Earlier this week, a Virginia jury awarded software company Appian Corp. more than $2 billion in damages after finding that competitor software company Pegasystems Inc. had misappropriated its trade secrets. The complaint alleged that Pegasystems engaged in corporate espionage and trade secrets theft in an effort to better compete with Appian. Pegasystems hired Youyong Zou, an employee of a government contractor and former developer for Appian. In exchange for payment, Zou provided Pegasystems with copies of Appian’s confidential software and documentation in violation of confidentiality restrictions that barred him from sharing Appian’s trade secrets. In 2020, Appian filed suit against both Pegasystems and Zou.
Continue Reading $2B Jury Verdict in Trade Secrets Suit

First off, don’t worry, Coca-Cola’s super-secret trade secret recipe is still safe.  But on April 22, 2021, a jury in the Eastern District of Tennessee convicted a former Coca-Cola employee, Dr. Xiaorong (a/k/a Shannon) You, of stealing trade secrets related to BPA-free coatings for the inside of beverage cans for the Chinese Government. The Indictment alleged that the trade secret information cost almost $120 million to develop. The twelve-day in-person trial focused not just on the former employee’s wrong doing, but also on some the best practices Coca-Cola and Eastman Chemical Company used to protect the trade secrets at issue.
Continue Reading Former Coca-Cola Employee Convicted of Stealing Trade Secrets for the Chinese Government

On April 20, 2020, the Supreme Court granted cert in Van Buren v. United States, to resolve an important circuit split over the meaning of “authorized access” under the Computer Fraud and Abuse Act (CFAA). This is the Court’s first foray into analyzing the precise contours of CFAA liability. Van Buren may have far-reaching implications for any individual or business operating in the digital domain, as the scope of civil and criminal liability under the CFAA can impact just about any sort of relationship involving access to computer systems, whether it be employer-employee relationships or third-party relationships.

The CFAA was enacted in 1986 as a first-of-its-kind statute designed to combat computer-related crimes, and has become an important and powerful tool for not only for the government but any business seeking to protect its intellectual property and computer systems. The CFAA imposes criminal liability on any person who “intentionally accesses a computer without authorization” or “exceeds authorized access” and, in doing so, obtains information from any protected computer. The CFAA also provides a civil cause of action for similar conduct. See 18 U.S.C. §§ 1030(a)(2), 1030(a)(4), 1030(a)(5)(B)-(C).
Continue Reading “Authorized Access”: The Supreme Court’s First Foray Into The Computer Fraud and Abuse Act

Companies and other organizations increasingly must face serious and complex threats to their business and infrastructure.  Whether the threat is trade secret theft, rogue insiders, cybercrime adversaries, aggressive competitors, or misconduct by business and supply chain partners, companies should remain constantly vigilant and defense ready. Adversaries, including especially cybercriminals operating exclusively in the digital domain, are often highly motivated, sophisticated, resourced, and innovative. The opaque, pervasive, and global nature of modern digital networked environments presents opportunities for criminals. The sophistication and relentless creativity of these bad actors pose significant challenges to companies and law enforcement agencies in being able to detect, assess, mitigate, attribute, and deter these threats. Because available tools and real-world practices to address these threats often outpace the law, companies are called upon to develop their own comprehensive approaches to investigate and remediate these forms of risk. In doing so, companies must be willing to assume a certain level of risk to effectively investigate and obtain sufficient insight to counter the problems.
Continue Reading Complex Threat Investigations: Tips for Investigating Trade Secret Misappropriation and Other Digital Crimes

On September 23rd, 2019, the District Court for the District of Colorado awarded Atlas Biologicals, Inc. a total of $2 million against Defendant Thomas Kutrubes and his company, Peak Serum, Inc. Kutrubes, a part owner and former employee of Atlas, was found liable for trademark infringement, misappropriation of trade secrets, and breach of fiduciary duty.

On May 10, 2019, the Delaware Chancery Court issued an opinion adopting a “narrow approach” in interpreting Section 1030(a)(2)(C) of Computer Fraud and Abuse Act (CFAA). Section 1030(a)(2)(C) imposes liability on a person who “intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains… information from any protected computer.” 18 U.S.C. §

The Federal Reserve is prepared to ratchet up the penalty for bankers caught misappropriating their employer’s trade secrets. Although bankers were already subject to civil liability under state laws governing trade secrets and breach of contract, the Federal Reserve now appears willing to subject guilty bankers to an outright ban from working with any institution