Despite depictions in popular culture, corporate espionage – or the covert (and sometimes criminal) spying on competitor companies – doesn’t bear much resemblance to the action in spy movies or books. Instead of secret infiltrations aided by people dangling from cables or tapping into telecommunications systems, corporate espionage is usually accomplished by much more mundane methods. Additionally, it may not be nearly as rampant or epidemic as popular culture might suggest. However, it is a concern that any business handling proprietary methods, materials, products or inventions should be aware of and address in corporate security plans.
Corporate espionage is the improper or unlawful theft of trade secrets or other knowledge proprietary to a competitor for the purpose of achieving a competitive advantage in the marketplace.
What Is Corporate Espionage?
Not any act of competitor research amounts to corporate espionage, and in fact it can be difficult to formulate a single, precise definition of the term. One workable definition is “the improper, unlawful and unethical theft of trade secrets owned by or belonging to one company by a competitor (or sometimes a hostile foreign state) for the purpose of achieving an advantage over that company, or the country of its origin."
The key aspects of corporate espionage involve the trade secrets at the heart of the espionage, as well as the ultimate purpose of the theft being to obtain a competitive advantage of some sort.
What Is a Trade Secret?
What makes a trade secret is typically defined by applicable law, either a codified statute or, if none exists in a specific jurisdiction, relevant published judicial opinions (or “common law”).
At the state level in the United States, the Uniform Trade Secrets Act has been enacted by 47 states as well as the District of Columbia. Within its text at section 1(4), the UTSA defines trade secrets as "information, including a formula, pattern, compilation, program, device, method, technique, or process that (i) derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable by proper means by, other persons who can obtain economic value from its disclosure or use; and (ii) is the subject of efforts that are reasonable under the circumstances to maintain its secrecy.”
The parameters in both the (i) and (ii) clauses must be met in order to qualify as a trade secret under the UTSA. Thus, whatever the information, process or other item in question may be, in order to be a trade secret it must be valuable in a way that is closely held by the company owning it, which must take some sort of reasonable measures to maintain the item’s security and secrecy.
In states in which the UTSA has not been enacted, the definition of “trade secret” is much as it was before the UTSA was created. Case law in all state jurisdictions as well as in federal courts defined trade secrets in slightly different specific details. However, generally, the case law analyzed six separate factors before deeming a specific piece of information (or process or other item) a “trade secret”:
- How well known the information is, other than within the company itself
- How well known the piece of information is by the employees of the company in question
- How closely the company protected and guarded the piece of information
- How valuable the information is to the company, as well as to its competitors
- How much energy or money the company put into creating or developing the piece of information
- How easily the piece of information could be legally created, duplicated or purchased by competitors
The Economic Espionage Act of 1996
In 1996, the U.S. Congress enacted the Economic Espionage Act in order to further protect corporate trade secrets from unlawful misappropriation or theft. What is the purpose of the Economic Espionage Act? The history and debate surrounding the act’s passage indicate that Congress primarily wanted to increase protections granted to intellectual property. As the EEA was adopted in the early years of the digital age, these protections would further encourage innovation and progress in computer technology.
The EEA is codified at multiple places in Title 18 of the United States Code of Laws. For example, section 1831 criminalizes corporate espionage when it’s directed by or when it directly benefits a foreign government or agent. Section 1832 criminalizes any commercial theft of trade secrets, no matter who or what the theft benefits.
Another aspect of the EEA allows the government, through the Attorney General and the Department of Justice, to seize any property or profits that flow from any criminal violation of the EEA. So, if a company violates the EEA by stealing a trade secret from a competitor and through that theft realizes a profit of $1 million, that entire sum is subject to what is known as criminal forfeiture. It can be seized by the government and put to any legal use the government deems prudent.
Additionally, the EEA allows the Attorney General to file civil enforcement actions against those suspected of attempting to violate the EEA’s prohibitions that perhaps do not yet constitute a provable criminal case. Moreover, courts are authorized to issue orders and set whatever conditions may be necessary to continue to protect the trade secret that is involved in the case from public disclosure.
How to Protect Your Business Against Corporate Espionage
In addition to taking advantage of existing legal protections, a company can help protect itself against corporate espionage by taking certain precautions in everyday business decisions.
First and foremost, it’s crucial for any business to take reasonable steps to secure the flow of information in every format, whether digital or paper-based. To prevent data, files and sensitive information from being stolen outright or subjected to unauthorized copying, research the availability of technology that utilizes encryption, data tagging, secure classification and machine learning. A full-spectrum approach that both secures the information and makes it harder to access and retrieve, as well as analyzes anomalies in the use, storage and retrieval of that data, is the gold standard.
Of course, what makes sense for each business will depend on the company’s information and data needs, technology that’s already in place and the company’s budget. Something as straightforward and relatively simple as restricting copier use through the use of personalized PINs may be sufficient to cover most risks for small businesses with minimal need for information security.
Another simplified approach to information security is the adoption of visitor security policies. At a minimum, requiring guests and visitors to check in at a central location, provide some form of identification and be assigned a visitor’s badge and an official escort can go a long way toward controlling access by unauthorized personnel. For additional controls, some larger companies utilize visitor badges that include same-day photographs of the visitor, color coding and expiration dates_._ These stricter policies are made more effective with the addition of employee training in visitor security policies. That way, any employee at any level in the corporation who spots a visitor without an appropriate visitor’s badge or escort will know what to do to enforce the policy.
The physical security of the corporate campus and any buildings it occupies is also an important facet of the protection of intellectual property and trade secrets. Designing buildings that have larger setbacks from public roads and that are protected by secured and restricted access to parking through a controlled gate greatly minimize a corporate spy’s access to protected information, data and intellectual property. However, even the planting of additional trees and shrubbery can provide a little extra security for companies without the budget to add such large-scale protective measures and landscaping. Some of the most low-tech cases of corporate espionage involved the simple process of pawing through tossed-out garbage; restricting access to trash with gates or locked enclosures greatly reduces that risk.
Internally, buildings should be equipped with security cameras that record to a storage disk that won’t be overwritten within a few days. Camera coverage should be focused on common entrances and lobbies as well as outside sensitive work areas, where they can catch anomalous behavior or unauthorized agents.
Finally, training your employees about the seriousness of corporate espionage, the methods through which it can take place and how they can help minimize that risk for the company is essential. Emphasize how important it is to refrain from discussing corporate secrets in public or in places where others can overhear, such as outdoor smoking areas. Adding water features, like large outdoor fountains, near these places can make it harder for crafty competitors to eavesdrop.
Competitive (Competitor) Intelligence vs. Corporate Espionage
What is the difference between competitive or competitor intelligence and corporate espionage? A very short answer could be “if it’s illegal, it’s corporate espionage.” However, this response doesn’t fully reflect the realities of the legal system, and it also does nothing to help law-abiding business owners figure out what legal means of assessing the competition are open to them.
Competitive intelligence is undeniably valuable to any smart, ambitious business. Finding out what your competitors are doing that’s working for them, as well as learning what doesn’t work at all, helps you strategize more effectively for your own business. Learning what your competitors excel at and what they struggle with helps you to better and more precisely differentiate your own business. How can you legally research your competitor and gain valuable intelligence on what they’re doing without running afoul of the law? Some of the most effective methods are actually the simplest as well.
For example, start by setting up search engine alerts for your competitors’ brand and business names. Also, review your local, regional and technical or professional newspapers and publications. Look for anything related to your competitors or their major employees. Even a small, chatty article about a lunchtime speech to a local charity can reveal something useful. When people think they’re merely speaking to a small, localized audience, they can be quite forthcoming in discussing current and future plans.
It’s also perfectly legal to listen to what your competitor says publicly at trade shows and conferences. Find out where key employees for your competitor are speaking or leading conferences or panel discussions, and attend those events. Take excellent notes. The same goes for attending trade shows and other presentations.
Inquire about whether your competitor offers tours of their factory or other premises. Manufacturers often offer plant tours that may discuss new product lines or any future plans. As long as the tour is offered openly and you’re not trying to listen in on private conversations or steal samples, there’s nothing illegal about taking the tour with other members of the public.
Finally, undertake a thorough study of your competitor’s web presence. Evaluate and analyze its website and peruse all of its social media sites and accounts as well. If the company offers an email mailing list, subscribe to it using an email address that is not affiliated with your company. Often, a company will begin announcing preliminary plans to these lists and subscribers before engaging in a public campaign of any kind.