive structure, beginning from a theoretical framework grounded in an ethics of vulnerability and applying it to the analysis of intellectual property harmonisation in the context of artificial intelligence. From an ontological perspective, the study assumes that vulnerability is both a universal feature of the human condition and a context-dependent phenomenon that can be intensified by legal and technological arrangements. In particular, it focuses on situational and pathogenic forms of vulnerability, understood as those arising from institutional structures and asymmetric power relations. This framework guides both the identification of relevant legal tensions and the normative evaluation of existing regulatory models.
The research combines bibliographical and documentary materials. Bibliographical sources include books and peer-reviewed scholarship in legal theory, political philosophy, and AI ethics, with particular emphasis on literature addressing vulnerability, justice, and algorithmic governance. Documentary sources consist of primary legal materials and institutional documents, including international agreements (such as the TRIPS Agreement), regional instruments (such as the EU Trade Secrets Directive and the EU AI Act), digital trade agreements (including the USMCA and the CPTPP), as well as policy documents and soft law instruments (such as the OECD AI Principles and UNESCO’s Recommendation on the Ethics of Artificial Intelligence), in addition to reports and guidelines issued by international organizations such as WIPO. Sources were collected and analysed in both Portuguese and English, with attention to conceptual consistency across jurisdictions and to the ways key legal categories, such as trade secrets, confidential information, and innovation-related assets, are defined and operationalized.
The analytical procedure was conducted in three main steps. First, a doctrinal mapping of the legal framework governing trade secret protection in AI was undertaken, identifying convergences in international standards and examining how harmonisation operates across different legal instruments. Second, the study analysed the interaction between these regimes and emerging AI governance norms, particularly those related to transparency, accountability, and human rights protection, with the aim of identifying structural tensions between pro-secrecy regimes and regulatory demands for algorithmic oversight. Third, these tensions were interpreted through the lens of vulnerability theory, examining how legal arrangements contribute to the production or intensification of digital vulnerability, especially in contexts marked by structural inequality. Based on this interpretive step, the study articulates normative principles and proposes directions for a vulnerability-sensitive approach to harmonisation.
The analysis employs qualitative doctrinal interpretation combined with normative reconstruction. Rather than testing hypotheses empirically, it seeks to interpret legal materials in light of a theoretical framework and to develop a coherent normative account of their implications. Where relevant, a comparative perspective is used to identify patterns of convergence and divergence across jurisdictions, particularly in relation to the protection of confidential information in technology-intensive sectors. The main limitation of the study lies in its non-empirical nature, as it does not provide quantitative evidence or case-based validation of regulatory outcomes. However, its aim is not predictive, but interpretive and normative: the aim is to clarify conceptual tensions, systematize emerging legal trends, and propose a framework for evaluating the relationship between intellectual property, artificial intelligence, and vulnerability. All translations appearing in the text are the sole responsibility of the authors.

3. Findings

3.1. Harmonising Trade Secret Protection in AI: Advantages and Necessity

The international harmonisation of intellectual property rules, and of trade secret protection, is often presented as an indispensable step toward global economic integration. In the field of artificial intelligence, this harmonisation becomes even more urgent given the transnational nature of chained development, training, and distribution of AI systems.
AI systems are, by definition, transnational: a model may be designed in one country, trained on data collected in several others, hosted on cloud infrastructures distributed globally, and offered as software as a service (SaaS) in multiple jurisdictions at the same time (Russell and Norvig 2020; Brynjolfsson et al. 2014). In these global value chains, the economic “core” of AI is precisely what is typically protected as a trade secret: the model’s source code and architecture, the trained weights, proprietary datasets, and the very pipelines of training, fine-tuning, and deployment. In other words, the technical know-how that underpins AI companies’ competitive advantage circulates across very different legal environments, which immediately raises the problem of regulatory fragmentation. Note that, if each country adopts its own conception of “confidential information,” distinct requirements for its protection, and highly asymmetrical remedies in cases of misuse or unlawful disclosure, the legal cost of operating globally becomes high and unpredictable, discouraging technological cooperation and long-term investment (Dinwoodie and Dreyfuss 2012; De Rassenfosse et al. 2022).
In this context, the existence of common minimum standards for the protection of know-how is seen as a condition for legal certainty, contractual predictability, and the protection of investments in research and development (European Commission 2013). From the perspective of developing companies, a harmonised trade secret regime reduces transaction costs: it lowers uncertainty about the scope of protection granted in each jurisdiction, facilitates the conclusion of technological partnerships, licensing agreements, and cross-border operations, and provides a relatively stable framework for long-term planning. In principle, this institutional stability stimulates innovation by ensuring that investments made in the development of AI models and infrastructures will not be easily appropriated by competitors.
It is in this context that the international harmonisation of trade secret rules gains relevance, especially regarding the protection of undisclosed information. The TRIPS Agreement, within the framework of the World Trade Organization, established a global minimum floor of protection for trade secrets by requiring member states to grant legal protection to information that (i) is not generally known or easily accessible; (ii) has commercial value precisely because it is secret; and (iii) is subject to reasonable efforts to be kept secret (TRIPS, Art. 39). By consolidating this common core, TRIPS functions as a kind of minimum denominator for the protection of know-how in global AI value chains, reducing regulatory uncertainty, and providing a reference framework for the drafting of national legislation and trade agreements dealing with trade secrets in digital and algorithmic environments.
From the perspective of companies that develop and commercialize AI systems, international harmonisation is a central factor for ensuring legal certainty in high-risk investments. A minimally convergent regime, as we have already stated and emphasised once again, reduces costs and uncertainties, and provides predictability for research and development contracts and technology licensing. Reports and guidelines from the World Intellectual Property Organization (WIPO)1 have repeatedly emphasized this point: in knowledge-intensive markets, clarity about the scope and limits of protection for undisclosed information is a precondition for firms to share technology, enter cross-border partnerships, and factor in the legal protection of code, models, and databases into the economic calculus of expected returns on research and development investments.
Moreover, the harmonisation of minimum standards facilitates the international circulation of AI solutions by aligning with the broader digital trade agenda. Agreements such as the United States-Mexico-Canada Agreement (USMCA), the Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP), and other recent treaties move toward converging protection standards, going so far as to prohibit, generally, states from requiring the disclosure of source code or algorithms as a condition for market entry or operation. These commitments reduce the risk of “regulatory expropriation”, preventing developers from seeing their intangible assets compelled to broad disclosure without adequate safeguards, and they articulate with the global minimum floor established by the TRIPS Agreement in relation to the protection of “undisclosed information” (Art. 39). The result is a legal environment in which companies feel more inclined to invest heavily in research, to scale AI solutions globally, and to establish cross-border technological cooperation, relying on the stability of an intellectual property framework that recognizes the central role of trade secrets in the algorithmic economy (Cozman and Kaufman 2022).
The international harmonisation of intellectual property rules, particularly those on the protection of trade secrets, now constitutes the invisible legal backbone that sustains the global value chains for the development of AI systems. The TRIPS Agreement, which establishes a minimum floor of protection for “undisclosed information”, requires WTO members to protect secret information that has commercial value. Because it is secret and is subject to reasonable efforts to keep it confidential, there has been a consistent movement toward conceptual convergence around the notion of trade secrets applicable to source code, databases, and technical know-how in general (WTO, Art. 39).
WIPO itself, when addressing the protection of trade secrets in high-technology sectors, emphasizes that Article 39 of TRIPS operates as a global reference point for states to incorporate relatively homogeneous criteria for the protection of confidential information into their domestic legal systems, which are increasingly including intangible assets related to AI (such as model architectures, trained weights, and training pipelines) (WIPO 2024). WIPO guides and reports stress that clear and predictable regimes for the protection of trade secrets provide a more stable framework for research contracts, licensing, joint ventures, and technology transfer (WIPO 2024).
If a model’s weights, the curation of a dataset, or the configuration of a training pipeline can be easily appropriated in certain markets, the propensity to invest, share technology, or establish partnerships decreases. Harmonisation, in this sense, functions as a form of legal insurance against the “regulatory expropriation” of know-how, since the protection of trade secrets becomes part of the long-term return calculus on AI investments.
This minimum core of harmonisation in IP is reinforced by a second normative layer: the digital trade chapters in new-generation regional agreements such as the United States-Mexico-Canada Agreement (USMCA) and the Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP). It is a free trade agreement among countries in the Pacific region that sets broad rules on trade in goods and services, investment, government procurement, digital trade, and intellectual property. The founding members/parties include Australia, Brunei, Canada, Chile, Japan, Malaysia, Mexico, New Zealand, Peru, Singapore, and Vietnam, and the United Kingdom has since joined.
The USMCA, for example, provides in Article 19.16 that no party may require the transfer of, or access to, software source code or to “algorithms expressed in that source code” as a condition for the import, distribution, sale, or use of software products in its territory, allowing only limited exceptions for specific regulatory or judicial purposes. Key examples include:
a. USMCA, Art. 19.16—Source Code, Art. 19.16(1): No Party shall require the transfer of, or access to, source code or to “an algorithm expressed in that source code” as a condition for the import, sale, or use of software (or products containing such software).
b. United States–Mexico–Canada Agreement (USMCA), Article 19.16(2): an exception permits regulatory and judicial authorities to require access in the context of specific investigations, subject to appropriate confidentiality safeguards. While preserving limited avenues for oversight, this provision reflects a broader tendency toward strengthening and partially harmonising the protection of trade secrets in source code and algorithms, with potential implications for AI systems.
Similar provisions are set out in Article 14.17 of the CPTPP, which likewise prohibits, as a rule, requirements to disclose source code in cross-border trade in software. The specialized literature highlights that these clauses, although formally technology-neutral, in practice, operate as a robust mechanism for strengthening trade secret protection in digital environments by significantly limiting the possibilities for regulatory access to code and algorithms by national authorities (Mitchell and Mishra 2019; Kelsey 2018; Burri and Polanco 2020).
In the European context, harmonisation takes place through an articulated relationship between trade secret law and the specific regulation of AI. European Commission (2013) harmonises, within the Union, the definition of a trade secret (“undisclosed know-how and business information”) and the remedies against its unlawful acquisition, use, and disclosure, recognizing that companies of all sizes value trade secrets as much as patents and use confidentiality as a central tool of competitiveness and innovation management (European Commission 2013—Trade Secrets Directive).
Building on this foundation, the AI Act (European Union 2024b) establishes a detailed regime of transparency and documentation obligations, particularly for high-risk AI systems. Providers are required to ensure that such systems are accompanied by clear instructions for use and are sufficiently transparent to enable users to interpret and appropriately use their outputs (Article 13). In addition, providers must draw up and maintain extensive technical documentation (Article 11) and ensure logging capabilities that allow traceability of system operations (Article 12). These obligations are complemented by conformity assessment procedures and oversight mechanisms designed to facilitate regulatory scrutiny and ex post accountability. Together, these provisions aim to mitigate the opacity of AI systems by creating structured pathways for interpretability, monitoring, and control (European Union 2024a).
At the same time, however, the AI Act explicitly recognizes the need to protect trade secrets and intellectual property rights. In particular, it provides that the disclosure of information required under the Regulation, mainly in the context of access by competent authorities, must be carried out in a manner that safeguards confidential information, including source code, algorithms, and proprietary data (see, e.g., Recitals 60 and 84; Article 70). This introduces a structural tension within the regulatory framework: while transparency is framed as a condition for trust, safety, and accountability, access to meaningful information about AI systems may be limited by proprietary claims. As a result, the effectiveness of transparency obligations may depend on how this balance is operationalized in practice, especially in contexts where full access to system logic is necessary to assess risks or harms (European Union 2024a).
A similar normative orientation can be found in UNESCO’s Recommendation on the (UNESCO 2021), adopted unanimously by Member States. The Recommendation affirms that respect for human rights and human dignity must guide the entire lifecycle of AI systems and explicitly calls for transparency, explainability, and accountability as core governance principles (see paras. 14–18, 26–27). It further emphasizes that, where AI systems generate harm or risk to individuals, there must be mechanisms ensuring meaningful access to information about how decisions are made, as well as avenues for contestation and human oversight. Although the Recommendation does not create binding obligations in the field of trade secrets, it establishes a normative benchmark that legitimizes demands for auditability and access to information, particularly in cases involving fundamental rights. In this sense, it reinforces the view that opacity, whether technical or legally protected, cannot operate as an absolute barrier to accountability in AI governance (UNESCO 2021).
These instruments do not create direct obligations in the field of trade secrets, but they do establish a normative framework that legitimizes demands for access, auditability, and contestation in AI systems that affect fundamental rights. Taken together, these normative elements outline a legally fraught field: on the one hand, a “hard core” of pro-secrecy harmonisation, structured by TRIPS, the Trade Secrets Directive, and digital trade chapters, restricts access to source code and algorithms; on the other hand, there is an emerging constellation of AI and digital rights norms (the AI Act, the OCDE Principles, the UNESCO Recommendation) that require increasing levels of transparency, documentation, and oversight in systems that are ever more central to social life (Wachter et al. 2017).
However, this picture becomes more complex when we consider the role of harmonising these rules in producing digital vulnerabilities. When the harmonisation of trade secrets is designed primarily to maximize the protection of corporate interests, without adequately incorporating requirements of transparency, accountability, and the protection of fundamental rights, it can become a factor that aggravates vulnerabilities (Herzog 2024; Barbosa et al. 2025). By legally shielding the inner workings of systems, their operating logic, decision criteria, and training data, the trade secret regime tends to reinforce information asymmetries between corporations, states, and citizens.
In contexts where decisions about credit, employment, social benefits, health insurance, or criminal measures are mediated by algorithms, opacity acquires significant normative weight. Individuals and groups already marked by inequalities of class, race, gender, or geography find themselves confronted with systems that classify, rank, or exclude them based on criteria they do not control or even understand. Lacking access to meaningful explanations, concrete possibilities for independent auditing, and often adequate procedural channels to contest such decisions, these subjects experience a form of vulnerability that is not merely ontological, but clearly situational and pathogenic (Mackenzie et al. 2014).

3.2. Artificial Intelligence and Digital Vulnerability: Threats to the Harmonisation of AI Rules?

Artificial intelligence (AI) now functions as a diffuse and often imperceptible infrastructure that permeates everyday life. It plays a structuring role in decision-making across multiple domains, including financial evaluation, labour market selection, healthcare analytics, judicial processing, public governance, and digital platform ecosystems (Herzog 2024). Its diverse applications have introduced new ways of governing the world and have brought countless benefits, such as the optimization and automation of processes, increased productivity, reductions in human errors, lower operational costs, support for the evaluation of indicators and decision-making, enhanced marketing campaigns, and real-time environmental monitoring, among others. All this is made possible by systems that predict and generate outcomes (Kaufman 2024). This is especially true of AI models that rely on deep learning techniques. According to Dignum:
The machine learning technique—a subfield of AI—that underpins most current implementations of AI models, known as deep learning neural networks (DLNNs, or simply deep learning) due to their inspiration in the biological brain, is a probabilistic statistical model that can be divided into two categories: predictive AI and generative AI.
(Dignum 2019, p. 22)
Given this dual function of predicting and generating something (information/data), we must bear in mind that the problems surrounding AI involve not only the advantages of its use but also its shortcomings and challenges, as we will see below. In many of these contexts, the use of AI systems is presented as a condition for efficiency, objectivity, and the rationalization of complex decision-making processes. However, this same infrastructure largely operates in an opaque manner for citizens, for the state itself, and, at times, even for the institutions that deploy it, given the technical and probabilistic nature of the models employed. It is at this point that an analysis of digital vulnerability becomes indispensable.
From both an economic and a legal perspective, many of these systems are protected under trade secret regimes. Technology companies often, especially in jurisdictions with less restrictive rules, choose not to patent their models and training methods, instead opting to protect them as trade secrets. This includes source code, model architectures, trained weights, data collection and processing strategies, and, in some cases, even the very composition of the datasets. Protection through trade secrecy promises two main advantages: avoiding the public disclosure of sensitive technical details and reducing costs associated with patenting procedures, while at the same time preserving a competitive edge in highly contested markets.
In addition, AI intensifies a specific form of vulnerability: digital vulnerability. To understand this more clearly, we must first take a step back and explain the concept of vulnerability. In a broader definition, to be vulnerable is to be fragile and susceptible to injury and suffering, as “a universal, inevitable and enduring aspect of the human condition” (Fineman 2008, p. 8). In other words, vulnerability refers to a state of susceptibility to harm or injury, whether physical, emotional, or social. It can be tied to our sociability as human beings since we depend, to varying degrees throughout our lives, on the care and support of others. The traditional taxonomy of the term divides vulnerability into three types. First, ontological or inherent vulnerability refers to sources of vulnerability that are intrinsic to the human condition, emphasizing our shared susceptibility to suffering as embodied beings (Lange et al. 2013). This type of vulnerability applies equally to all human beings, linking the term to the Latin word vulnus, meaning “wound,” and to the capacity for suffering inherent in the human body.
The second type is situational vulnerability (Dunn et al. 2008), which focuses on the contingent susceptibility of specific individuals or groups to various forms of harm or threats from others. This form of vulnerability is context-dependent and may be triggered or exacerbated by personal, social, political, economic, or environmental factors. It is closely tied to social risk, since individuals and groups in precarious circumstances are often exposed to heightened risks that undermine their agency (Wiggins 2013). The third is the notion of pathogenic vulnerability (Mullainathan and Shafir 2013), understood as a subset of situational vulnerabilities generated by morally dysfunctional or abusive interpersonal and social relationships. These types of vulnerability are especially relevant for identifying moral vulnerability, which is inherent in human moral practices.
Among the three types of vulnerability, the most relevant for the purposes of this research is situational vulnerability since we are dealing with the context of the digital age, namely, a situation capable of generating or intensifying people’s vulnerability. A key concern is that situational vulnerability can give rise to moral vulnerability, understood as “the exposure to harm through the rejection or denial of one’s moral status as a full participant in relations of mutual responsibility” (Mackenzie et al. 2014, p. 175). This moral vulnerability directly affects individuals’ decision-making, helping to explain why their choices become more difficult than those not in situations of vulnerability (Costa and Barbosa 2023).
In this sense, digital vulnerability should be conceived based on situational vulnerability, as a dynamic condition that can potentially affect any individual. It refers to individuals’ susceptibility to harm and manipulation arising from their interaction with digital environments in which, structural asymmetries of access to and knowledge of digital technologies are intensified (Young 2011). Given the global use of AI models, vulnerability ceases to be a static characteristic attributed to specific groups and comes to represent a condition potentially present in all individuals (Dubber et al. 2024).
Digital vulnerability thus exposes individuals to risks related to data protection and, more gravely, different segments of the population are affected by the phenomenon of so-called digital exclusion (Cohen 2019). This marginalization brings to light digital vulnerability in multiple dimensions: physical access to technologies; digital literacy to understand and use these technologies; protection against violations of the right to privacy2 and transparency and adequate information. According to Barbosa, Fontanela and Costa:
Digital vulnerability refers to the specific ways in which individuals and groups are exposed to harm, domination, or exclusion due to their reliance on digital technologies and algorithmic decision-making systems. This includes not only obvious risks, such as data breaches or surveillance, but also subtle forms of influence and dependence that affect autonomy, deliberation, and social relationships. Key characteristics involved in this issue include structural asymmetries in access and knowledge; that is, people with lower digital literacy or limited access to technology are at a disadvantage, which can compromise their ability to benefit from innovations and protect themselves from harm.
(Barbosa et al. 2025, p. 9)
This shows how people in situations of digital vulnerability have their development constrained and are more likely to make mistakes in the digital environment, whether due to difficulty in recognizing information manipulation, greater exposure to data breaches, or lack of access to technologies.
If, in an ontological sense, we are all vulnerable by virtue of our embodied and relational condition, digital vulnerability is situational and, in many cases, pathogenic: it stems from technical-legal arrangements that expose certain individuals and groups to heightened risks of exclusion, discrimination, and opaque decision-making. People living in poverty, racialized populations, women, persons with disabilities, migrants, and residents of urban peripheries tend to be more exposed to automated decisions, without adequate information about the criteria employed, meaningful opportunities to contest outcomes, or effective avenues for redress. Unlike traditional forms of vulnerability, which are often linked to relatively stable socioeconomic conditions or long-standing structural factors, digital vulnerability manifests in a highly contextual way: anyone can become vulnerable in specific scenarios of interaction with opaque or asymmetrical technologies.
In this sense, the concept of digital vulnerability brings together three dimensions. First, there is the information asymmetry between those who develop and control AI systems and those who are affected by them (Kaufman 2022, p. 76). Second, there is the growing dependence on private digital infrastructures for the exercise of basic rights—such as accessing financial services, participating in the labour market, receiving social benefits, or interacting with the justice system (Dubber et al. 2024). Third, there is the structural difficulty of contesting automated decisions, either because of a lack of transparency or because there are no procedural mechanisms adapted to this reality (Cozman and Kaufman 2022). Against this backdrop, the discussion on the international harmonisation of intellectual property rules becomes relevant: IP instruments, especially trade secrets, are not neutral; they help configure the conditions under which subjects are rendered more or less vulnerable (or protected) in the age of AI.
This is the kind of vulnerability that matters for our purposes here. It is crucial to understand that AI opacity can generate vulnerability, and that problems of information, explainability, and automated decision-making, especially when such decisions are opaque, intensify people’s vulnerability. In other words, while robust protection of investments and innovation is desirable, it also carries the risk of increasing digital vulnerability by entrenching opacity (cf. DiMaggio et al. 2021). This gives rise to a dual challenge: on the one hand, the urgency of harmonising rules in a technologically volatile field and on the other, the need to ensure that such harmonisation is compatible with the protection of human rights, algorithmic transparency, and the possibility of independent audits.
Thus, this study has sought to build the conceptual vocabulary that will guide the analysis. On one side, it considers AI as technology and infrastructure. On another, it examines the trade secret regime as a central legal mechanism for protecting AI-related know-how. Finally, it introduces digital vulnerability as a theoretical key for understanding who is exposed, to which risks, and with what possibilities of response. On this basis, it becomes possible to critically assess the effects of harmonising intellectual property rules on the distribution of risks and protections in the contemporary digital environment. The remaining question, then, is how to achieve a sustainable balance—this is what we turn to in the discussion.

4. Discussion

As we have seen, the harmonisation of trade secret protection can produce a chilling regulatory effect on more protective legislation and public policies. States that wish to require greater algorithmic transparency, explainability mechanisms, or qualified access to models for oversight purposes may be discouraged by the threat of violating international commitments in the field of intellectual property. In contexts of strong power asymmetry between global technology companies and countries with more limited economic and regulatory capacities, this effect tends to be even more pronounced, increasing the regulatory vulnerability of Global South states and constraining their room to protect their populations against algorithmic abuses.
In view of this ambivalence, this section argues that the harmonisation of trade secret protection rules in AI cannot be analysed solely from the perspective of economic efficiency or legal certainty. It is necessary to ask explicitly: whom does the harmonisation of trade secret protection in AI systems protect, and against what and at what cost in terms of digital vulnerability and the fundamental rights of those affected by automated decisions? It is precisely this critical question that will guide the analysis that follows, in which we seek to outline the contours of a vulnerability-sensitive approach to harmonisation.
As we have been exploring, the “other side of the coin” is that this harmonisation movement emerged well before the consolidation of the AI governance and digital rights agenda. Today, however, there is a growing body of instruments pushing in the opposite direction, demanding greater transparency, explainability, and accountability in algorithmic systems.
Among them are the OECD (2019), which recommends transparency, explainability, and human oversight; the Ethics Guidelines for Trustworthy Artificial Intelligence issued by the European Commission High-Level Expert Group on AI (2019), which articulate key requirements such as transparency, accountability, human agency and oversight, and technical robustness; UNESCO’s Recommendation on the Ethics of AI (UNESCO 2021), which links AI governance to the protection of human rights and sustainable development; and the European AI Act, which imposes obligations of technical documentation, logging, and qualified access to information for authorities and notified bodies in the case of “high-risk” systems, while simultaneously recognizing the need to protect trade secrets.
Taken together, these instruments reflect a growing international consensus that trustworthy AI requires not only technical performance but also institutional conditions of transparency, auditability, and accountability. In this setting, however, a difficult normative tension emerges: the stronger and more “shielded” the harmonised protection of trade secrets (including code and algorithms) becomes, the harder it is to demand meaningful transparency and in-depth audits of systems that affect fundamental rights. As emphasized in the literature on AI governance and digital trade, transparency is not merely a technical feature but a normative requirement linked to democratic oversight and the protection of individuals in asymmetrical informational environments (Beane 2024; Russell and Norvig 2020).
Several studies further point out that digital trade clauses prohibiting requirements to access source code and algorithms (as in the USMCA and other agreements) may collide with attempts to build robust AI auditing regimes (Burri and Polanco 2020; Kelsey 2018). In other words, the very same harmonisation that reduces companies’ vulnerability to the misappropriation of know-how can, paradoxically, increase individuals’ digital vulnerability. How these regimes are interpreted and articulated, at both domestic and international levels, will determine not only the degree of legal certainty and protection of AI developers’ know-how, but also the effective scope for reducing digital vulnerabilities and structural injustices produced by opaque systems.
If the harmonisation of intellectual property rules on trade secrets applied to AI is, at the same time, a source of protection for investments and a potential generator of pathogenic vulnerabilities, it becomes necessary to rethink its underlying assumptions considering an ethics of vulnerability. In philosophical debates, this ethical perspective has been developed through different approaches that emphasize how certain individuals or groups are disproportionately exposed to harm, that is, placed in conditions of heightened fragility (Barbosa et al. 2025; Mackenzie et al. 2014; Mullainathan and Shafir 2013). What we stress throughout this paper is precisely this differentiated way of seeing: not all agents are equally situated, and this asymmetry is morally relevant. Such recognition demands a normative shift. For this reason, we translate this philosophical insight into the legal domain, examining its implications for how legal regimes should be interpreted, structured, and, when necessary, revised in light of the differentiated vulnerabilities they may produce or intensify.
Rather than conceiving harmonisation as a mere technical exercise in normative unification aimed at maximizing the protection of intangible assets, it must be understood as a political–legal choice that distributes risks and guarantees among actors who are unequally positioned. A vulnerability-sensitive harmonisation must start from the recognition that the protection of trade secrets is not an end, but a means that must be balanced against the safeguarding of human rights, reducing information asymmetries, and the protection of groups in situations of heightened exposure to harm.
This normative direction is not merely aspirational. It is already partially reflected in contemporary regulatory frameworks, most notably in the European Union’s AI Act. While the Act preserves the protection of trade secrets and confidential business information, it simultaneously establishes a set of obligations for high-risk AI systems. These include technical documentation, traceability, record-keeping, and qualified access to information by competent authorities. Together, these requirements implicitly recognize the need to limit opacity where fundamental rights are at stake. In this sense, the EU AI Act provides an important doctrinal reference point: it does not eliminate the protection of trade secrets, but rather conditions it within a broader architecture of accountability and risk management. This confirms that, even within existing legal frameworks, the tension between protection and vulnerability is already being negotiated, albeit not yet fully theorized. Building on this approach, and making explicit its underlying normative structure, the first step is to identify the principles that should guide this reconfiguration.
Among them, the following stand out: (a) the primacy of fundamental rights over the protection of trade secrets, especially in contexts where automated decisions have a significant impact on individuals’ lives, freedom, or basic subsistence; (b) the recognition of digital vulnerability as a relevant normative criterion, which implies systematically considering how different groups are affected by regimes of opacity and information asymmetries; and (c) the need to ensure effective mechanisms of algorithmic accountability, including transparency, the possibility of auditing, and accessible avenues for contestation.
In legal terms, these principles can be translated into concrete instruments. One of them is the provision of exceptions and limitations to trade secret protection for purposes of regulatory oversight, independent research, and judicial protection of rights. This means, for example, ensuring that data protection authorities, sectoral regulatory agencies, public defenders’ offices, public prosecutors, and courts have, under specific conditions and with appropriate confidentiality safeguards, qualified access to information about AI models, their training data, and their decision criteria whenever there are indications of discrimination, rights violations, or significant risks to vulnerable groups. The aim is to promote a form of qualified transparency that does not require unrestricted disclosure of source code or datasets but prevents the generic invocation of trade secrets from becoming an absolute barrier to the protection of fundamental rights.
Another instrument is the incorporation, in international treaties and IP harmonisation frameworks, of clauses that explicitly affirm the compatibility and hierarchy between intellectual property protection and human rights obligations. Such clauses can clarify that states remain authorized—and, in some cases, required—to impose explainability requirements, allow algorithmic audits, and demand forms of disclosure whenever this proves necessary to prevent or remedy structural injustices and rights violations. Rather than functioning as a normative straitjacket, harmonisation would then acknowledge regulatory space aimed at protecting vulnerable subjects.
Finally, a vulnerability-sensitive harmonisation must take into account global asymmetries between technology-producing centres and countries in peripheral positions. In contexts of “data colonialism” and technological dependence, global IP regimes tend to disproportionately protect the interests of companies and states in the Global North, while at the same time limiting the capacity of countries in the Global South to promote alternative models of AI governance. By incorporating the category of digital and structural vulnerability into its architecture, international harmonisation could help expand the room for manoeuvre of less powerful states, whether by recognizing rights over local data and knowledge, or by guaranteeing instruments to contain the discriminatory effects of imported technologies.
It was argued that the challenge is not simply to accept or reject the harmonisation of intellectual property rules, but to transform it in light of an ethics and politics of vulnerability. Only a form of harmonisation that recognizes the centrality of human rights, social justice, and the protection of those in situations of heightened exposure to harm will be able to reconcile, in a minimally balanced way, global economic integration, technological development, and reducing digital vulnerability in societies marked by deep structural inequalities.

5. Conclusions

This article has shown that the harmonisation of trade secret protection in the field of artificial intelligence is not a merely technical exercise of aligning legal concepts across jurisdictions, but a deeply normative project that redistributes risks and protections in a world structured by profound inequalities. A convergent framework for the protection of undisclosed information, anchored in TRIPS, consolidated through WIPO guidance, reinforced by digital trade agreements, and complemented by regional instruments such as the EU Trade Secrets Directive, effectively underpins global value chains in AI. It offers legal certainty for high-risk, knowledge-intensive investments, reduces transaction costs in cross-border cooperation, and helps to prevent “regulatory expropriation” of code, models, and data infrastructures. From this perspective, harmonisation functions as the invisible legal backbone of the algorithmic economy.
At the same time, the same legal architecture that stabilizes expectations for firms can entrench opacity for those subjected to automated decision-making. By shielding the internal logic of systems, training data and decision criteria under the umbrella of trade secrets, harmonised protection can exacerbate information asymmetries between corporations, states and citizens, particularly when combined with treaty clauses that restrict regulatory access to source code and algorithms. In domains such as credit, employment, welfare, health insurance or criminal justice, this opacity is not normatively neutral: it interacts with pre-existing lines of class, race, gender and territorial inequality to produce forms of digital vulnerability that are clearly situational and, in many cases, pathogenic. Individuals and groups already at the margins of social protection face systems that classify and exclude them because of criteria they cannot see, understand or contest while meaningful routes to explanation, audit and redress remain limited.
Against this backdrop, we argued that a vulnerability-sensitive approach to harmonisation is both necessary and possible. Rather than treating trade secret protection as an absolute and self-standing value, such an approach reconceives it as one instrument among others within a broader framework ordered by the primacy of human rights and social justice. Concretely, this implies designing and interpreting harmonisation regimes in ways that explicitly accommodate exceptions and limitations for regulatory oversight, independent research and judicial enforcement of rights; that recognize digital vulnerability as a relevant normative criterion in the calibration of transparency and access obligations; and that preserve sufficient regulatory space for states—especially those in the Global South—to adopt stronger safeguards where automated systems pose heightened risks to already disadvantaged groups. Harmonisation, in this sense, should not operate as a ceiling that constrains protective regulation, but as a floor compatible with more demanding standards of algorithmic accountability.
The emerging landscape of AI governance—from the OECD AI Principles and UNESCO’s Recommendation on the Ethics of AI to the European AI Act—already points toward such a rebalancing by insisting on transparency, explainability, documentation duties, and effective human oversight in high-risk systems. The tension between these demands and a “hard core” of pro-secrecy harmonisation reveals that the key question is not whether to harmonise, but how. A future-proof regime will require continuous coordination between trade, IP and human rights law; institutional mechanisms for qualified access to models and data by regulators, courts and affected communities; and a deliberate effort to integrate perspectives from those most exposed to algorithmic harms into the design of both technological and legal architectures. Only by placing vulnerability—understood as a shared human condition, but also as a structurally and relationally distributed risk—at the centre of the analysis can harmonisation move beyond a narrow concern with investment protection and contribute to building more just and resilient digital societies.
In this sense, the central question that guided our inquiry—whom and what does the harmonisation of trade secret protection in AI systems protect, and at what cost in terms of digital vulnerability and fundamental rights—does not admit a purely doctrinal answer. It calls for an ongoing, interdisciplinary and context-sensitive evaluation of how legal choices shape concrete lives in datafile environments. The proposal advanced here is that a global intellectual property policy guided by an ethics and politics of vulnerability offers a promising path to reconcile economic integration, technological development, and reducing digital vulnerability in societies marked by deep structural inequalities. Rather than providing definitive solutions, this article has sought to bring into focus a set of tensions that remain insufficiently addressed in current legal frameworks, particularly those arising at the intersection of trade secret protection, AI governance, and human rights.
An ethics of vulnerability, as we understand it, does not operate as a fixed doctrine, but as a normative orientation that requires attention to asymmetries in exposure to harm, to the unequal distribution of risks and protections, and to the conditions under which individuals and groups can effectively exercise their rights. In this sense, it invites a rethinking of intellectual property and trade secret regimes not as neutral instruments of economic coordination, but as legal structures that actively shape the possibilities of inclusion, contestation, and protection in digital societies.
What follows from this is not a closed model of regulation, but a call to take vulnerability seriously as a guiding concern in the design and interpretation of IP policies. This implies, at a minimum, maintaining the primacy of human rights, ensuring meaningful forms of accountability and access to information, and preserving regulatory space for states to respond to context-specific risks. Bringing these elements into the debate is, we suggest, a necessary step toward a more reflexive and just approach to the governance of artificial intelligence in an increasingly unequal world.

Author Contributions

Conceptualization, T.A.C., C.F. and A.d.A.L.M.; methodology, T.A.C. and C.F.; formal analysis, T.A.C., C.F. and A.d.A.L.M.; investigation, T.A.C. and A.d.A.L.M.; writing—original draft preparation, T.A.C. and C.F.; writing—review and editing, T.A.C., C.F. and A.d.A.L.M.; supervision, C.F. and A.d.A.L.M.; project administration, C.F. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Not applicable.

Data Availability Statement

No new data were created or analyzed in this study. Data sharing is not applicable to this article.

Conflicts of Interest

The authors declare no conflicts of interest.

References

  1. Barbosa, Evandro, Fontanela Cristiani, and Thais A. Costa. 2025. On vulnerabilities and the moral dimension: A brief roadmap. Intuition 18: 1–13. [Google Scholar] [CrossRef]
  2. Beane, Matt. 2024. The Skill Code: How to Save Human Ability in an Age of Intelligent Machines. New York: Harper Business. [Google Scholar]
  3. Brynjolfsson, Erick, MacAfee Andrew, and Greta Cummings. 2014. Service with a Smile: Emotional Intelligence, Job Satisfaction and the Service-Profit Chain. Journal of Applied Social Psychology 44: 681–93. [Google Scholar]
  4. Burri, Mira, and Rodrigo Polanco. 2020. Digital trade provisions in preferential trade agreements: Introducing a new dataset. Journal of International Economic Law 23: 187–220. [Google Scholar] [CrossRef]
  5. Cohen, Featuring Julie. 2019. Between Truth and Power: The Legal Constructions of Informational Capitalism. Oxford: Oxford University Press. [Google Scholar]
  6. Costa, Thaís Alves, and Evandro Barbosa. 2023. Faces of Responsibility and moral agency. In Moral Challenging in a Pandemic Age. Abingdon: Routledge. [Google Scholar]
  7. Cozman, Fabio Gagliardi, and Dora Kaufman. 2022. Viés no aprendizado de máquina em sistemas de inteligência artificial: A diversidade de origens e os caminhos de mitigação. Revista USP 135: 195–210. [Google Scholar] [CrossRef]
  8. De Rassenfosse, Gaétan, Marco Grazzi, Daniele Moschella, and Gabriele Pellegrino. 2022. International patent protection and trade: Transaction-level evidence. European Economic Review 147: 104160. [Google Scholar] [CrossRef]
  9. Dignum, Virginia. 2019. Responsible Artificial Intelligence: How to Develop and Use AI in a Responsible Way. Cham: Springer. [Google Scholar]
  10. DiMaggio, Paul, Eszter Hargittai, W. Russell Neuman, and John P. Robinson. 2021. Social implications of the Internet. Annual Review of Sociology 27: 307–36. [Google Scholar] [CrossRef]
  11. Dinwoodie, Graeme B., and Rochelle C. Dreyfuss. 2012. A Neofederalist Vision of TRIPS: The Resilience of the International Intellectual Property Regime. Oxford: Oxford University Press. [Google Scholar]
  12. Dubber, Markus Dirk, Frank Pasquale, and Sunit Das. 2024. The Oxford Handbook of Ethics of AI. Oxford: Oxford University Press. [Google Scholar]
  13. Dunn, Michael C., Isabel CH Clare, and Anthony J. Holland. 2008. To empower or to protect? Constructing the ‘vulnerable adult’ in English law and public policy. Legal Studies 28: 234–53. [Google Scholar] [CrossRef] [PubMed]
  14. European Commission. 2013. Directive (EU) 2016/943. Available online: https://eur-lex.europa.eu/eli/dir/2016/943/oj/eng (accessed on 17 December 2025).
  15. European Commission High-Level Expert Group on AI. 2019. Ethics Guidelines for Trustworthy Artificial Intelligence. Available online: https://digital-strategy.ec.europa.eu/en/policies/expert-group-ai (accessed on 20 November 2025).
  16. European Union. 2024a. AI Act. Brussels: European Union. [Google Scholar]
  17. European Union. 2024b. Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 Laying Down Harmonised Rules on Artificial Intelligence (Artificial Intelligence Act) and Amending Certain Union Legislative Acts. Brussels: European Union. [Google Scholar]
  18. Fineman, Martha Albertson. 2008. The vulnerable subject: Anchoring equality in the human condition. Yale Journal of Law and Feminism 20: 1–23. [Google Scholar]
  19. Herzog, Lisa. 2024. Algorithmic Bias and Access to Opportunities. In The Oxford Handbook of Digital Ethics. Oxford: Oxford University Press. [Google Scholar]
  20. Hughes, Justin, and Margo A. Bagley. 2025. Secret Traditions as Trade Secrets. Harvard International Law Journal 66: 25–34. [Google Scholar]
  21. Kaufman, Dora. 2021. Inteligência Artificial e os desafios éticos: A restrita aplicabilidade dos princípios gerais para nortear o ecossistema de IA. PAULUS: Revista de Comunicação da FAPCOM 5: 73–84. [Google Scholar]
  22. Kaufman, Dora. 2022. Desmistificando a Inteligência Artificial. Belo Horizonte: Grupo Editorial Autêntica. [Google Scholar]
  23. Kaufman, Dora. 2024. Logic and foundations of artificial intelligence and society’s reactions to maximize benefits and mitigate harm. Filosofia Unisinos 25: e25110. [Google Scholar] [CrossRef]
  24. Kelsey, Jane. 2018. How a TPP-Style E-commerce Outcome in the WTO Would Endanger the Development Dimension of the GATS Acquis (and Potentially the WTO). Journal of International Economic Law 21: 273–95. [Google Scholar] [CrossRef]
  25. Lange, Margaret Meek, Wendy Rogers, and Susan Dodds. 2013. Vulnerability in research ethics: A way forward. Bioethics 27: 333–40. [Google Scholar] [CrossRef] [PubMed]
  26. Mackenzie, Catriona, Wendy Rogers, and Susan Dodds, eds. 2014. Vulnerability: New Essays in Ethics and Feminist Philosophy. Oxford: Oxford University Press. [Google Scholar]
  27. Mitchell, Andrew D., and Neha Mishra. 2019. Regulating cross-border data flows in a data-driven world: How WTO law can contribute. Journal of International Economic Law 22: 389–416. [Google Scholar] [CrossRef]
  28. Mullainathan, Sendhil, and Eldar Shafir. 2013. Decision making and policy in contexts of poverty. Behavioral Foundations of Public Policy 16: 281–300. [Google Scholar]
  29. OECD. 2019. OECD Principles on Artificial Intelligence. Paris: OECD. [Google Scholar]
  30. Russell, Stuart, and Peter Norvig. 2020. Decision trees. Artificial Intelligence 3: 29. [Google Scholar]
  31. UNESCO. 2021. Recommendation on the Ethics of Artificial Intelligence. Paper presented at General Conference of UNESCO at its 41st Session, Paris, France, November 23. [Google Scholar]
  32. Wachter, Sandra, Brent Mittelstadt, and Luciano Floridi. 2017. Why a right to explanation of automated decision-making does not exist in the general data protection regulation. International Data Privacy Law 7: 76–99. [Google Scholar] [CrossRef]
  33. Wiggins, Susan. 2013. Assessing relational depth: Developing the Relational Depth Inventory. In Relational Depth: New Perspectives and Developments. London: Bloomsbury, pp. 49–61. [Google Scholar]
  34. WIPO. 2024. WIPO Guide to Trade Secrets and Innovation. Geneva: WIPO. Available online: https://www.wto.org/english/docs_e/legal_e/27-trips_01_e.htm (accessed on 21 December 2025).
  35. Young, Iris Marion. 2011. Responsibility for Justice. Oxford: Oxford University Press. [Google Scholar]
1
As the United Nation’s specialized agency for intellectual property, WIPO occupies a pivotal institutional position in processes of IP-law harmonisation. It administers a broad architecture of IP treaties and global protection systems, facilitating transnational reliance on shared procedural and institutional standards. It also provides an ongoing multilateral venue in which states exchange practices, develop common approaches, and negotiate the progressive international development of IP norms through standing committees. In the specific domain of trade secret protection, WIPO’s guidance materials play a “soft-law” standardizing function by synthesizing baseline international commitments and translating them into relatively uniform criteria that can be incorporated into domestic legal frameworks. The WIPO Guide to Trade Secrets and Innovation explicitly frames modern trade secret laws as built on the TRIPS Agreement, including Article 39, as the minimum protection benchmark for WTO members. It also provides TRIPS with referenced signposts to assist policymakers and practitioners. In doing so, it reinforces convergence in national approaches to confidential information, an increasingly strategic category in AI-intensive sectors.
2
One example of the impact of this problem is the massive data leak that occurred in Brazil in 2021, which exposed information on 223 million CPF holders, including data belonging to deceased individuals. This leak compromised sensitive information such as full name, address, history of government benefits, facial photographs, income tax returns, educational background, credit scores, and public service records. This situation illustrates how people from different social classes can all be vulnerable when it comes to data protection.
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Fontanela, C.; Costa, T.A.; Marocco, A.d.A.L. Harmonising Trade Secret Protection in AI: Innovation, Opacity and Digital Vulnerability. Laws 2026, 15, 34. https://doi.org/10.3390/laws15020034

AMA Style

Fontanela C, Costa TA, Marocco AdAL. Harmonising Trade Secret Protection in AI: Innovation, Opacity and Digital Vulnerability. Laws. 2026; 15(2):34. https://doi.org/10.3390/laws15020034

Chicago/Turabian Style

Fontanela, Cristiani, Thaís Alves Costa, and Andréa de Almeida Leite Marocco. 2026. "Harmonising Trade Secret Protection in AI: Innovation, Opacity and Digital Vulnerability" Laws 15, no. 2: 34. https://doi.org/10.3390/laws15020034

APA Style

Fontanela, C., Costa, T. A., & Marocco, A. d. A. L. (2026). Harmonising Trade Secret Protection in AI: Innovation, Opacity and Digital Vulnerability. Laws, 15(2), 34. https://doi.org/10.3390/laws15020034

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop