Corporate espionage occurs more often than you may think. Theft of trade secrets and unfair competition are usually at play. Let’s say your business is working on a new design for an outdated product. Or, developed a more efficient, cleaner process. Or, created a disruptive technology that will cause a dynamic shift in its industry. It has the potential to make a lot of money. It will change the existing norms.
Perhaps well established market leaders will lose market share as a result. Maybe it’s one of those products, processes or technologies that has applications in several industries. It will change how people live their lives. It will fill a gap that has long needed to be addressed. It’s a design, process or technology that leaves others green with envy. And, those who tried to create it and failed are NOT very happy for your company’s success. This is the type of breakthrough that can create the perfect storm for a corporate espionage attack.
What is Corporate Espionage
According to the U.S. Naval Warfare College, corporate espionage is defined as “the unlawful theft/acquisition of intellectual property, such as key trade secret and patent information as well as industrial manufacturing techniques and processes, ideas and formulas.”
Corporate espionage is often referred to as industrial espionage or economic espionage. But, corporate espionage is a bit different than industrial espionage or even economic espionage. Why? Because it is not typically theft targeting multiple companies within a specific industry. And, it is also not economic espionage that is focused on theft by or for a foreign country for economic gain.
What Are Typical Corporate Espionage Tactics
- Targeting a specific company(s) (often by a competitor);
- Targeting a specific type of intellectual property (IP);
- Soliciting or targeting personnel involved in the creation, development and/or management of the IP or those who have special access to the targeted information;
- Penetrating or partnering with the target’s supplier(s) who may have access to proprietary design(s), developed proprietary process(es), etc.;
- Using intelligence gathering techniques often under the guise of a false narrative;
- Sabotaging the efforts of the targeted company(s);
- Attempting to be the first to commercialize and monetize the IP; and/or
- Unfair competition that may cause or contribute to the ultimate failure of targeted company(s).
Below are a few recent cases of corporate espionage:
2022: Appian Corp. wins $2 billion trade secret verdict against Pegasystems Inc.
Pegasystems Inc. recruited Appian’s developer, who had access to confidential code, and used this access to mine for architecture and design trade secrets.
2022: Life Spine, Inc. v. Aegis Spine, Inc. for stealing trade secrets.
It is alleged that Aegis stole Life Spine’s trade secrets so it could develop a competing spine device.
2021: Oakwood Lab’s LLC versus Thanoo for trade secrets misappropriation under the DTSA.
It is alleged that a former employee for Oakwood’s microsphere project (20-year, $130 million project) was recruited for the purpose of developing the same product for the competitor using Oakwood’s trade secrets.
2021: MD Helicopters, Inc. v. Aerometals, Inc. for unfair competition.
Aerometals, Inc. is alleged to have used MD Helicopters, Inc. proprietary and copyright protected OEM drawings to unfairly compete in the civilian airplane parts market.
2020: Five Star Gourmet Foods, Inc. v. Ready Pac Foods, Inc. et al, for design patent infringement , trade dress infringement and violation of California’s unfair competition law.
Five Star has accused the defendant(s) of misappropriating trade secrets and replicating them at the defendant(s)’ salad production facility in violation of Five Star’s patent.
How to Prevent Corporate Espionage
Preventing corporate espionage requires a plan, hard work and continual diligence. Honestly, there is no 100% full proof way to prevent it. But, there are steps that a company(s) can take to strengthen their defenses.
Initial Steps to Take to Prevent Corporate Espionage
- Develop and/or update physical security, electronic security and cyber security protections for the company. If executives or team member(s) work from home, be sure to include these area(s) in the programs as well. Also, have a reputable third party test or audit the programs. And, be sure to make modifications to the processes and/or programs as needed to maintain effectiveness.
- Take the time to understand what trade secret information is and how to protect it. Study the Defend Trade Secrets Act which creates a federal, private and civil cause of action for trade secret misappropriation. And, if you are in Florida study the New Florida Corporate Espionage Act. As well, read court cases and examine motions, ruling and awards. Understand how the court(s) considers evidence, accepts/rejects motions, rules on the cases and awards damages. Apply measures that have resulted in effective protections in the opinion of the courts.
- Use a reputable attorney/ law firm to develop needed legal agreements [e.g. Non-Disclosure Agreement(s) (NDA), Non-Compete Agreement(s) (NCA), etc.]
- Hire an attorney/law firm to examine your intellectual property (IP) protections for sufficiency from a legal perspective and to make recommendations for changes to ensure effectiveness. The attorney should have successfully won intellectual property theft cases and awards.
- Put the safeguards the attorney recommends in place to protect the company’s intellectual property. Periodically examine their effectiveness and make adjustments as needed to ensure the protections remain current and effective.
- And, if you will be filing patent(s), hire a reputable patent attorney who has successfully prosecuted utility and design patents before USPTO, and other worldwide patent agency(s) as applicable. The patent attorney should only disclose enough information for the invention filing to be truthful and patentable in the eyes of patent authority. Do not disclose more information than is absolutely necessary in the patent application and replies. Remember that the information submitted is posted on the patent authority’s website long before the patent is issued.
Additional Steps To Take to Prevent Corporate Espionage
- Carefully vet potential employee(s), business partner(s), suppliers(s), etc. Include OSINT information to identify relationships or associations that are cause for concern or caution. References provided by the party shouldn’t be the only, or most heavily relied, upon source of information.
- Make sure everyone that will have access to your trade secret information (even small parts of the IP) signs a rock solid NDA and a NCA. And, if your attorney recommends other related actions, take them.
- Perform a review of lawsuits filed by or against potential employee(s), supplier(s), business partner(s), etc., especially those cases related to trade secret information and unfair competition. Know with whom you are considering trusting your valuable IP.
- Proceed with extreme caution if a company or individual approaches your company or your leadership about buying the company or making an investment in the company. Disclosure of highly privileged information is required during this process. First, we suggest you have the company and/or individual(s) checked out very well before even committing to entertaining the offer. And, second contact your attorney(s) for information about how you can best protect the company’s information during this process. Sometimes a purchase or investment offer is merely an information gather activity with underlying nefarious intent.
- Lastly, perform periodic TSCM surveys (bug sweeps) of C-Suite offices, conference room(s), sales office(s), R & D area(s), etc. This can be particularly important before and after important meetings with third parties, reviews of R & D milestones, prior to sales strategy meetings, etc. If there is a bugging device(s) within microphone or camera range of the area where the info is shared . . . the disclosure of information is no longer controlled to those authorized to have access to the information who are bound by an NDA, NCA, etc.
About the Author:
J.D. LeaSure, CCISM, is the President / CEO of ComSec LLC, a global provider of world class counterespionage and TSCM / Cyber TSCM™ services. www.ComSecLLc.com