Cybersecurity

BACK FROM THE DEAD? Senator Wants to Resuscitate Legislation to Create a Federal Right of Action for Trade Secret Theft

and Posted on

Revised post available here.

There are stirrings in the U.S. Senate of yet another bid to establish a federal right of civil action for trade secret misappropriation.

Sen. Chris Coons (D-Del.) has quietly circulated a draft bill to IP lawyers and others with an interest in the legislation.  The draft Protecting American Trade Secrets and Innovation Act of 2014 (“PATSIA 2014”) is the latest of several recent attempts to bring about this right. The past attempts include Sen. Coons’ own prior iteration of the bill, PATSIA 2012 (S. 3389), which never made it out of the Senate Judiciary Committee. READ MORE

CYBERSECURITY UPDATE: New Rules Require Defense Contractors to Protect Technical Information

Posted on

The U.S. Department of Defense issued final rulemaking on November 18, 2013 that will require DOD contractors to protect from attack confidential technical information on their computer systems, and to report and cooperate with DOD in the event that this information is compromised through a cyberattack.  The rules come nearly two years after draft rules were first announced and in the midst of continuing public concern about the threat of state-sponsored trade secrets theft. READ MORE

GIVE AND TAKE: Lofgren’s Twin Trade Secret Bills Would Curtail Actions Under One Law, Expand Them Under Another

Posted on

When Rep. Zoe Lofgren, the Silicon Valley Democrat, introduced a pair of bills last month on trade secret misappropriation, we puzzled over her purpose.  Was this a response to the White House’s call for improved federal legislation to protect U.S. trade secrets?  Did the measures mark the start of a comprehensive federal civil “Trade Secrets Act” that would put trade secrets on par with other federally protected intellectual property such as patents, trademarks, and copyrights?

Trade Secrets Watch decided to investigate and tapped our congressional sources for the back story.  Turns out our musings were wrong.

First, a quick backgrounder on federal trade secret protection (and lack thereof): The federal government has declined to go all-in on protecting U.S. trade secrets, leaving this area primarily governed by state law.  When it comes to trade secrets, federal law consists of a patchwork of acts that leave yawning gaps in legal protection.  For example, the federal Economic Espionage Act, known as the EEA, prohibits trade secret theft but is solely a criminal law — it doesn’t provide for a federal civil cause of action (i.e., a right allowing private parties to sue).  And the Computer Fraud and Abuse Act, known as the CFAA, only covers certain types of thefts involving unauthorized access to computers.  It provides for criminal prosecution and grants a victimized company the right to sue.  But in a case last year (United States v. Nosal), the Ninth Circuit U.S. Court of Appeals interpreted the CFAA narrowly, finding that it was primarily intended to curtail hacking and that it does not bar employees from stealing trade secrets from their employers’ computers in more run-of-the-mill cases of trade secret theft.  READ MORE

BILL BANDWAGON: Senators Draft Measure to Expand the Economic Espionage Act

Posted on

Yet another federal trade secrets bill may soon join the growing stack of legislation already under consideration in Congress.  This proposed bill would make modest changes to the Economic Espionage Act (“EEA”), which designates the theft of a trade secret a federal crime.

We emphasize that the “discussion draft” by Sens. Sheldon Whitehouse (D-R.I.) and Lindsey Graham (R-S.C.) is merely that—a draft bill that has not been introduced.  Still, the fact of the proposed bill, and the fact that the co-sponsors felt compelled to issue a press release about the measure while it is still on the drawing board, confirm that trade secret thieves (along with patent trolls) are the boogeymen du jour on Capitol Hill.

This proposed bill, if introduced and enacted, would incrementally extend the EEA’s application to foreign trade secret theft.  READ MORE

LEGISLATIVE UPDATE: Rep. Zoe Lofgren Proposes New Legislation, Including a Civil Cause of Action for Trade Secret Misappropriation

Posted on

We previously reported on the downpour of recent trade secret activity in Congress.  Last week, Congresswoman Zoe Lofgren (D-Cal.) added to the deluge by introducing two bills bearing on trade secret misappropriation: (1) the Private Right of Action Against Theft of Trade Secrets Act of 2013, a bill to amend the Economic Espionage Act to provide for a federal civil cause of action, and (2) Aaron’s Law Act of 2013, a bill to amend the Computer Fraud and Abuse Act in light of computer programmer Aaron Swartz’s suicide.

We’ve updated our primer on the recent trade secret-related legislation READ MORE

Pols Gone Wild: Congress Discovers Trade Secret Theft and Cybersecurity are Problems; We Sort Through the Explosion of Legislation

Posted on

The revised post is available here.

Trade secret theft and cybersecurity are hot topics in Congress these days, spawning legislative initiatives left and right.  Amid this flurry of legislation, it’s hard to keep all the bills straight.  Trade Secrets Watch took a look at the legislation currently under review, and put together this primer:

Bill Sponsors What’s It About? Status
Cyber Economic Espionage Accountability Act Rep. Mike Rogers
(R-Mich.)Rep. Tim Ryan
(D-Ohio)
  • Introduced June 6, 2013, the bill broadly aims to secure the United States against cyber attacks sponsored by foreign governments.
  • The bill calls for the President to identify foreign government officials whom the President determines, “based on credible information,” are responsible for cyber theft of United States intellectual property.
  • The bill makes the identified persons ineligible to be admitted to the United States.
  • The bill directs the Secretary of State and Secretary of Homeland Security to revoke the visa of any such identified person.
  • The bill imposes financial sanctions, enabling the President to freeze property transactions by the identified individuals.
 Referred to the Foreign Affairs, Judiciary and Financial Services Committees.
Deter Cyber Theft Act Sen. Carl Levin
(D-Mich.)et al.
  • Introduced May 7, 2013, the bill would establish a “watch list” and “priority watch list” of countries that facilitate or engage in cyber theft of trade secrets from the United States.
  • As we previously reported, the bill would also require the President to direct U.S. Customs and Border Protection to bar imports from foreign countries on the watch list.
 Referred to the Committee on Finance.
Strengthening and Enhancing Cybersecurity by Using Research, Education, Information, and Technology Act (“SECURE IT”) Rep. Marsha Blackburn
(R-Tenn.)
  • Introduced April 10, 2013, SECURE IT seeks to, among other things, facilitate the sharing of cyber threat information and create new deterrents for cyber criminals.
  • For instance, the act creates a limited exemption from antitrust laws for the sharing of cyber threat information between private entities.  It further provides that an entity may disclose cyber threat information to any entity to assist with the investigation of threats to cybersecurity.  (This portion of the bill might face the same opposition as CISPA — see below.)
  • SECURE IT further requires that federal agencies be informed of significant cyber incidents involving their federal information systems and that agencies adopt technologies to detect and remediate cyber intrusions.
  • The bill aims to amend certain provisions of the Computer Fraud and Abuse Act to include new criminal penalties for “aggravated damage” to certain “critical infrastructure” computers, such as those that control water supplies, electrical power delivery, and financial transactions.
 Referred to the House Subcommittee on Crime, Terrorism, Homeland Security, and Investigations.
Cyber Intelligence Sharing and Protection Act (“CISPA”) Rep. Mike Rogers
(R-Mich.)et al.
  • First introduced in the House on November 30, 2011, and most recently re-introduced on February 13, 2013, the act aims to permit information sharing about possible cybersecurity threats among government agencies and private companies.
  • CISPA has divided the House and Senate and has faced opposition by privacy and civil liberties organizations.
 The bill passed the House and was referred to the Senate but has not shown signs of advancement.  We reported earlier that the Senate would not be taking up the bill and that President Obama threatened to veto the bill because of privacy concerns.

 

What trends can we discern from these bills?   READ MORE

Terror Tactics: Report Urges Government to Use Financial, Trade and Immigration Systems to Squeeze Theft of IP

Posted on

A new report on halting the theft of trade secrets and other intellectual property reads like a blueprint for fighting terrorism­—not surprising, given that it was co-authored by the nation’s former spy chief and a member of the 9/11 Commission.

On Wednesday, the Commission on the Theft of American Intellectual Property released its report detailing the scale and scope of the problem.  The Commission is an independent, bipartisan body made up of members from national security, foreign affairs, academia, politics and the private sector.  It is chaired by former director of national intelligence Dennis C. Blair and former U.S. Ambassador to China and ex-Utah Gov. Jon M. Huntsman Jr.  Its report is the product of an eleven-month study. 

The Commission’s report pulls no punches: it calls IP theft “one of the most pressing issues of economic and national security facing [the United States]” and singles out China as “the biggest IP offender in the world.”  Along with documenting patent, trademark, and copyright violations, the report dedicates a full chapter to trade secret theft.  Among its alarming findings:

  • In 2009, U.S. firms lost at least $1.1 billion from the misappropriation of trade secrets to China alone.  Russia is also an aggressive collector of sensitive U.S. economic information and technologies, especially in cyberspace.
  • In the past two years, an unprecedented number of cyberattacks have been perpetrated against major corporations, nonprofit institutions, and governments, with the majority of these attacks originating in China.  Our blog discussed the real lesson of Chinese cyberhacking earlier this month.
  • Cyberattacks are common, with some companies experiencing 72 successful attacks per week.  All sectors and all types of companies, large and small, are the targets of attacks.

Just as the 9/11 Commission reported the intelligence failings that led to the terrorist attacks,
READ MORE

That’s the Way the Consensus Crumbles: CISPA Splits Natural Allies in High-Tech

Posted on

Orrick Trade Secrets Watch

If there’s one thing Americans of all political stripes seem to agree on, it’s the need to thwart cyber-attacks on critical U.S. systems.  Just this week, the Pentagon for the first time openly blamed China for hacking U.S. government computer infrastructure.

Yet a bill that would combat cyber attacks by enhancing information-sharing among government agencies and private companies is once again stumbling through Congress, its fate thrown into question by intra-Silicon Valley rivalries and a threatened White House veto.  The Cyber Intelligence Sharing and Protection Act (CISPA) would permit information-sharing about possible cyber-security threats among government agencies and private companies.  The main idea behind CISPA is that expanding the information flow would help disseminate and centralize information that is otherwise fragmented and siloed, which would help halt cyber-attacks.  These attacks pose a threat READ MORE

The Real Lesson of Chinese Cyberhacking

Posted on

The Real Lesson of Chinese Cyberhacking

There’s been a lot of news lately about the Chinese military allegedly launching cyber attacks to steal U.S. trade secrets.  This has gotten people riled up, including the President of the United States, who issued a 5-point plan for protecting American trade secrets.  The White House called on the public to make suggestions for new federal legislation to combat this growing threat.  (Submissions were due April 22, 2013.)

This is a time of great opportunity to do something big to protect U.S. trade secrets.  Unfortunately, some proposed solutions aren’t taking advantage of this opportunity.  Some industry groups, for example, have suggested adopting new federal trade secret legislation that would not preempt state laws and only cover cases of “international misappropriation,” or only cover misappropriation by or for the benefit of foreign governments, companies, or individuals.

Respectfully, measures of this type don’t address the real issue and aren’t seizing the moment.  The real lesson of Chinese cyberhacking is not that China has hackers targeting America, but that U.S. companies’ trade secrets are READ MORE