The use and misuse of proprietary data when employees change firms remains one of the busiest and most dynamic areas of employment practices, and civil and criminal law. With the fortunes of entire businesses rising and falling on proprietary processes, especially as trading on Wall Street becomes more automated, the ability of businesses to protect their proprietary models and processes, and to recruit and build out new businesses free of claims for trade secrets thefts is becoming an ever-more critical challenge for businesses and the lawyers who counsel them.
In a groundbreaking decision, the Second Circuit Court of Appeals has limited the ability of prosecutors to pursue criminal charges for thefts of trade secrets. The federal appeals court in Manhattan reversed the jury conviction of former Goldman Sachs Group Inc., ("Goldman Sachs") programmer Sergey Aleynokov under the National Stolen Property Act (NSPA) and the Economic Espionage Act (EEA) for transferring the proprietary computer source code from Goldman Sachs' high-frequency trading program. U.S. v. Aleynikov, No. 10-96 (S.D.N.Y. 2010). The decision has dealt a significant setback to the Department of Justice's (DOJ's) recent effort to aggressively investigate and prosecute intellectual property crimes. As a result, internal management practices and the civil remedies traditionally available to protect trade secrets are even more critical to businesses in highly competitive, proprietary trading and other technology-intensive markets.
On March 18, 2011, Aleynikov was sentenced to more than eight years of imprisonment after having been found guilty by a jury on December 10, 2010, for stealing the proprietary computer code for Goldman Sachs' high-frequency trading platform and transferring it to a server in Germany, then downloading to his computer devices in New Jersey, and later bringing the computer devices with him to Illinois with the purpose of building a similar computer trading platform at another firm. Specifically, Aleynikov was charged and convicted for violating: (1) the NSPA by transporting in interstate and foreign commerce goods, wares or merchandise with a value of at least $5,000 knowing the same to have been stolen; and (2) the EEA by downloading a trade secret "that is related to or included in a product that is produced for or placed in interstate or foreign commerce," with the intent to convert such trade secret and to injure its owner, to the economic benefit of anyone under the owner.
Aleynikov subsequently appealed his conviction to the Second Circuit arguing, among other things, that his conduct did not constitute an offense under either statute because he had not stolen "goods, wares or merchandise" and had not stolen trade secrets related to a product made for the purposes of interstate or international commerce.
THE SECOND CIRCUIT'S SURPRISING DECISION
On February 17, 2012, following oral argument held that same day, the Second Circuit issued a short order reversing Aleynikov's conviction under both statutes -- to the surprise of many -- and indicated that an opinion would follow. Almost two months later this written decision ensued.
In its decision, the Second Circuit held that the indictment against Aleynikov was legally insufficient because Aleynikov's conduct did not fall within the scope of either statute. First, the Second Circuit found that the source code that Aleynikov transferred did not constitute stolen "goods," "wares," or "merchandise" within the meaning of the NSPA because no physical goods were stolen as required under substantial case law and the plain language of the statute. Rather, by uploading Goldman Sach's proprietary source code to a computer server in Germany, the Second Circuit found that Aleynikov stole purely intangible property in a purely intangible format. Accordingly, Aleynikov's conduct fell outside the reach of the NSPA. The opinion left open the issue of whether the physical seizure of a compact disc or a thumb drive containing source code would suffice as a physical theft and thus constitute a criminal offense under the act.
The Second Circuit found equally unavailing that Aleynikov's actions constituted an offense under the EEA. It concluded that the statute criminalized only theft of trade secrets produced for commerce or already in the marketplace and Goldman Sachs had no intention of selling or licensing its high-frequency trading platform. Indeed, the Court noted that Goldman Sachs went through great lengths to maintain the secrecy of the system since the profits generated depended on no one else having it and thus Aleynikov's theft of the source code did not violate the EEA.
IMPLICATIONS: CRIMINAL REFERRALS v. TRADITIONAL ENFORCEMENT
The Second Circuit's narrow interpretation of the NSPA and the EEA was a setback for the DOJ's recent efforts to prosecute employee thefts of valuable and proprietary information. The decision will likely impact current trade secret theft investigations, pending criminal actions and indictments that have already resulted in convictions. For example, on November 19, 2010, almost one month before Aleynikov's conviction, Samarth Agrawal, a former trader at Societe Generale (SocGen), was similarly found guilty by a jury under the EEA and the NSPA for stealing the proprietary computer code used in SocGen's high-frequency trading system. Agrawal is also challenging his conviction and has raised similar arguments to Aleynikov. The appeal is currently pending.
While the full impact of the Second Circuit's decision remains to be seen, it is likely to have a disproportionate effect on the financial sector and other industries that profit from the provision of services through the use of proprietary source code or other forms of intangible intellectual property, which could fall outside the protections of both statutes. Thus, criminal referrals to protect against employee trade secrets thefts are likely to become less effective for proprietary trading firms and other technology-based businesses. Traditional trade secret protection measures and civil enforcement tools remain the first, best and perhaps the only measures available to such companies seeking to protect their trade secrets.
In light of the Aleynikov decision, technology-reliant companies should re-examine their existing trade secrets protections. In many cases, formal trade secrets audits should be conducted but in all cases executives, HR professionals and counsel should revisit and where necessary revamp their companies' procedures in the following areas:
- Restricted access to sensitive information
- Management controls over copies, tagging proprietary data, documents and models for tracing in the event of employee departures or security breaches
Use of restrictive covenants in employment agreements, employee handbooks and confidentiality policies, including:
- confidentiality agreements
- work-for-hire and assignment of inventions agreements
- noncompete notice before termination (garden leave) provisions
- reimbursement and forfeiture clauses
- liquidated damages and tolling provisions
- Thorough exit procedures to ensure the security of proprietary data when employees depart
- Preparations to seek restraining orders and injunctions quickly in the event of misappropriations
Despite the setback resulting from the Aleynikov decision, the DOJ is likely to continue its aggressive enforcement of intellectual property crimes in other sectors, particularly in the area of high-technology. The EEA remains an effective tool for combating the misappropriation of trade secret material for the vast majority of industries and marketed products. In addition, the Second Circuit ruling does not apply to the prosecution of foreign economic espionage under the EEA, even in the case of proprietary software. More than ever, companies at risk of trade secret theft should consult with experienced counsel to design the most effective strategy for protecting their valuable intellectual property.