Archive for the ‘Intellectual Property’ Tag

Brain-Dead on IP, part 2   Leave a comment


There are other ways to lose your company’s IP, like doing business in countries that require the disclosure of IP in order for products to enter their markets.

India and Japan just signed a bilateral trade agreement that will reduce tariffs on about 90% of trade for 10 years. One clause in the agreement requires companies that sell telecommunications equipment in India to disclose the source code to their products to the government. This isn’t so unusual (China has a similar requirement), but Japanese companies balked at the clause and it has since been put on hold. Maybe the recent arrests made some Japanese business leaders a bit less trusting of the Indian government’s ability to keep their source code out of private, and competing, hands?

On a side note, I wonder how much the alleged abuses in spectrum licensing in India influenced the rollout of 3G and 4G services in the country? According to the linked article, Average Revenue Per User (ARPU) “is just 198 rupees ($4.38) a month, down from 230 rupees a year ago” – with such a narrow margin for Indian providers, cutting and limiting costs in their operations is crucial for survival in the market. The motivation to acquire any useful technology without having to invest in it must be very high. If control over 2G spectrum allocations drove such a corruption scandal, I wonder what access to the Indian government’s source code repository could do?

When governments get involved in code escrow, as was proposed in the India-Japan deal or as required in China, companies in sensitive industries are put in a difficult position. On the one hand, a foreign government could pass along their IP to a local competitor who operates globally (which is alleged in China repeatedly – use Google for dozens of links). Aside from purely competitive risks, these decisions can also have an affect on international competitiveness and the security of the home country or society-at-large. Companies in the military and dual-use technology arenas are (hopefully) a bit more careful about these issues. (I am thoroughly convinced that export control laws have more to do with that restraint than any ethical standards among modern executive leadership).

In the regular public sector, however, decision-makers need to consider the potential harm to their domestic operations as well as potential social impacts that might occur under worst-case scenarios. As an example, Microsoft gave the Chinese government source code for various products like Windows, which the Chinese security establishment appears to be analyzing thoroughly for weaknesses (link courtesy of this interesting article).

Microsoft made the “profit-oriented” decision to disclose code in order to sell in China, and neglected the potential social impact issues. I’m excluding competitive issues because everyone knows that Microsoft’s products are usually pretty shitty before the first 100-or-so patches are applied, so nobody would really want to steal their code ;-).

Now, everyone who uses Microsoft’s products are potentially/eventually at risk of attack. (and let’s not forget the Chinese aren’t the only ones with the code link, link) Regular consumers of, say, Windows, don’t get access to the source code and are not generally able to evaluate Microsoft’s security, which props up another industry that has been failing for years to address problems. Governments who use Microsoft products are also vulnerable to newly-discovered attacks and each day we’re hearing more and more about those attacks also (here’s today’s hacked government link)

Interesting stuff, for sure.

to be continued…

Advertisements

Posted February 17, 2011 by jeffkeith in Security

Tagged with , , , , , , ,

Brain-Dead on IP   Leave a comment


I’m always astonished to witness people ignoring warnings about lax intellectual property security.

Maybe intellectual property is an unfamiliar, unapproachable and utterly boring subject for the average person. Since most people have at least a passing interest in money, and IP theft cases can cost a company millions, the whole “not interested” scenario doesn’t seem to make much sense to me.

Millions of dollars you say? Yes, and it affects everyone.

Ironically, real stories as examples of how an IP theft can sting a company seem to be pretty interesting to people. Here’s one, just for fun:

From the “2010 U.S. Intellectual Property Enforcement Coordinator Annual Report on Intellectual Property Enforcement”:

U.S. Secret Service
Silicon Valley Engineer Arrested for Theft and Transfer of Trade Secrets to China: In July 2009, a technology company’s chief legal counsel contacted the San Jose Resident Office of the USSS requesting investigative assistance in an ongoing theft of company trade secrets. An initial investigation identified three suspects and determined there was over $60 million in loss. The U S Attorney’s Office Computer Hacking and Intellectual Property Section requested that the San Jose USSS Office investigate this case for Federal prosecution. The agents discovered that a former employee established multiple businesses in order to develop and sell Global Positioning System (GPS) applications for mobile phones. The employee also recruited two other employees, Chinese Nationals, to integrate the stolen software source code into his products. The suspect also acquired at least one investor and attempted to recruit others in order to advance the interests of his businesses in the U S and China. On November 10, 2010, the three suspects were indicted for conspiracy, theft of trade secrets, possession of trade secrets and foreign transportation of stolen property. On November 16, 2010, San Jose USSS special agents arrested the former employee for the above listed charges.” (emphasis added)

So maybe you’re not in the geolocation business and that seems boring too. However, at some point in your life, you probably took a prescription medication. Maybe you thought your prescription was expensive. Maybe this has something to do with it:

Wed. Feb. 3, 2011 – UPDATE 3-Ex-Bristol-Myers worker accused of secrets theft

“A former Bristol-Myers Squibb Co (BMY.N) employee was charged with stealing company secrets and proprietary information as part of a plan to set up his own pharmaceutical company in India, the U.S. Justice Department said on Wednesday.”

For fiscal year 2009, Bristol-Myers Squibb spent $3.6 Billion on R&D. Shalin Jhaveri, the guy who stole BMS’s IP and almost setup a company to profit from it, spent very little.

So that was fun. A couple interesting stories about people who basically took advantage of a company for self-enrichment. They were caught, damage contained, company vindicated, everyone’s happy – end of subject.

Not quite…

Posted February 14, 2011 by jeffkeith in Security

Tagged with , , ,