The same transparency of information that makes companies vulnerable to the theft of trade secrets makes it easier to catch the thieves.
That’s a lesson senior executives could learn from the apprehension earlier this month of three men who allegedly stole source code and software from Lucent Technologies.
The men—two Lucent software developers and an executive from another company—had enough access and knowledge to allegedly steal the technology secrets, place them on an outside server, and sell plans based on the technology to a Chinese company.
Yet clever as they seemed to be, they may have been a gang that couldn’t shoot straight, in Jimmy Breslin’s phrase. Their alleged setup of the rogue server on the Internet–although it’s password protected–probably made them easily traceable, as did their frequent communication via company E-mail.
“The arrests underscore concern over industrial espionage at a time when new technologies have made it easier to transfer proprietary information,”The New York Timesreported. “But technology also makes such efforts easier to detect: prosecutors are basing their case on e-mail traffic monitored by the F.B.I.”
Lucent doesn’t want to talk about how it protects its intellectual property (IP). But Assistant U.S. Attorney Scott Christie, who represents the government in the case, confirmed that “we received a bunch of information from Lucent,” including E-mails, that lent support to the company’s theories about the theft.
On Monday, bail was set at $900,000 for each defendant. The criminal complaint in U.S. District Court in Newark, N.J. charges that the men persuaded Datang Telecom Technology, which is majority owned by the Chinese government, to set up a joint venture and provide $1.2 million in venture capital.
The joint venture was to allegedly have sold a knockoff of PathStar, a system designed to enable Internet service providers to offer low- cost voice and data services.
Often communicating among themselves and with Datang via E-mail, the defendants allegedly hatched a plan for the joint venture to become a vast telecommunications company, “the Cisco of China,” with initial public offerings in both the United States and China.
Lucent has no way of knowing how much of its alleged stolen IP is still at large. But its loss-control efforts seem to have done their job.
From the point of view of the Murray Hill, N.J.-based telecommunications company, things could have been much worse.
In a few months, Lucent executives might well have awakened to the fact that a new “Cisco China” was setting up a system identical to PathStar, IP lawyer Richard G. Gervase tells CFO.com.
It’s hard to gauge how big a loss Lucent, which earned about $33.6 billion in revenues last year, stood to suffer. PathStar generated sales of about $100 million in 2000, but Lucent recently reportedly discontinued it.
Did the alleged theft, which Lucent apparently was internally investigating at the time, have anything to do with the discontinuation? Lucent isn’t saying, but it’s fair to say it might have played a role.
At any rate, Gervase, a partner with Mintz, Levin, Cohn, Ferris, Glovsky, and Popeo, in New York City, who has done previous work for Lucent, thinks most companies wouldn’t have caught the problem before the joint venture took hold in China. “Historically, Lucent has been very good at protecting intellectual property,” he says.
But there will always be cracks in the systems, experts agree. Nevertheless, there are steps senior executives can take to prevent IP thefts or minimize losses when they occur.
Do you have a trade secret?
The first step, Gervase advises, is to decide whether the IP should be protected under patent law or trade-secret law.
If the executive feels the company can file for a patent for the IP, then there’s no trade secret to be concerned about.
Patent law is “a powerful tool” which provides a company with a temporary “monopoly” for its idea, a fixed term of 20 years in which no one else can benefit from it, the lawyer notes.
In return, however, “the U.S. government requires you to fully disclose your patent invention to the public,” he adds.
In contrast, protection under trade-secret law could last indefinitely. But “the problem with trade-secret law is that if you don’t keep [your IP] secret, you lose all protection,” Gervase says.
If a company chooses to keep its IP secret, it should allow access to only to those who have a need to know about it. Providing access to fewer people makes it easier to track violators, he adds.
In terms of human resources, employers should get employees with access to the IP to sign confidentiality agreements. The contracts should include a clause enabling the employer to get an injunction barring further disclosure if a breach occurs, the attorney advises.
Executives should also get employees to sign over the rights to IP they produce during their employment. Employees should also spell out their pre-existing inventions in the contract so as to avoid disputes in which the employee claims, “Oh no, I came up with this on my own before I was employed by you,” Gervase says.
Employers should also check external and internal E-mails for “anomalous behavior,” such as messages to competitors or to “high- risk countries” like China or Russia, he says. Gervase acknowledges that that “could raise some privacy issues” even though employers are legally entitled to check.
Nevertheless, “no matter how many precautions you put in, no matter how many security checks,” intelligent employees can violate them, he says. “So you want to have a crystal-clear paper trail.”
The alleged PathStar thieves provided one with their brisk E- mailing. For employers, transparency has its advantages as well as its perils.