Monday, October 10, 2011

Why do industrial spies spy? MICE.

In this week's issue of Chemical and Engineering News, Marc Reisch authors a rather interesting look at the multitude of US-based multinational employees who have taken company trade secrets and intellectual property and gone east with them. After talking about Michael David Mitchell, a DuPont employee who gave his company's IP to a South Korean competitor:
Nobody has a clear fix on just how often employees steal vital confidential information from their employers. What is clear is that over the past five years six former chemical company employees have admitted to or been convicted of stealing trade secrets from their employers. In five of the cases, the employee involved was of Asian descent. And in all of the cases, the intended recipient of the proprietary information was an Asian company or university.
The reasons for the IP theft aren’t clear either. “Those who engage in a major scam are likely to have complex motivations,” says Chris MacDonald, author of the Business Ethics Blog and a visiting scholar at the Clarkson Centre for Business Ethics & Board Effectiveness at the University of Toronto. “It’s hard to boil it down to a single factor.”
MacDonald points out that “when people do the wrong thing, it’s generally not because they lack the relevant values.” Instead, wrongdoers find ways to rationalize their behavior. For instance, employees who steal IP may believe they serve a higher purpose in committing the act, such as helping fellow countrymen or bringing the benefits of technology advances to underprivileged people.
Although the motives of those who steal corporate secrets may be complex, monetary gain was involved in most of the chemical industry cases, according to a review of court documents by C&EN. After Mitchell stopped working for DuPont in 2006, he began to work as a paid consultant for Kolon and e-mailed proprietary DuPont documents to Kolon employees. Court documents ascribe the crimes of former Dow Chemical researcher Kexue Huang mostly to greed but also to feelings of patriotism and paternalism.
Do we not have any fans of Cold War novels in this crowd? Why do people betray their country? MICE, of course: Money, Ideology, Compromise, Ego. (Ideology = the other side is actually right (i.e. Kim Philby), Compromise = "Ve haff pictures of you in bed with our agent, Sgt. Lonetree.") Obviously, money is at the forefront with this crowd, but "feelings of patriotism and paternalism" is pretty much Ideology and Ego right there.

Reisch makes a terribly interesting cultural argument with respect to Chinese-national industrial espionage:
Marc Sardy, an associate professor in the department of international business at Rollins College in Winter Park, Fla., agrees that “you’ll find unscrupulous people in every culture and in every country.” But in the cases involving Chinese researchers or Chinese recipients of stolen information, he suggests, cultural differences may be at the root of at least some of the IP theft. 
Until recently, Sardy notes, China’s Communist rulers didn’t allow private parties to own property, and all property, real and intellectual, belonged to the community. Individual property ownership was established in China only in the 1990s, Sardy says. And the concept of IP ownership, which is an extension of individual property ownership, is even less well established.
I don't have much to add to this very interesting and quite well-researched article, but I do have a few questions:
  • Intelligence agencies protect their sensitive information with "need-to-know" compartmentalization -- do large multinationals do the same? Cross-company cooperation is pretty darn important -- compartmentalization isn't worth it, right? 
  • Do companies protect their IP right before layoffs? Are layoffs (or their impending threat) the trigger for people who are prone to IP theft/transfer? 
  • Often in the movies (and in real life), the spy offers a piece of tasty information for free, upfront. How often does this happen in industrial espionage?
  • Isn't it time for corporate IT security to get a lot better than it is?


  1. This is not new. For a fun read, get a copy of the "Million Dollar Bug" about the theft of high production bug strains for tetracyclines from Lederle in the 1950s and their transfer to Italian firms.

    The most valuable but least valued IP that goes out the doors of companies is between the ears of their former employees.

  2. I was told that Celera was extremely worried about disgruntled employees doing a sabotage or stealing some proprietary info at the Axys South San Francisco site - especially since it was preparing to fire everyone without notice and cheat them from their severance but the employees were assured that there would be only a "minor reductions". So the management called a surprise all hands meeting where it announced the site closure and the employees were not allowed to return to their labs, hired guards with boxes appeared, the computer accounts got locked out and everyone got 20 minutes to pack their desk area and leave the building...

  3. I was laid off from a biotech in a very similar fashion to what milkshake described. I came in one morning and none of the computers or phones were working. They announced an all employee meeting mid-morning where we were told that half the company would be leaving that day. No security guards, but they did tell us to get our stuff packed and to leave by lunchtime.

  4. Agree that most of the IP leaves with the employees, either laid off or leaving the company out of disgust. Its between the ears, but mgmt keeps right on behaving as if this isn't the case. I'll wager that's because most of the company's IP is not between _their_ ears. Come to think of it, what _is_ between their ears? Oh wait, now I understand the vacuous looks on their faces...

  5. Milkshake: The only thing worse than to loose your job is accompanied by a security guard to show you the way to the front gate. Nothing could be more disgusting. I feel good about myself, when my boss accompanied me to the gate who I reckon was visibly upset with a moist eyes!


looks like Blogger doesn't work with anonymous comments from Chrome browsers at the moment - works in Microsoft Edge, or from Chrome with a Blogger account - sorry! CJ 3/21/20