In recent years, U.S. companies have lost more than $300 billion in revenues because of intellectual property theft. One former National Security Agency Director characterized the loss of industrial secrets through cybercrime as the “greatest transfer of wealth in history.” Recognizing this growing threat, in 2016 in an act of overwhelming bipartisanship, Congress passed the Defend Trade Secrets Act (DTSA), which became law on May 16, 2016.
The DTSA created a federal civil claim for the misappropriation of trade secrets for products and services in interstate and foreign commerce. Previously state laws, such as Pennsylvania’s Uniform Trade Secrets Act, governed trade secret theft. In addition to the standard injunctive relief and damages available in a civil suit, the DTSA affords companies with direct access to Federal Court, more consistent law, foreign application, as well as other significant remedies including the ex parte seizure of the company’s stolen assets, and treble damages for willful theft and attorneys’ fees.
While media attention often focuses on foreign actors, the majority of I.P. theft occurs from inside the company by current or soon-to-be former employees, typically heading to work for a competitor or to start a new competing business. In these cases, departing employees, with access to highly confidential information, regularly forward company I.P. and trade secrets to personal email accounts, copy them to flash drives, back-up drives or cloud storage such as Dropbox, using the company’s own computers and systems to accomplish the theft. Market forecasts, pricing information, product prototypes, source code, service or product testing data and more are walking out the door with departing employees.
Armed with these facts, which typically includes an expert affidavit setting forth the digital evidence from the former employee’s company computer that establishes the theft, the company can go quickly and directly to Federal Court under the DTSA for a temporary restraining order (TRO) to stop the use and dissemination of this critical information, as well as an ex parte seizure order for its return.
Working with companies, Blank Rome and bit-x-bit regularly investigate I.P. theft and prosecute claims on behalf of their clients locally, as well as in courts across the U.S., including California, Colorado, Mississippi, North Carolina and Washington. In the typical insider employee theft case, a disgruntled employee begins by looking for new employment, starts interviewing for a new position with competitors, accepts a job with a competitor and then steals trade secret and confidential information that will be helpful in his or her employment with the new employer.
The investigation begins with a forensic examination of the employee’s own company computer. Electronic evidence is then identified to create the timeline of significant events involved in the theft. This may include evidence of initial interviews with the competitor which was arranged via a personal email account, the dates and times (to the very second) when flash drives and backup drives were inserted into the computer to steal trade secrets, when critical documents were copied from the company’s file server, setting up and accessing a new Dropbox account for the uploading of trade secrets to Dropbox, as well as text messages with the new boss at the competitor.
Armed with these facts, which typically includes an expert affidavit setting forth the digital evidence from the former employee’s company computer that establishes the theft, the company can go quickly and directly to Federal Court under the DTSA for a temporary restraining order (TRO) to stop the use and dissemination of this critical information, as well as an ex parte seizure order for its return. Unable to refute or explain away the usually overwhelming electronic evidence of the theft, settlements are often negotiated quickly to avoid more injury and propagation of the company’s trade secrets and I.P. The settlement typically includes the use of a forensic digital expert to trace, find and destroy the stolen trade secrets in the possession of the former employer and possibly new employer. All the possible electronic repositories from personal email accounts, personal and business computers, mobile devices, cloud storage and backups are searched for the company’s trade secrets and then removed.
As companies become more aware of this threat and potential loss, many routinely examine mid- to high-level departing employees’ company computers and mobile devices to ensure that their trade secrets have not been stolen. What was once the exception to the protocol for a departing employee is rapidly becoming the rule.
For more information on this topic, listen to Ardisson and Butcher on TechVibe Radio at https://pghtechfuse.com/podcasts/bit-x-bit-overviews-defend-trade-secret-acrt/.By Susan Ardisson, bit-x-bit, LLC & Jayme Butcher, Blank Rome LLP
About the authors:
Susan Ardisson, Esq., is the CEO of bit-x-bit, LLC, a certified women-owned business. bit-x-bit is a digital forensics and electronic discovery consulting firm in Pittsburgh, which has investigated hundreds of trade secret theft matters and provided expert testimony in scores of cases.
Jayme Butcher, Esq., is a partner at Blank Rome, LLP. Ms. Butcher concentrates her practice in the areas of complex commercial litigation, including trade secret and non-competition law, in state and federal courts throughout the country.
The IP Commission Report, The Report of the Commission of the Theft of American Intellectual Property, The National Bureau of Asian Research (May 2013); See also, 2017 Update to the IP Commission Report.