How to address corporate espionage and trade secret theft in software licensing audits 

Introduction

Having handled a large number of software licensing audit cases from large software companies such as BSA (Business Software Alliance), SIIA, Autodesk, and Microsoft and their intellectual property law firms, we have learned a few things we think  the public should know about if faced with received the “love letter” which is basically a letter demanding your business to submit to a no-holds-barred internal software audit, on your own dime, and report back to the law firm for final judgment on what amounts of shortages your company may have, and what amount they are willing to accept to avoid filing a federal copyright lawsuit against your business (which threatens to publicly expose your business, and which often touts “damages of $150,000 or more for “willful copyright infringement.”).  Getting these letters to not make business owners happy, many of which are small businesses, mom and pops, small to medium size architect and engineering firms and other companies.  This blog discuss what triggers this entire mess to ignite in the first place, and suggests potential responses that are available to some companies based on the types of nefarious acts of sabotage we have seen.

Shocking acts uncovered by the “secret informant”

What triggers these business software alliance audits, or Autodesk audits, or Microsoft licensing audits is usually the “secret informant.”  This can sometimes be any of the following:

1.  A current corporate insider (may be a temporary employee who understands the “reporting software piracy” game – sometimes you see an ad on facebook offering a reward to persons who are willing to report software infringement), and could also be a long-time employee who is disgruntled and thinking about leaving.  These corporate insiders may be bound by company policies, corporate trade secret non-disclosure agreements, and may even have high level security clearances and employment agreements that prevent them from disclosing certain corporate secrets to third parties.

2.  A contractor (such as a contracted IT guy) – sometimes the “secret informant” (the software lawyers for the big software companies will claim there is case law that allows them not to identify who the informant is, what their motivation for reporting software piracy was, or to provide any other “probable cause” information showing why the business is being subjected to an audit.  We call it probable cause (to borrow a criminal law term), because it fits in this extremely strange and bizarre setting where a company is forced to hire legal counsel and prove itself innocent of software license shortages all because some (often non-trustworthy informant motivated by seeking a monetary reward) has provided information (supposedly anyway, you would never know).

3.  Sometimes we questions whether there is any informant at all.  We say this because we have had some calls from clients from San Diego to San Francisco and even in Arizona where claims were made that the business was not even using the software they were claimed to be missing.  For example, one client was accused of using Autodesk (AutoCad) software, when the did not even have one copy installed.  I suppose you could say “well that's just an innocent mistake” by the software company, or worse, you could call this something more nefarious such as a “fishing expedition” or a civil rico violation, or even extortion as one of our clients called it.  Yet the software representatives “will assure you we have reliable evidence” but then inform me “we don't have to tell you what it is and that is backed by caselaw.”  Again, when I ask for the caselaw to support such an absurd position, I get nothing.  How is a small business to defend against this?

This is just a short list of the possible “informers.”

Theft of trade secrets

Some companies that we work with (we work with all types of companies from architect firms, media companies, healthcare and medical related companies, law firms, and other corporations) are highly regulated and are required to keep information confidential and secure.  Some employees and even contractors are entrusted with access to this proprietary information.  Some of these companies have put in place extensive “trade secret protection” programs and have required all employees and contractors to agree to these agreements and to protect trade secrets as part of a contractual arrangement.

Yet even so, when tensions boil over at the workplace, and certain promotions or salaries raises are no forthcoming or other acts of corporate politics create a hostile working environment or contentiousness in the workplace, strange things can happen.  The disgruntled employee can forget about their obligations (selective amnesia), or simply decide they are not going to honor their contracts “because they employer didn't honor theirs.”

These disgruntled (current) or ex-employees or even contractors, can be motivated by greed and anger, and they then decide to “turn state's evidence” if you will allow me to borrow criminal law terms.

This informant, who is NOT VETTED OUT by the software company – (a) no background checks (b) no review or discussion of any employment agreements that may be breached (c) no lie detector tests, (d) no sworn statements under penalty of perjury are required (these to the best of our knowledge because the software lawyers refuse to discuss any aspect of who their “secret” key witness is, or to provide any details on what they know or are alleging.

It is under this backdrop that software licensing cases take hold, and based on this (or no evidence at all as mentioned above) the “love letter” is sent threatening $150,000 or more in copyright infringement liability.  I even had one callous copyright attorney tell me “we could file for a federal court order and raid the company servers and laptops and seek to shut the business down.”  I asked him what evidence he would be basing that on – again, I received no response out of a “policy not to disclose our evidence.”  So the game goes.

Does anyone think this is right?  The software representatives will then say “the software licenses demand that your client undergo a full “voluntary” audit.”  I ask which license are you referring to?  The response is normally “I don't know which one, but any license they have will have that language.” Strange right?

Aiding and abetting trade secret theft by software audit law firms

I had one small business owner ask me how they could prevent TRADE SECRET THEFT.  I asked what their trade secrets consisted of.  This company had its own configuration of software which allowed them to run their business in a more efficient and streamlined manner than their competitors.  They took every measure possible to make sure that employees understood that the type of software used, and configuration of the corporate IT was a corporate trade secret that needed to be protected.  Non-disclosure agreements were used, and the duty to maintain the strict secrecy of the internal networks was part of the employee company manual signed by the employee or contractor.

For new readers of my website, trade secrets are one form of intellectual property.  Most states offer some protection for trade secrets, and by way of example, California's trade secret statute (California Civil Code Section 3426.1 et seq.) says the following:

“(d) “Trade secret” means information, including a formula, pattern, compilation, program, device, method, technique, or process, that:

(1) Derives independent economic value, actual or potential, from not being generally known to the public or to other persons who can obtain economic value from its disclosure or use; and

(2) Is the subject of efforts that are reasonable under the circumstances to maintain its secrecy.”

As you can see by this, there are LOTS of different types of trade secrets a corporation or small business may have. From customer lists, to business formulas, IT infrastructure environments, use of software programs and other methods, techniques or processes.  A company that takes measures to avoid disclosure of these items (or other companies that are obligated to keep information safe and secure under HIPAA (medical) or GLB (financial) privacy and cybersecurity laws) are entitled to have this information protection from improper disclosure or use by disgruntled ex-employees or corporate insiders hell bent on committing acts of corporate espionage, at times holding a company ransom.

Aiding, abetting and assisting a “secret informant” in pulling off disclosure of the trade secret and assisting in the attempts to put a small company out of business or disrupt their need to run their businesses is not something that should be taken lightly.

Under California trade secret law, “misappropriation” of a trade secret is defined:

(b) “Misappropriation” means: (1) Acquisition of a trade secret of another by a person who knows or has reason to know that the trade secret was acquired by improper means;

Obtaining trade secrets by “improper means” is also defined in the statute:

(a) “Improper means” includes theft, bribery, misrepresentation, breach or inducement of a breach of a duty to maintain secrecy, or espionage through electronic or other means. Reverse engineering or independent derivation alone shall not be considered improper means.

These are the types of things that ca arise in a software licensing case.  The software company badly wants to protect against piracy and police its software (this is a legitimate business interest of their to protect their intellectual property), and they may be willing to use ANY INFORMANT that comes its way, through the internet, phone call, email, etc.  But the informant who is NOT VETTED IS NOT RELIABLE and the software company and the “informant” both risk liability for theft of corporate trade secrets or acts of corporate sabotage.  One cannot simply turn a blind eye to the legitimate intellectual property rights of another company.  In short, you have a battle of the intellectual property.

Keep in mind, where the theft or espionage causes damages, the statutes and case law provide for recovery of attorney fees in some cases.  Here is what the relevant code section says:

“3426.3. (a) A complainant may recover damages for the actual loss caused by misappropriation. A complainant also may recover for the unjust enrichment caused by misappropriation that is not taken into account in computing damages for actual loss. (b) If neither damages nor unjust enrichment caused by misappropriation are provable, the court may order payment of a reasonable royalty for no longer than the period of time the use could have been prohibited. (c) If willful and malicious misappropriation exists, the court may award exemplary damages in an amount not exceeding twice any award made under subdivision (a) or (b). 3426.4. If a claim of misappropriation is made in bad faith, a motion to terminate an injunction is made or resisted in bad faith, or willful and malicious misappropriation exists, the court may award reasonable attorney's fees and costs to the prevailing party. Recoverable costs hereunder shall include a reasonable sum to cover the services of expert witnesses, who are not regular employees of any party, actually incurred and reasonably necessary in either, or both, preparation for trial or arbitration, or during trial or arbitration, of the case by the prevailing party.”

Defending the small business from attacks from corporate insiders and disgruntled ex-employees

Based upon the foregoing, it is wise for every company to be able to:

1. Identify what trade secrets they may have;

2.  Protect those trade secrets;

3. Enforce their right to protect their trade secrets to the fullest extent of the law.

Under the California statute, for example, the owner of the trade secret may seek an INJUNCTION to prevent an unauthorized disclosure of trade secrets.  This is specifically spelled out in the statute:

“3426.2. (a) Actual or threatened misappropriation may be enjoined. Upon application to the court, an injunction shall be terminated when the trade secret has ceased to exist, but the injunction may be continued for an additional period of time in order to eliminate commercial advantage that otherwise would be derived from the misappropriation. (b) If the court determines that it would be unreasonable to prohibit future use, an injunction may condition future use upon payment of a reasonable royalty for no longer than the period of time the use could have been prohibited. (c) In appropriate circumstances, affirmative acts to protect a trade secret may be compelled by court order.”

This is a very important legal principle to understand.  In the appropriate software licensing audit case, if you have put the software company ON NOTICE of your corporate trade secrets and they insist on moving forward with an audit and use of information allegedly provided to the software company (in breach of the “informants” duty) then filing for an injunction against both the software company and the informant may be the appropriate measure to take.  Contact intellectual property counsel before taking any measures as this is an important legal call to make.  You can fill out the contact form below to submit your case for review.  Please make sure to leave your phone number

Sample trade secrets agreement for employers

Attached is a sample trade secret non-disclosure agreement you may want to consider using in your organization.  This is only a sample and should be customized to the laws and rules of your jurisdiction.

Non Disclosure Agreement for Software and It Secrets by Steve Vondran

What to do if you suspect corporate espionage or trade secret theft related to your valuable IT configuration

If you are being extorted by a current or former employee, or contractor, contact us immediately.  We can help you explore your legal rights.  This is especially the case where the informant has likely already contacted software licensing authorities and forced your company into a “voluntary” audit (which is not so voluntary when your business is also being simultaneously threatened by a law firm with a $150,000 federal copyright lawsuit).

Other grounds to potentially sue the informant:

1. Lying about unlicensed installs (defamation); or the situation where THEY install the unlicensed software or use crack codes to access software in violation of the DMCA anti-circumvention laws, and yet they claim YOUR COMPANY is the infringer.
2. Breaching employment or severance agreements (that covered illegally downloading and installing software on the workstation or leaving confidentially).  For example, your agreement stated that the employee or contractor would be required to indemnify the employer for any breach of the contract.
3. Corporate espionage
4. Extortion

Contact a software audit & trade secret law firm

We can help you with the following legal issues:

• BSA software audits
• SIIA software audits
• Autodesk audits
• Microsoft audits
• Trade secret theft / misappropriation (arbitration & litigation)
• Drafting of non-disclosure agreements
• Corporate espionage cases
• Civil Rico actions
• Other software licensing cases such as Siemens | Hitek | VBConversions | VERO-Surfcam

We are a business and intellectual property law firm that offers low flat rate fees (that beat our competition), superior customer service and tenacious legal representation.  If you have received a software audit letter, before you say anything or contact the other side, contact us to discuss your case.  Just like in a criminal case, the things you say can and probably will be used against you in a court of law.  Fill out our Software-Audit-Informant-Worksheet and email to [email protected] for a no cost initial consultation with a copyright lawyer.  This is how these cases can proceed.  We can be reached at (877) 276-5084.