*Previously posted on IPPIBlog.com
As a follow-up to my last post titled, “Know Your Researcher – Academic Espionage – Trade Secrets Theft,” I embedded an FBI Counterintelligence Strategic Partnership Intelligence Note (SPIN) dated September 2015.
If you haven’t had a chance to look it over, it warrants a closer look.
The last two pages of the document provide a blueprint—a list of things for organizations to consider when screening employee candidates and other organizations before collaboration starts. But, even if collaboration has begun, it is still a useful guide in determining if you should continue or end the relationship.
This blueprint is a particularly useful guide for general counsel, human resources and private investigators (retained on behalf of organizations) to conduct enhanced background screening of potential employees.
*All information in italics is extracted from the 2015 FBI handout.
HOW TO PROTECT YOUR ORGANIZATION
The first step to protecting your business or university is to identify the threat.
By understanding the threat and your business or university’s critical technologies, it can help you identify methods in which they can be easily stolen.
Theft, bribery, espionage, blackmail, hacking, and electronic intercepts are just some of the different methods individuals may use to steal trade secrets.
- Who would benefit from your information, processes, or strategies?
- Who are your competitors?
- Have individuals been unusually interested in what you do? (See IP PI Blog post titled, “Trade Secrets Protection-Mindfulness.“)
- The next step is to identify proprietary or trade secrets or IP.
- This includes, but is not limited to the manufacturing process, financial information, list of suppliers and customers, chemical formulas, marketing strategies, and R&D data.
- Have professors, students, and employees sign non-disclosure agreements.
- Identify foreign personnel who are sponsored by professors/employees.
- Understand agreements between international organizations and US businesses and universities.
- Identify and label or mark IP or sensitive data that is most important to US businesses and universities.
- Identify methods in which professors and employees are contacted (for example, e-mail, social media, conferences) and educate them on what solicitation looks like.
In a New York Times report titled, “U.S. Charges 9 Iranians in Huge Theft of Intellectual Property,” the following excerpt says it all: “The spear-phishing emails purported to be from professors at one university to those at another and contained what appeared to be authentic article links. But once clicked on, the links steered the professors to a malicious Internet domain that led them to believe they’d been logged out of their systems and that asked them to enter their log-in credentials. Those credentials were logged and stolen by the hackers, prosecutors say.”
(See IP PI Blog post titled, “How Did the 9 Iranian IP Thieves Do It?“)
Questions to Ask Yourself:
If you wonder about the safety of your research or intellectual property, or the legality of your interactions with China, ask yourself the following questions:
- Do you collaborate with anyone who is currently in China?
- Do you have any publications? If so, in which journals and with whom?
- Which institutions are they associated with?
- What type of funding do you have to conduct your research
- Where do you obtain your funding?
- Do you belong to any professional societies? If so, which ones and where are they based?
- Do you travel regularly to China?
- Is it for business or pleasure or both?
- How long do you stay in China during these trips?
- Are you working with anyone in China on your research during this time?
- How do you maintain contact with your laboratory in the United States while in China?
- Do you contact it via computer (login to laboratory site)?
- Do you plan to return to China permanently?
- What will you do for employment?
- Where did you attend school?
- What type of degrees did you earn?
- How did you apply for a fellowship, post-doctoral position, guest researcher or other employment with your current employer?
- Did someone you know refer you to this lab, university, or principal investigator?
- What type of research do you conduct?
- What are the applications of this research?
- Do you expect to get a patent from this research?
- With whom are you working at your laboratory?
- Do you collaborate with individuals from other research institutions in the United States or abroad?
The theme here is “due diligence.” As in any other sensitive business /project arrangement, take all reasonable steps to determine the true “spirit” of the person(s) or organization(s) that have or seek a collaborative relationship with you.
Disclaimer: This blog is offered as a service to the professional IP community. While every effort has been made to check information in this blog, we provide no guarantees or warranties, express or implied, with regard to content provided in this blog. We disclaim any and all liability and responsibility for the qualification or accuracy of representations made by the contributors or for any disputes that may arise. It is the responsibility of the readers to independently investigate and verify the credentials of such person and the accuracy and validity of the information provided by them. This blog is provided for general information purposes only and is not intended to provide legal or other professional advice.