Are your trade secrets safe against corporate spies? These examples of corporate espionage highlight the great lengths that foreign governments and competing companies will go to to maintain an advantage over their competitors.
If you like this article be certain to check out our article on the Worst Examples of Data Theft by Employees.
“Corporate espionage — sometimes also called industrial espionage, economic espionage or corporate spying — is the practice of using espionage techniques for commercial or financial purposes. We usually think of “espionage” in terms of spies working on behalf of one government trying to get information about another. But in fact, many of the same techniques — and even many of the same spies — work in both realms.”
CSO Online
The Economic Espionage Act of 1996 (EEA), 18 U.S.C. §§ 1831-1839, defines the term “economic espionage” as the theft or misappropriation of a trade secret with the intent or knowledge that the offense will benefit any foreign government, foreign instrumentality, or foreign agent.
Corporate espionage is the unlawful practice of obtaining non-public proprietary or operational information. Corporate espionage is practiced by foreign companies, a foreign agent, a foreign government, and commercial organizations in the private sector to enhance economic development, build more advanced military technology, and gain a competitive advantage.
While high-tech industries such as manufacturing, life sciences, automotive, and aerospace are most commonly the targets of corporate espionage, any company with sensitive proprietary data can become a target.
According to the National Bureau of Asian Research, the annual cost to the U.S. economy of counterfeit goods, pirated software, and theft of trade secrets is between $225 billion and $600 billion.
Examples of Corporate Spying Include:
Corporate espionage/industrial espionage refers to the unlawful acquisition of proprietary information through means such as bribery, technological surveillance, the recruitment of spies, etc.
In contrast to industrial espionage, competitive intelligence refers to the lawful collection of open source information such as mergers and acquisitions, new government regulations, and information gained from publicly available sources such as social media.
Competitive intelligence companies will use this public information to advise their clients on the steps they need to take to remain competitive. This information is so valuable that many companies now have Operational Security teams that closely manage what information is released to the public.
18 U.S. Code § 1839 defines “trade secret” as all forms and types of financial, business, scientific, technical, economic, or engineering information, including patterns, plans, compilations, program devices, formulas, designs, prototypes, methods, techniques, processes, procedures, programs, or codes, whether tangible or intangible, and whether or how stored, compiled, or memorialized physically, electronically, graphically, photographically, or in writing if—
Examples of Trade Secrets:
The data security risks of offboarding employees simply cannot be understated. It’s been reported that 70% of intellectual property theft occurs within the 90 days before an employee’s resignation announcement.
Viking Yachts faced this risk head on when a soon-to-be-ex-employee attempted to steal their intellectual property to gain favor with one of their competitors.
Learn how Viking Yachts protected themselves against industrial espionage and economic injury in our case study.
The legality of industrial espionage, corporate spying, et al. varies between different jurisdictions. Even when such regulations exist they may still prove difficult to enforce when industrial espionage is carried out by an uncooperative foreign government. This is most notable when you consider the history of industrial espionage between the United States and China.
The U.S. government governs corporate espionage by the Economic Espionage Act of 1996 (EEA), a federal law that makes theft or misappropriation of trade secrets, primarily through acts of industrial espionage, a federal crime.
The EEA is further extended by the Defend Trade Secrets Act Of 2016 which allows an owner of a trade secret to sue in federal court when its trade secrets have been misappropriated.
As for the United Kingdom, up until recently there were no current criminal offenses specifically designed to protect the UK and its interests from the illicit acquisition of trade secrets conducted by foreign states.
This all changed in 2022 when the UK introduced a National Security Bill that repeals the Official Secrets Acts. It includes offenses for obtaining or disclosing protected information, obtaining or disclosing trade secrets, and assisting a foreign intelligence service.
Protect your sensitive data against insider threats with the robust data loss prevention and user activity monitoring features in the CurrentWare Suite.
“Congress correctly understood that, in this day and age, stealing trade secrets can be more damaging than breaking into a company’s warehouse and stealing its inventory. That is particularly so in Massachusetts, where intellectual property is our life blood. In this case, it is alleged that the defendant stole Gillette’s shave secrets.”
Donald K. Stern, US Attorney
When it comes to mitigating the risks of insider threats it’s critical to realize that everyone with access to proprietary information is a potential threat. This example of corporate espionage showcases how not all corporate espionage is the result of a company’s immediate employees and hostile foreign governments; third-party contractors are just as much of a vulnerability.
In 1997 Steven Louis Davis, a subcontractor for Gillette from Washington, Iowa, was convicted for stealing trade secrets by emailing and faxing them to competitors. These trade secrets were technical drawings of a new shaving system that Gillette had spent $750 million developing.
Davis was employed as a process control engineer for Wright Industries, Inc., a third-party designer of fabrication equipment, which had been hired by Gillette to assist in the development of the new shaving system.
It has been said that Davis’ motivation for his corporate espionage against Gillette was due to being disgruntled with his working conditions, fearing that his job was in jeopardy, and anger against his supervisor.
Once Gillette uncovered the intellectual property theft incident they swiftly reported it to the Federal Bureau of Investigation (FBI), the principal federal law enforcement agency, domestic intelligence, and security service of the United States.
Davis later went on to agree in a plea agreement that the loss caused by his conduct was at least $1.5 million.
Davis was ultimately charged with wire fraud and theft of trade secrets, which led him to be sentenced to 2 years of prison. His sentence was a significant reduction from what he was initially facing: A ten-year term of imprisonment on each of the five trade secrets counts, a five-year term on each of the wire fraud counts, and a fine of $250,000 on each count.
“In 1997, Avery Dennison sued Four Pillars in the Northern District of Ohio, alleging theft of trade secrets and violations of RICO in a scheme whereby Four Pillars recruited one of Avery Dennison’s employees to deliver trade secrets and other confidential material to Four Pillars. …in 1999 Four Pillars and two of its employees were convicted of attempt and conspiracy to steal Avery Dennison’s trade secrets, in violation of the Economic Espionage Act of 1996, 18 U.S.C. § 1832. The convictions were affirmed on appeal. See United States v. Yang, 281 F.3d 534 (6th Cir.2002).”
FindLaw.com
“The indictment alleges that from July of 1989 through 1997 the defendants, Pin Yen Yang, a.k.a. P.Y. Yang, his daughter Hwei Chen Yang, a.k.a. Sally Yang and Four Pillars Enterprise Company, LTD, of Taiwan, engaged in a scheme to defraud Avery of the intangible right to the honest service of Victor Lee and of its confidential and proprietary information and trade secrets. Since July of 1989 the defendants have obtained, among things, proprietary and confidential Avery information relating to formulations for self-adhesive products.”
Justice.gov
Four Pillars is a manufacturer of pressure-sensitive products in Taiwan, and Avery Dennison is one of the largest manufacturers of adhesive labels in the United States.The two companies initially considered a joint venture in Asia before their relationship became adversarial.
Despite the lack of a partnership, Four Pillars was able to leverage an insider transferring trade secrets from Avery Dennison to them so they could gain the competitive intelligence they needed to compete.
Four Pillars was able to get away with secretly acquiring trade secrets between 1989-1997 until an employee of theirs applied for work with Avery Dennison. During their interview the employee revealed that Avery Dennison’s adhesive formulas were being provided to Four Pillars by an employee of Avery Dennison. This revelation resulted in an FBI investigation that would later lead to civil and criminal penalties against Four Pillars.
The saga of Avery Dennison Corp Vs Four Pillars Enterprises Ltd. spans across various civil suits and a criminal prosecution.
One of the civil suits was tried under the 1996 Economic Espionage Act, which Congress passed to protect US companies from thefts by foreign businesses and governments.
Authorities claimed in the trial that a worker for Avery Dennison in Ohio had divulged trade secrets to Four Pillars regarding adhesives used in items such as battery labels and self-stick postal stamps.
The key players for Four Pillars were Pin Yen Yang, Four Pillars’ former chief executive, his daughter Hwei Chen Yang, and Ten Hong (Victor) Lee, a former research scientist for Avery Dennison, who testified during the criminal trial that he gave Four Pillars access to more than 12,000 research and development documents outlining the company’s adhesive formulas and other proprietary information.
Ultimately, Avery Dennison Corp. was awarded at least US $40M in damages in a civil suit accusing Four Pillars Enterprises Ltd. of misappropriating trade secrets. Victor Lee was charged with wire fraud for “defrauding his employer of their right to his honest services.“
So, why did Victor Lee transfer trade secrets to Four Pillars? Simply put, Four Pillars knew the value of competitive intelligence and they paid accordingly, with some reports claiming they paid a sum of $150,000 over the course of 8 years to gain access to Avery Dennisons’ corporate secrets. The Yangs’ investment is said to have resulted in an approximate $30 to 50 million loss to Avery Dennison.
Further Reading:
“Matthew Lange has been convicted of violating 18 U.S.C. § 1832, part of the Economic Espionage Act of 1996. This statute makes it a felony to sell, disseminate, or otherwise deal in trade secrets, or attempt to do so, without the owner’s consent. Lange stole computer data from Replacement Aircraft Parts Co. (RAPCO), his former employer, and attempted to sell the data to one of RAPCO’s competitors.”
FindLaw.com
The case of United States v. Lange serves as a prime example of how “company trade secrets” are defined in the legal sense.
As a manufacturer for the aviation industry, RAPCO needs to invest years of work and a significant amount of money to design, and obtain approval for, their parts. Their products must be exhaustively tested to demonstrate, to the FAA’s satisfaction, that all requirements have been met before they will certify the part for sale.
While the exact dollar figure invested in the brake assembly referenced in United States vs Lange is not disclosed, one can consider that the dynamometer testing alone is expected to cost $75,000.
That said, this expensive and time consuming process can be avoided if a manufacturer demonstrates that its parts are identical (in composition and manufacturing methods) to parts that have already been certified.
If RAPCO’s competitors could gain access to their testing data they could gain the competitive advantage with a considerably lesser investment. Matthew Lange, a disgruntled former employee of RAPCO, was all too aware of the value that this competitive intelligence could provide to their competitors.
Lange offered RAPCO’s competitors all of the information required for them to get FAA certification for various identical parts that were already certified thanks to RAPCO’s extensive testing. This information included completed specifications and engineering diagrams, as well as valuable data from their tests.
To help facilitate his desired sale, Lange went to the internet and offered RAPCO’s information for $100,000 alongside a pirated copy of AutoCAD®, the computer-assisted drawing software that RAPCO uses to maintain its drawings and specifications data.
Lange was caught when someone he offered the data to reported him to the FBI. With the FBI involved Lange was readily caught and brought to trial.
Lange’s key argument was that, though the competitive intelligence was of value to competitors, it did not meet his understanding of the definition of trade secrets.
Ultimately the courts determined that the data Lange attempted to sell was considered trade secrets due to key factors, including:
As a result of the trial Lange was sentenced to 30 months’ imprisonment.
The employee offboarding process presents significant data security risks. Employees have intimate access to corporate data, insider knowledge of the organization’s systems, and a level of trust that can allow them to steal data undetected.
These vulnerabilities need to be addressed as part of any insider threat management program. Click the button below to learn the best practices for protecting data during a termination and gain access to a downloadable IT offboarding checklist.
“We did what any responsible company would do. Competition can sometimes be fierce, but also must be fair and legal. We’re pleased the authorities and the FBI have identified the people [allegedly] responsible for this.”
Dave DeCecco, PepsiCo Spokesperson
While the competitive advantages provided by economic and industrial espionage are of great value to competitors, knowingly accepting commercial secrets from industrial spies can result in significant legal penalties.
While Coca-Cola and Pepsi are two industry giants that seek to gain every competitive advantage possible (as evidenced by the Cola Wars), Pepsi ultimately decided that the federal crime of stealing commercial secrets was not worth the advantage.
Here’s the story:
Further Reading:
In February 2010, former Boeing engineer Dongfan “Greg” Chung was sentenced to 16 years in prison for stealing trade secrets related to the US Space Shuttle program and the Delta IV rocket. Over the course of 30 years Chung provided secrets regarding U.S. aerospace technologies to China.
This example of corporate espionage was the first ever trial conviction under the Economic Espionage Act of 1996.
According to the Trade Secrets Institute, United States federal agents first suspected Chung of espionage during an unrelated investigation of an individual named Chi Mak, a former naval engineer for a US defense contractor similar to Boeing.
During that investigation they found links between Chunk and Mak that prompted the FBI to investigate Chung further. In their investigation they uncovered Boeing documents in his trash.
A later search of his home uncovered documents including a detailed journal describing Chung’s travel for meetings and “espionage activities” in China, as well as approximately 300,000 pages of documents related to Boeing space vehicles, helicopters, fighter jets, and thermal protection systems stored in binders.Among these countless documents 6 of them were identified by the United States government as Boeing trade secrets.
Ultimately Chung’s actions caused him to be charged with conspiracy to commit economic espionage, six counts of economic espionage to benefit a foreign country, one count of acting as an agent of the People’s Republic of China, and one count of making false statements to the FBI.
Further Reading:
Whether you are a private company or a government agency, you are at risk of industrial espionage. These industrial espionage examples highlight the great lengths that companies and foreign governments will go when it comes to orchestrated espionage for their gain.
Want to protect your company against industrial espionage? View these resources from CurrentWare to learn more about protecting your intellectual property against trusted insiders
Cookie | Duration | Description |
---|---|---|
__cfruid | session | Cloudflare sets this cookie to identify trusted web traffic. |
cookielawinfo-checkbox-advertisement | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category . |
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
JSESSIONID | session | The JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application. |
LS_CSRF_TOKEN | session | Cloudflare sets this cookie to track users’ activities across multiple websites. It expires once the browser is closed. |
OptanonConsent | 1 year | OneTrust sets this cookie to store details about the site's cookie category and check whether visitors have given or withdrawn consent from the use of each category. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
Cookie | Duration | Description |
---|---|---|
__cf_bm | 30 minutes | This cookie, set by Cloudflare, is used to support Cloudflare Bot Management. |
_zcsr_tmp | session | Zoho sets this cookie for the login function on the website. |
Cookie | Duration | Description |
---|---|---|
_calendly_session | 21 days | Calendly, a Meeting Schedulers, sets this cookie to allow the meeting scheduler to function within the website and to add events into the visitor’s calendar. |
_gaexp | 2 months 11 days 7 hours 3 minutes | Google Analytics installs this cookie to determine a user's inclusion in an experiment and the expiry of experiments a user has been included in. |
Cookie | Duration | Description |
---|---|---|
_ga | 2 years | The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. |
_ga_GY6RPLBZG0 | 2 years | This cookie is installed by Google Analytics. |
_gcl_au | 3 months | Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services. |
_gid | 1 day | Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously. |
CONSENT | 2 years | YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data. |
Cookie | Duration | Description |
---|---|---|
_opt_expid | past | Set by Google Analytics, this cookie is created when running a redirect experiment. It stores the experiment ID, the variant ID and the referrer to the page that is being redirected. |
IDE | 1 year 24 days | Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile. |
NID | 6 months | NID cookie, set by Google, is used for advertising purposes; to limit the number of times the user sees an ad, to mute unwanted ads, and to measure the effectiveness of ads. |
test_cookie | 15 minutes | The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies. |
VISITOR_INFO1_LIVE | 5 months 27 days | A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface. |
YSC | session | YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages. |
yt-remote-connected-devices | never | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. |
yt-remote-device-id | never | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. |
yt.innertube::nextId | never | This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen. |
yt.innertube::requests | never | This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen. |
Cookie | Duration | Description |
---|---|---|
_dc_gtm_UA-6494714-6 | 1 minute | No description |
_gaexp_rc | past | No description available. |
34f6831605 | session | No description |
383aeadb58 | session | No description available. |
663a60c55d | session | No description available. |
6e4b8efee4 | session | No description available. |
c72887300d | session | No description available. |
cookielawinfo-checkbox-tracking | 1 year | No description |
crmcsr | session | No description available. |
currentware-_zldp | 2 years | No description |
currentware-_zldt | 1 day | No description |
et_pb_ab_view_page_26104 | session | No description |
gaclientid | 1 month | No description |
gclid | 1 month | No description |
handl_ip | 1 month | No description available. |
handl_landing_page | 1 month | No description available. |
handl_original_ref | 1 month | No description available. |
handl_ref | 1 month | No description available. |
handl_ref_domain | 1 month | No description |
handl_url | 1 month | No description available. |
handl_url_base | 1 month | No description |
handlID | 1 month | No description |
HandLtestDomainName | session | No description |
HandLtestDomainNameServer | 1 day | No description |
isiframeenabled | 1 day | No description available. |
m | 2 years | No description available. |
nitroCachedPage | session | No description |
organic_source | 1 month | No description |
organic_source_str | 1 month | No description |
traffic_source | 1 month | No description available. |
uesign | 1 month | No description |
user_agent | 1 month | No description available. |
ZCAMPAIGN_CSRF_TOKEN | session | No description available. |
zld685336000000002056state | 5 minutes | No description |