March 2019 ~ “Rob, replicate, replace” ~ the Chinese philosophy!
The pattern continues! Following last month’s reports of Chinese state-sponsored IP theft from western firms, Coca-Cola now admits that it is one of two companies which suffered trade-secrets thefts amounting to $120m. According to US prosecutors, an employee stole technology, including the composition of the inside coating of drinks cans, which she sold to a state-backed company in China which also rewarded her with part-ownership of the firm. Sending a message to the Chinese, Assistant Attorney General John Demers said, “The conduct alleged in today’s indictment exemplifies the rob, replicate and replace approach to technological development.” He continued by saying that the Chinese Government “solicits and rewards such theft.”
February 2019 ~ ‘When will they ever learn?’
. . . sang Pete Seeger. Following on from last month’s blog about a UK case of valuable IP being spirited away to China, Apple has just admitted that an employee has breached their autonomous vehicle self-drive system which is under development amid ‘top-security’. He was arrested by the FBI as he planned to board a flight to China, on the very same day that the US Government accused the Chinese tech-giant, Huawei, of stealing trade secrets.
The Huawei warning came as a belated response to the 2017 National Intelligence Law passed in China that dictates organisations must “support, co-operate and collaborate with” the country’s spy agencies.
Based in Shenzhen, the ‘counterfeit capital of the world’, the ever-expanding Huawei was founded by a former military officer. His daughter, the chief financial officer, was recently arrested in the West when it was alleged that she lied to US banks about the company’s sanction-breaking links with Iran. Despite the head of MI6 admitting that Huawei’s forthcoming 5G networks will make monitoring security more difficult, the UK has failed to fall into line with the US, Australia and New Zealand, who have all blocked local firms from using the tech-giant to provide the technology for their 5G networks.
Returning to the Apple story, this is the second major case in the past six months relating to a Chinese employee waltzing off with their secrets. This time it involves a new-recruit to the electrical engineering team. According to the criminal complaint filed by the FBI, he had full access to a subset of the databases related to his job function on the project and was seemingly allowed to take his personal mobile phone into the restricted area. He had duly attended the in-house induction secrecy-training course last June, yet within a week, a photo of an assembly drawing was on his phone. It came to light just last month, when another employee spotted him taking photos. The drawing was subsequently found to be one of 100 taken in the restricted area. The photos were deleted in his presence . . . . and the phone returned to him!
A fuller investigation, however, revealed that the employee had downloaded over 2000 files containing “confidential and proprietary Apple material, including manuals, schematics, and diagrams.” All had been backed up to his personal hard-drive. Prosecutors have also revealed that the employee failed to tell Apple he had applied for a job with a China-based autonomous vehicle company.
Every company which values its IP is most at threat from within . . . from the employee who, for whatever reason, wants to steal vital trade secrets. But the best monitoring audit system (MAS) in the world won’t detect the worker who has been allowed to take a phone-camera or similar onto a restricted site. So where have all the secrets gone? When will they ever learn?
January 2019 ~ Justice . . . if you can afford it!
If you are the victim of fraud in the UK, the probability is that Law Enforcement will find every excuse under the sun to do nothing. If you are a UK hedge fund company that has a “Zero Tolerance” approach to the theft of its IP, coupled with the funds to take out a private prosecution, then justice is achievable. Here’s a tale where the police did, at least, try to help.
In 2012, a maths prodigy is employed by the UK hedge fund. It seems that two years later, being dissatisfied with his £400k bonus, he chooses to move on, but not without allegedly leaving with some of his employers’ trade secrets by way of documents and electronic devices. The employers act fast, immediately getting a court order demanding the return of their property. The court orders the miscreant to return his passport, however, he is already on a flight to Hong Kong. A Hong Kong court bans his travel, but he goes to the Chinese border and hands over a desktop computer and three laptops to his wife’s parents. Investigators find him at his wife’s law firm in Hong Kong, but he denies having any devices except his iPhone. Meantime, back in London, the employer files a complaint with UK police who search the absconder’s flat, but find nothing. Nevertheless, they notify the Hong Kong authorities and the man is arrested. Extradition is requested and he man returns to face the courts. A judge orders the man to give up the confidential information and to reveal to whom the information was passed. He refuses and is sentenced to 13 months imprisonment. It’s as far as the authorities will go, so the “private prosecution” option kicks in.
If the Crown chooses not to devote public resources to a case, the victim can ‘Privately Prosecute” the case. With the help of private investigators, lawyers, and IT specialists, the employers put the case together and, a month prior to release, the man is charged with five counts relating to the stolen data. In remote testimony from China, the parents claim they have dumped the hardware in a river. Unbeknown to them, they have been under surveillance by the investigators for 11 months. The mother’s evidence is discredited and the man is convicted on two counts of failing to disclose where the trade secrets have gone. He is sentenced to 18 months.
This is not the end of the tale. Towards the end of the prison sentence, the employer starts further legal action against the man for breaching his confidentiality agreement, filing an action requiring him to stay in the UK. Lawyers make the additional argument that his continued failure to reveal what he’s done with the trade secrets is a contempt. He is sentenced to a further 13 months in prison. He is still there!
The message is clear . . . the resolve of this victim company was matched with their ability to bear the expense of a thorough private investigation and resultant litigation.