How Critical IP and Trade Secrets Get Stolen in China (and elsewhere)

by Paul J. Ortiz

If your company doesn’t fully understand how trade secrets and IP are stolen, it’s unlikely you’ll be able to safeguard your most critical assets. In this article we will discuss the most common internal and external threats to your IP, and ways you can take action to protect your company’s most critical IP and trade secrets.

Proactive vs. Reactive

While taking action against bad actors in China is possible, it’s far more effective to take proactive measures that anticipate bad behavior to prevent the theft and/or compromise in the first place. Chasing a defendant through the Chinese legal system is a time and resource intensive process which, even if the plaintiff prevails in the matter, the company will have lost the trust of its board, investors, and customers. To add even more bad news, once the theft occurs, there is no effective way to ensure the IP and/or trade secrets can ever be secured again in any meaningful way. The IP is usually quickly dispersed onto remote servers so that the bad actors can gain access remotely and in their own time.

So, while hiring counsel to take legal action after the breach is discovered (which might take years or might come to your attention in a very public manner) might be the most effective way to address the issue in the moment, spending the time to create a preventative strategy is a much more efficient and effective approach.

Unfortunately, companies moving too quickly into China without a unified strategy around IP protection has resulted in ineffective protections and critical IP repeatedly making its way into the hands of competitors.

Developing a sound risk-based proactive strategy requires a detailed understanding of how compromises are likely to occur. To begin formulating your strategy, first consider the following initial steps:

  1. Understand what constitutes critical IP and/or a trade secret in your company.
  2. Trade secrets and IP don’t simply reside in one file or location. Ensure Physical and Cyber/IT Security teams both understand and document where critical IP resides throughout the company, including its’ partners, manufacturers, and vendors.

Continue reading