Click here to listen to the audio.

Trade secrets are paramount to a company’s long-term success. Trusted employees are considered one of a company’s most important assets. In our new virtual environment, protecting valuable IP following the resignation or termination of an employee can present a variety of new challenges.

“Protecting your Assets” is a four-part discussion addressing a variety of concerns at the intersection of employee departures and protecting valuable company trade secrets. In part two of the series, Michael Bunis, co-chair of Choate’s Intellectual Property Litigation Group, and Adam Bookbinder, a partner in Choate’s Government Enforcement & Compliance Group, walk through a hypothetical situation involving potential criminal trade secret theft and discuss what companies can do to prevent insider IP theft.

To listen to additional episodes in this series, please click here.


“Protecting your Assets” is a four-part discussion which addresses a variety of concerns at the intersection of employee departures and protecting valuable company trade secrets. Topics covered will include navigating successful exit interviews, mitigating database damage and stolen property issues, assessing litigation implications from potential employee raids, and the handling of demand letters.

Michael Bunis: Hi I’m Michael Bunis and I’m the co-chair of Choate, Hall & Stewart’s Intellectual Property Litigation Group. I’m here with Adam Bookbinder who’s a partner in our Government Enforcement Group and we’re going to be talking about theft of intellectual property. This time we’re going to be talking about theft from insiders within the company; theft from company employees.

Adam, we’re hearing so much these days about external attacks on systems; whether it’s state-sponsored hacking or identity theft or ransomware. It’s almost never-ending. But what we’re talking about today is the threat that companies face from inside the company. The very real threats from people we see every day. People who don’t need to hack. These are the folks that are given access to valuable and sensitive information. In fact, to make it even more complicated, they need that access in order to do their job. In this segment, Adam and I are going to be talking about what companies can do to help spot IP theft from these trusted insiders as well as the initial steps that they should take to investigate the problems that they do identify. To make it concrete and practical, we’re going to walk you through a hypothetical situation based on a criminal trade secret theft case that Adam actually prosecuted when he was a cyber and IT crime prosecutor in the U.S. Attorney’s Office in Boston. Adam, why don’t you set up the scenario for us?

Adam Bookbinder: Happy to do that, Michael. So, the situation here begins when an engineer at a large microchip manufacturer gives notice that he’s leaving the company. He says he is not sure what he’s going to do next, that he might go work for a hedge fund and he says that he’s going to be taking two weeks’ vacation time before his last day. At the end of that two weeks, the employee has his exit interview and following its standard practice in that exit interview, the company asks the employee to sign a form stating that he had returned all company intellectual property and was taking none with him. But after the exit interview, the supervisor hears a rumor the employee is in fact going to work at another microchip manufacturer that is the company’s largest competitor. So Michael, let me throw it back to you as an IP litigator, given this fact pattern, are you concerned?

MB: Well of course. I mean the first thing that jumps out at me is why would this individual lie about where he’s headed to next? I mean I want to know whether that rumor is true or not.

AB: Well that’s what the company did here. The company wanted to figure out whether the employee was in fact going to work for their competitor. They did some investigation and they found an online listing showing that he had gone to work for the competitor and, in fact, that he had started that new job during the two weeks of leave he took before resigning from his old job, a time when he still had his company-issued laptop and access to the company network. The company then looked at their network logs of his activity during the month or so before he left and what they saw was that he had downloaded a massive number of files including documents containing trade secrets the company later determined were worth more than a billion dollars. Finally, the company saw some email fragments suggesting that the employee was in contact with people in India about some kind of business. Now, Michael, I trust at this point you’re now more than concerned so, what would you advise the microchip manufacture to do at this point?

MB: Well you’re right that I’m a little concerned. There is a number of different options that the company can take. I mean obviously, there’s civil litigation and perhaps even seeking a temporary restraining order, acting quickly is a really important thing. You know, frankly, the enormity of the amount of money we’re talking about here, a billion dollars in value, makes me think that just simple civil litigation might not be enough, and instead maybe this is a time when you want to law enforcement involved. Now, each one of these options has pros and cons. So, you want to think carefully, perhaps even this is a situation where you might want to call up the competitor and see if they had thoughts about hiring this individual. Those are just some of the things that I might consider.

AB: So in the case that our hypo is based on, the company did call law enforcement. They called the U.S. Attorney’s Office. We began to investigate beginning with a search warrant for this former employee’s apartment and within days the FBI had searched the apartment, recovered a laptop and a hard drive with all of the stolen data and was able to recover all of that before the former employee had been able to use it. So in this case, a good result through law enforcement, but it is important to keep in mind that most theft of intellectual property is not appropriate for criminal investigation prosecution. Here, the facts were extreme enough that the government was interested. You had a huge company that was the victim. The trade secrets stolen were very valuable. All of that made it a lot easier for the government to get out the deterrent message that is always part of the thinking in a prosecution like this. You had the overlapping employment with someone actually working at two competitors at the same time. Clearly, a very bad fact is he lies about where he was going, and the fact that he hadn’t taken any intellectual property. You had the foreign connection. You had an area where the government maybe be able to help in a way that civil litigation won’t and finally, and really important, you had a victim company that was interested in a criminal prosecution and very supportive of it. In this case, the employee was prosecuted. He ended up pleading guilty and he was sentenced to three years in prison.

MB: Wow. Unexpected outcome I suppose from what looks like, perhaps, a simple employee leaving a company. To start, are there some takeaways Adam that you see that are common from that or things that people can apply from the situation of the scenario you mentioned?

AB: I do think there are some preventative steps the company should consider and to try to either reduce the chance of something like this happening or limiting the damage if it does happen. The first is restricting employee access to only the data the employees need. That is obviously easier said than done, but I’m always amazed by the amount of information that even, low and mid-level employees often have at companies. The second thing is to make sure that the company’s most-critical data is particularly well protected. Another thing for companies to keep in mind is that they really should be educating their employees not that just intellectual property theft is a violation of their conditions of employment and of their contract if they have one, but also that it’s a crime and it could end up sending them to prison. That is something that employees almost never think about.

MB: Okay, one of the things that struck me about this scenario is that just exactly how much time and effort was spent not only by the government but more importantly really perhaps by the company. And all of the resources expended to protect against this situation and just got me thinking is there something that companies might be able to do sort of prophylactically to avoid these problems even before they happen. Is there a way that software, for example, could be configured to alert management of situations or symptoms of employee’s conduct that might indicate that they were about to steal intellectual property from the company? What if for example a system could be put in place where if a certain amount of data is downloaded it would trip an email that would be sent to somebody in compliance at the company? Not to be like Big Brother or to look over everybody’s shoulder, but simply to be a check so that management could look into the matter a little further before so much time and effort is expended.

AB: I think that’s a very good point and certainly something that companies should be thinking more about. Most companies do log a lot of data about their employee’s downloads, for example, and oftentimes don’t spend enough time actually reviewing that data. One thing to keep in mind is there does need to be a balance as you mentioned Big Brother, companies are very concerned these days about the market for talent being particularly competitive and the importance of having a collaborative and positive work environment. You don’t want to solve a security problem by creating an atmosphere in which nobody wants to work. And obviously, if you make your employees unhappy enough you can actually increase the chance that one of them decides they want to leave and takes some of your IP with them. So this is complicated and it’s a balance that the company needs to try to strike. A couple of other things to keep in mind are, in this case, the company did an important thing by asking the employee in the exit interview if he had taken any IP with him. His false statements on the form that he signed there were really critical both for any potential civil suit as well as criminal prosecution. Another thing again to note out of these circumstances is that there are times when going to law enforcement quickly can be very helpful. You can get the relief you could never get through civil litigation. On the other hand, there are downsides to this. Certainly, companies are often concerned about publicity that would go along with any criminal prosecution and there’s a definite lack of control and loss of control once the government is involved, it is now their investigation, not yours and the final thing I’d flag is there is value in sending the message to employees and to outsiders that you take IP theft seriously, can either be done, you can send that message either through civil suit or criminal prosecution, but either way it can be very important.

MB: Yes, I absolutely agree with you. These are complicated issues. I think one thing, and you’ll agree with me Adam, is that you got to move fast. That companies need to move quickly to identify these issues and act quickly in order to preserve their rights.

Well, this is really a super interesting topic and as you say it highlights just how complicated these issues are. Thanks, Adam, for joining me today to discuss what companies can do to prevent IP theft even from the most trusted employees.