December 17, 2017

Congress Again Considers Civil Trade Secrets Legislation

Its that time of the year again when Congress considers legislation that would provide for civil remedies for theft of trade secrets. The Defend Trade Secrets Act of 2015 (S. 1890 and H.R. 3326) introduced on July 29, 2015, is based on the same standards for trade secret protection, and remedies for misappropriation, that are found in the Uniform Trade Secrets Act and the Economic Espionage Act of 1996 (“EEA”).
While similar attempts to pass such legislation have failed almost on a yearly basis, this year may finally prove different since the current legislation is supported by companies and associations in a broad array of industries, including biopharmaceutical, software, semiconductors, consumer goods, medical devices, automobiles, heavy equipment, chemicals, aerospace and agriculture. In addition, there is a new found recognition of the importance to protect trade secrets as a complement to the already existing federal statutes that protect trademarks, copyrights and patents

The Defend Trade Secrets Act would create a uniform, national standard for trade secret misappropriation, harmonizing U.S. law, and provide companies with the ability to protect themselves. In limited circumstances, the law would provide for ex parte seizure relief when time is of the essence and the thief would not obey an injunction.

Last year, Sen. Orrin Hatch, R-Utah, and Sen. Christopher Coons, D-Del., introduced the Defend Trade Secrets Act of 2014 (S. 2267), and similar legislation, the Trade Secrets Protection Act of 2014 (H.R. 5233), was subsequently introduced in the House of Representatives. Both the Senate and House Committees on the Judiciary held hearings on the legislation. The House Judiciary Committee voted without dissent to report the bill favorably just before the elections, and it was never considered by the full House.

The legislation, introduced last week by Sens. Hatch and Coons and four other senators in the Senate, and by Rep. Doug Collins, R-Ga., and Rep. Jerrold Nadler, D-N.Y., with 14 cosponsors in the House. It reflects a consensus that among our most valuable currency in the global marketplace is our knowledge and creativity.


Collection Of Information By 5 Largest Tech Companies

The revelations by Edward Snowden about the NSA’s collection of “metadata” on every phone call that is made in the U.S. has led to concerns about whether the government should be collecting this type of information and whether there are adequate safeguards as when and how the government may be permitted to use the information. Putting aside the host of legal and security issues associated with this program, most Americans probably still are not aware that, for example, the five largest tech companies, Google, Facebook, Apple, Amazon, and Yahoo collect information that contains far more personal details, and is available to the government for the asking. While the exact types of data collected differs somewhat amongst these tech giants, nearly all collect “ad clicks,” “browser information,” email addresses” “IP addresses,” “phone numbers,” “search queries,” etc. The companies aren’t stealing this information but are obtaining it without cost from users, who either don’t care or haven’t taken the time to read the privacy policies of the tech companies which give the companies free access to this information.

Perhaps, what is equally disturbing about the companies’ unfettered use of the information is the very limited legal protection given to such information. The primary and most important federal privacy law in the United States, The Stored Communications Act (SCA), which was originally enacted in 1986, to govern the privacy of computer network communications and grants Internet users a set of statutory privacy rights that limit the government’s power to access a person’s communications and records, but does not cover, for example, search queries. In other words, search records, such as whether a person visited a website for alcohol or drug addiction centers can be disclosed to the government without even a subpoena.

Moreover, while standing alone, each of the type of data may only pose a limited threat to an individual’s privacy, by combining the different types of data generates a precise, comprehensive record of a person’s public movements that reflects a wealth of detail about familial, political, professional, religious, and sexual associations that can be stored and mined for information years into the future, not only by the companies but by the government as well. Thus, if the search query for drug addiction or alcohol treatment is combined with ad clicks and phone numbers, a much more complete profile of the user is generated which is freely available to the government. Because the information can be acquired by the government at little or no cost there is no monetary restraint on the information collected by the government which can lead to the government having access a substantial quantum of information about any person whom the government wishes and may “’alter the relationship between citizen and government in a way that is inimical to democratic.”

James Madison, the principal author of the Bill of Rights, is reported to have observed, “Since the general civilization of mankind, I believe there are more instances of the abridgement of freedom by the people by gradual and silent encroachments by those in power than by violent and sudden usurpations.” Indeed, this data that can be freely obtained by the government at virtually no lower cost is just the type of “gradual and silent encroachment” into the very details of our lives that we as a society must be vigilant to prevent. Congress should carefully consider whether there should be limits on whether the government can obtain this information and how the information can be obtained. It is too important an issue for the government to decide without the knowledge and consent of the American public.

The Anti–Innovation Patent Act of 2015

Patent rights in the United States have been steadily eroding for a number of years. Decisions by the Roberts’ Supreme Court and the four-year old America Invents Act have substantially weakened the rights of patent owners. Now, Congress is on the verge of passing major revisions to the Patent Act, which, if enacted, would be a blunder of historical proportions and would pose a threat to American innovation. Large corporations have been able to convince Congress and the public, through a well-funded, organized and misleading PR campaign, that innovation is being threatened by patent troll, entities that abuse the system by extorting settlements and by bringing frivolous lawsuits. Indeed, the opposite is true. Without strong patent protection, venture capitalists and other investors will no longer want to take the risk of investing in companies whose value is based on technology that is difficult to protect under U.S. patent law. Many large universities that depend on revenue from licensing their patents to make up for decreasing federal funding will have significant financial short falls. Technology will suffer and jobs will be lost.

At a basic level it is not clear whether there is even a legitimate issue that needs to be addressed. Ostensibly, the PATENT Act in the Senate and the Innovation Act in the House are aimed to curb the practice of patent trolls, which, among other things, has allegedly caused a large increase in patent litigation and, consequently, imposes an unnecessary cost on legitimate businesses. However, the evidence suggests that patent litigation is actually on the downswing According to a recent Pricewaterhouse Coopers patent litigation survey the number of patent cases filed in 2014 dropped 13% as compared to 2013, after doubling between 2009 and 2013. [Read more…]

The St. Louis ‘Jailbirds’

This article first appeared in Yahoo Finance.

As was first reported by the New York Times, the FBI and Justice Department are investigating whether St. Louis Cardinals employees illegally hacked into networks owned and operated by the Houston Astros. The information allegedly obtained by the Cardinals contained information about potential trades, player evaluations and statistics. At least one commentator on ESPN has suggested that if the information was not the “work of significant efforts by Astros officials . . . not available elsewhere” and “if the Cardinals’ activity was just a dirty trick or an attempt at getting even with a former colleague, the hacking might not qualify as a crime.” This understanding is just plain wrong with regard to computer hacking and, if the information was not publicly available, the government may be able to also charge theft of trade secrets.

The case, believed to be the first corporate espionage case involving two professional sports teams may create a legal nightmare for the Cardinals and those employees who were involved in it, especially if higher level Cardinal employees were involved or had knowledge of the activity. In particular, the Cardinals and their employees may be subject to criminal liability under the Computer Fraud and Abuse Act (CFAA) and the Economic Espionage Act (EEA). This case is different however from cases where a company steals trade secrets from another company and the victim company can also bring a civil suit for damages because Major League Baseball by-laws do not permit one team from suing another team civilly, although under federal criminal laws the Astros as the victim would be entitled to restitution from the Cardinals for the amount of damage caused by the Redbirds.

First, with regard to potential criminal liability under the CFAA, the most relevant section prohibits anyone from “intentionally” accessing “a protected computer without authorization or in excess of authorization” and, thereby “obtained information.” There is no requirement that the information be “proprietary, non-public information” information, or that it is “the work product of significant efforts by Astros officials . . . not available elsewhere.” It simply must be information and there is no requirement that they “knew the were committing a crime,” or that they didn’t just see this as a “dirty trick.” Further, the term “obtained information” includes merely viewing information online. Even if the Cardinals breach was an unsophisticated effort, the circumvention of password requirements likely violates the CFAA.

However, without more, this only establishes that the Cardinals’ employees committed a misdemeanor and it is commonly understood that federal prosecutors are reluctant to charge misdemeanors, although in this case, given the notoriety of the matter, they may make an exception. Further, where the crime is committed for “purposes of commercial advantage or private personal gain,” the offense becomes a felony. Here, it seems likely that the offense was committed in order to provide the Cardinals with a competitive edge on the field, which would certainly qualify as “commercial advantage” and would provide the basis to bring felony charges. [Read more…]

Answers to Questions Regarding Chinese Economic Espionage

Over the past few weeks I have been interviewed by a number of Chinese media sources which are very concerned about the recent indictments in the U.S. of Chinese nationals. The indictments occurred shortly after the U.S. dropped similar charges against Sherry Chen, a Chinese-American, who worked for the National Weather Service before before being accused of espionage. The media in China has been extremely harsh in its coverage of these events and has claimed that the indictments are politically motivated and are also the result of anti-Chinese bias in the U.S. Below are questions I received from a reporter at China Daily and my answers to his questions.

Hello! I am Yilun Cheng from China Daily. I know that you have great expertise in industrial espionage and has been concerned with Chinese American issues, and I hope you can answer me a few questions on the latest case of six Chinese nationals arrested under the charge of economic espionage last Wednesday. 

Firstly, I am aware that you remain skeptical toward the espionage case against Chinese American Sherry Chen, and suspect that the arrest involved discrimination based on national origins. Do you think this case is of the same nature? Does “red scare” play a part?

It is difficult to say at this stage that this case is of the same nature as the Sherry Chen case, but everything that I’ve read about it suggests that it is not. Unlike, the Chen case, the government alleges that there was direct involvement by a Chinese state entity. This is a very serious allegation and will be very difficult for the government to prove. As a former federal prosecutor, who prosecuted one of the first cases in this area, I know how things work and I do not believe that such a charge would be made without high level approval and, more importantly, would not be brought unless the government believed that it had strong evidence to support the allegation. I do not believe that national origin played a role in bringing these charges. Over the past five years the majority of economic espionage cases involve a “China” connection. I do not believe that bringing these cases involved a “red scare,” rather the pattern of cases suggest that Chinese companies and certain Chinese state entities are targeting the trade secrets and intellectual property of U.S. companies. In many areas Chinese technology is simply less sophisticated than U.S. technology and it is far easier and less expensive for Chinese companies to steal technology than to develop it on their own. To explain most of the cases in terms other than this is being intellectually dishonest. Just because the U.S. government may have acted improperly in one case does not mean that the government is acting improperly in any other case. Again, it is wrong to suggest otherwise.

Also, a lot of Chinese citizens think that even if the charge turns out to be true, it is not espionage but only a matter of intellectual property. Do you agree that the prosecutor is overly exaggerating and politicizing the problem?

 No, I do not agree that this is a trivial problem. The U.S. remains the strongest economy in the world and is still the birthplace of the majority of major scientific and medical advancements. Much of this success is due to the high level of protection we accord intellectual property, including trade secrets. Unlike in China, protecting intellectual property is not a new concept in the U.S. but the protection of patents and copyrights is contained in our constitution which was written over 200 years ago. The U.S. has successfully balanced the public’s right to access new technology and inventions with the right of the inventor to financially profit from his work. If intellectual property is stolen, it is depriving inventors of what is rightfully theirs and creates a disincentive to create new and greater inventions. To suggest that it is only intellectual property fails to understand the importance that IP plays and has played in the success of the economy of the US. Intellectual property may be the most important asset of the U.S. and it is vital for us to continue to protect it. Once it has been stolen, especially by a foreign entity, it is very difficult to recover. Perhaps more Chinese will better appreciate the importance of IP when the shoe is on the other foot, meaning, that when non-Chinese companies are targeting Chinese companies for their IP, Chinese citizens will appreciate the importance of IP to the Chinese economy. Given the rapid strides that China is making, that day is not that far off. But until then, Chinese citizens and companies should understand that the U.S. regards the theft of Intellectual Property to be a very serious matter and should respect our laws to the same extent that Chinese citizens expect from the U.S.

Finally, do you think charges like this will antagonize Chinese Americans or Chinese nationals living in the US? Do you have any legal advice for them?

I would hope that these cases do not antagonize Chinese Americans or Chinese nationals living in the U.S. As I said earlier, I do not believe that this cases are racially motivated. They should have nothing to be concerned about so long as they obey the law. If specific questions arise in their work, they should contact a lawyer who is knowledgeable in this area for advice, such as me. Further, it is vitally important for Chinese companies who want to do business in the US or want to hire employees from the U.S. that they consult with U.S. lawyers about how to do it properly so as not be accused of illegal behavior. It is easy for companies to make mistakes if they don’t understand the law in this area and be accused of wrongdoing, however it is also easy to avoid making mistakes if the company understands the law and truly wants to follow it. It is entirely up to a company or an individual whether they wish to follow the law in this area or ignore the law and accept the consequences if they are caught: “Don’t do the crime if you don’t want to do the time.”

Not All Stolen Information Is a Trade Secret

In the past two weeks the United States has brought two cases against Chinese nationals for stealing trade secrets. First on May 21, 2015, the United States Attorney’s Office for the Central District of California unsealed a grand jury indictment against six Chinese citizens, including three who studied together at USC, over ten years ago. The indictment was unsealed when one of the six was arrested at the LA Airport while en route from China to attend a conference in the U.S. The indictment alleges violations of sections 1831 and 1832 under the Economic Espionage Act. The allegations of violations of section 1831 is particularly noteworthy because the government must prove that the theft was intended to benefit a foreign entity. The indictment claims that the men stole technology regarding how to filter unwanted noise from wireless devices such as cellphones, which is similar technology to what they had worked on while in the U.S. The theft was intended to benefit Tianjin University, a state-run educational institution. For a more detailed description of the charges, click here.

In the second case, the Chairman of the Physics department at Temple University was indicted for wire fraud in connection with providing magnesium diboride thin film superconducting technology to an entity in China.

Apart from the obvious fact that both indictments involve thefts that allegedly were intended to benefit a Chinese entity, the cases also highlight the difficulty in trade secret cases with distinguishing an individual’s use of his or her general knowledge or skill, which is permitted under the Economic Espionage Act and theft which is not. Understanding this distinction may be the difference between doing hard time in a federal penitentiary and having a long, successful and lucrative career.

The EEA does not apply to individuals who seek to capitalize on their lawfully developed knowledge, skill, or abilities. The legislative history makes clear that “the government cannot prosecute an individual for taking advantage of the general knowledge and skills or experience that he or she obtains by or during his tenure with a company. Allowing such prosecutions to go forward and allowing the risk of such charges to be brought would unduly endanger legitimate and desirable economic behavior.” The legislative history is clear that it is not enough to simply tie the theft to the defendant’s skill and experience, in order for the government to convict a defendant it must prove that “the particular material was stolen or misappropriated.”

Thus, for example, employees who change jobs cannot be prosecuted under the EEA on the grounds that they were exposed to a trade secret while employed without evidence that they misappropriated an actual trade secret. In many instances, it may be extremely difficult to distinguish between what is a protectable trade secret and what should be classified as general knowledge that an employee can take with him to a new employer and use there. Indeed, there are no standard tests to be applied. To the extent the information is known in the industry or is public then it likely should not be considered a trade secret. Whereas if the information is quite specific to the victim’s business or concerns technology that has not been made public, it is more likely to be regarded as a trade secret. In other words, what is not permitted is for employees to take confidential information about “products or processes” from their former employers to use for their, or a third party’s economic benefit. The EEA was “designed to prevent those employees (and their future employers) from taking advantage of confidential information gained, discovered, copied or taken while employed elsewhere.”

Because of the difficulty in distinguishing between the use of general knowledge and the theft of trade secrets, the government has cautioned prosecutors to be careful with charging individuals with theft of trade secrets where there is no tangible evidence of misappropriation.

A similar situation arises where an employee downloads computer files before departing for a new employer. This rightly should raise red flags with the employer but that fact standing alone does not mean that the employee has committed a crime. Under such a scenario it is a crime only when the downloaded information contained trade secrets and was not simply non-confidential information that was part of the employee’s “tool kit.” Indeed, in one instance, a defendant successfully asserted that the files he took with him to his new employer were part of his “took kit” and were not taken with the intent to economically benefit someone other than the owner of the trade secret as required by the EEA. The defendant copied 4,700 computer files belonging to his employer to an external hard drive shortly before leaving to start a job with a competitor. At trial, the defendant testified that, as was his custom when leaving one job for another, he downloaded all files relating to his work so that the would have a “tool kit,” or a reference library of his work files to draw upon in his future work. The files he downloaded contained both confidential and non-confidential information. The defendant testified that he intended to use only the non-confidential information.

The government presented evidence that the defendant accessed some of the files he downloaded while at his new job, but could not establish whether he accessed confidential information or not. The court found at a bench trial that the government failed to prove that defendant intended to convert the trade secrets to the economic benefit of someone other than his former employer. The court noted that the documents were obtained in the normal course of defendant’s employment and related to his work and then found that was nothing suspicious about the way the defendant initially obtained the documents and rejected the government’s assertion that defendant’s actions in copying files shortly before he left his job indicated that he intended to convert the trade secrets contained in the files to his own use. The court instead concluded that defendant’s actions were consistent with his “tool kit” explanation and that he amassed the information so could use the non-confidential information in the future. The court also focused on the fact that there was no evidence that the defendant attempted to delete any of the files from his former employer’s laptop, and that he accessed thousands of files on a particular day. The court also cited absence of proof that defendant had provided any trade secret information to his new employer.

It is likely that in both of these cases, the government will have to prove that information allegedly stolen by the defendants met the definition of a trade secret and that it was not simply general knowledge or part of the defendants’ tool kits. In most instances this is not an easy task.

The Assault on Patents

The United States patent system is under assault. The most significant changes to patent system in the past two centuries have been, or are in the process of being made. Congress is considering amending patent law to curtail litigation by nonpracticing entities, or “patent trolls,” as they’re pejoratively known, even though their impact on the patent system is open to debate. President Barack Obama has compared patent trolls to extortionists. And the U.S. Supreme Court ruled against patent owners in five cases this term, overturning five of the six decisions from the U.S. Court of Appeals for the Federal Circuit involving questions of patent law. The question is whether the changes and proposed changes will end up causing irreparable harm to the U.S. patent system that has been an engine of economic growth in our country and in the world for over 200 years. [Read more…]

The Administration’s Misguided Proposal to Amend the CFAA

In light of the string of high-profile hacks at companies in 2014, culminating with Sony, it is not surprising that President Obama, as part of the State of the Union, has announced several legislative proposals involving cybersecurity. One of the proposals seeks to amend the controversial Computer Fraud and Abuse Act (“CFAA”), the federal computer hacking statute that was used by the government to prosecute Aaron Swartz, who committed suicide after being charged. Swartz’s father among others blamed overzealous federal prosecutors for the suicide. Since then, commentators have urged Congress to amend the CFAA to make clear, among other things, that simply violating a term of service, as Mr. Swartz allegedly did is not a federal crime. However, it is unlikely that the White House proposal will do much to satisfy these critics since the proposal not only increases the penalties for certain types of cybercrime, but also resolves the current circuit split by explicitly providing that breaching a written restriction on computer use is a crime. Moreover, the proposal is very similar to previous White House proposals that failed to make the case that increasing penalties for certain types of cyber crime will deter future crime. While there is little doubt that the CFAA should be amended, the Administration’s proposal does not really appear to be a constructive step in that direction.

The CFAA is currently composed of a number of provisions that, in general, outlaw computer trespass under a variety of circumstances. The central and most commonly used provision is 18 U.S.C. § 1030(a)(2), which broadly prohibits accessing a computer “without authorization” or “in excess of authorization” and obtaining information. Since the statue does not define “without authorization,” courts have grappled and split on what it means to access a computer without authorization. [Read more…]

Privacy Piracy

I appeared as a guest on Privacy Piracy on KUCI, an NPR station in California, discussing the need to amend our privacy laws.

Here’s a link to the interview to the website where you can hear the full 30 minute interview:


Trade Secrets: The Intellectual Property for the 21st Century?

The patent system has been under  attack by all three branches of the U.S. governmentin the past year. All is not lost, however, for companies and individuals that need to protect their valuable proprietary technical information. While trade secrets cannot fully replace patent protection in all respects, they do offer a viable alternative to patents for protecting intellectual property in many cases. In addition, while the value of patents in protecting IP has been under attack this year, trade secret protection has been on the rise with, for example, the California appellate court decision in Altavion, Inc. v. Konica Minolta Systems Laboratory, 226 Cal.App.4th 26. 171 Cal.Rptr.3d 714 (1st Dist. 2014).  that broadened the definition of what information can qualify as a trade secret. Moreover, there is a real possibility for the first time that Congress will finally pass a civil trade secrets protection law, which will mean that trade secrets will not be considered patent’s ugly step sister any longer. [Read more…]