Six Tips to Make Sure You Aren’t Poaching Intellectual Property Along with Employees
Silicon Valley, CA (August 2015)—In today’s hyper-competitive global economy, talent is often your most valuable weapon. If you’re like most business leaders, you’re not above engaging in a little employee-poaching to improve your position. After all, if you can entice an MVP from another company to enlist in your ranks, you’ll deprive the competition of a key asset while taking immediate advantage of your new hire’s previous training and experience. Best of all, this kind of hiring is perfectly legal, right?
Well yes…except when it’s not. James Pooley says that there are two scenarios that tend to get companies in trouble when they woo workers away from a previous employer.
"The first is hiring a new employee with the intention of gaining access to confidential information about another company," says Pooley, author of Secrets: Managing Information Assets in the Age of Cyberespionage (Verus Press, 2015, ISBN: 978-0-9963910-0-9, $24.97). "The second is simply being sloppy about onboarding new hires and unintentionally allowing them to bring confidential data, knowledge, or methods into their new position."
If you’re wondering whether tapping into another company’s secrets via employee-poaching is really that significant a transgression, the answer is a resounding "yes."
"After Boeing hired away Lockheed employees who brought proprietary documents to their new employer, it had to pay a $615 million fine to avoid criminal prosecution," Pooley says. "Even then, two former Boeing executives were indicted and sentenced to prison time."
Think this couldn’t happen to you? Think again. As reported recently by Symantec, half of employees who leave their jobs keep data belonging to their former employer, and most of them leave with plans to use it in their new positions.
"When you’re hiring away employees, you need to be very familiar with what’s legal and ethical and what’s not, and take specific steps to make sure you aren’t crossing the line into espionage or trade secret theft," Pooley comments.
Having recently completed a five-year term as deputy director general at the World Intellectual Property Organization in Geneva, where he was responsible for management of the international patent system (PCT), Pooley is an expert in the fields of intellectual property, trade secrets, and data security. Secrets, which explains how to recognize and mitigate the risk of information loss that’s so prevalent in our hyperconnected world, is a must-have guide for executives and managers, knowledge workers, consultants, security professionals, entrepreneurs, investors, lawyers, and accountants—anyone and everyone who works with information.
Here, Pooley shares six ways for employers to stay on the right side of the law when hiring key employees away from the competition:
Understand what’s legal for you to know, and what’s not. The law protects only trade secrets, not employee skill or general knowledge—but what’s the difference? The skill a worker acquires practicing her craft over time is hers to keep and is your company’s to enjoy after you’ve hired her away from the competition. The same thing may also apply to techniques and information she has learned over the course of her employment. However, if any of those techniques or pieces of information give her employer a competitive advantage, are not generally known, and are safeguarded to a reasonable degree by the company, they are likely to be considered trade secrets.
"If that explanation sounds confusing or open to interpretation, that’s because it is," says Pooley. "Trade secrets can range from unique processes for creating goods—such as the legendary Coca-Cola formula—to seemingly inconsequential details, such as a key client’s favorite wine. There simply is no hard-and-fast distinction between these types of assets. However, if a piece of information—no matter how minute—is privately held and gives a particular company an edge over the competition, chances are the law will treat it as a trade secret—and will prohibit you and your newly poached hire from using it."
Be aware that poaching is a balancing game, not an exact science. Even if your company is careful to avoid learning and utilizing sensitive information when onboarding a new employee, contamination may still occur. Often the most valuable new employee in theory is also the one with the most knowledge of the competition, and is thus the riskiest hire in terms of exposure to information that could get you into trouble. As the "inevitable disclosure" theory postulates, some new hires may know more than they can reasonably be expected to contain. It’s up to your company to confront this paradox directly and determine your risk appetite for the "best" hire.
"Also, be aware that your risk multiplies when hiring a group of people away from the same company," Pooley notes. "Not only must you guard against contamination from multiple sources who may be used to sharing confidential information with each other; you may face litigation from their previous employer. The competitor’s perspective is easy to understand: With so many qualified individuals out there, the only reason for going after most or all of a team can be to cause damage, and perhaps also get access to an array of special knowledge. This, the competitor will allege, is a raid, a particular form of unfair competition."
Tread carefully in the recruitment phase. You can start mitigating the risk of information contamination when your company is still in the recruitment phase. Ideally, all job announcements will express qualifications in generic terms, avoiding anything that could be interpreted as trolling for a source of competitive data. Be especially careful in this area if you’re targeting a particular individual or group.
"Don’t let down your guard once you have desirable candidates on the hook," Pooley urges. "The pre-employment interview can be an especially fraught situation. Those who participate in the process should be trained, or at least well informed. They should be guided by a checklist that allows them to find out only what they need in order to assess the candidate’s general knowledge and skill set (which, once again, is the part of their experience that applicants are entitled to take with them). Make it clear to candidates at the outset that you don’t want them to reveal sensitive information of any kind and explain why." Note to Editor: See attached tipsheet for a sample interview checklist and candidate assurance form.
Reaffirm your commitment to remaining "clean" during onboarding. During new employee orientation, reinforce your company’s culture of respect for others’ information rights. As with the pre-employment interview, your goal is to impress on new employees how important it is to come into the new position "clean," and to point out that there is no advantage—and considerable risk—in trying to prove themselves by bringing with them the work they did before.
"In my experience, there are some types of new hires for whom this sort of fresh start is particularly difficult," Pooley shares. "Consider software engineers, for example. Many of them tend to view their prior work as belonging to them instead of their former employers, and they often feel attached to it as a reference source.
"In this situation, use the onboarding process to affirm your confidence in the new employee’s ability to get the job done only with the skill and general knowledge that he has accumulated during his career," Pooley continues. "Go carefully through the various forms and contracts that have to be signed, and make sure that the new hire knows where to get answers or address any concerns about information security."
Train current employees to recognize off-limits information. Despite your best efforts, a new hire might inadvertently share sensitive data about a previous employer. It’s important that all of your employees (not just supervisors and hiring managers) know how to recognize off-limits information.
"Set aside time for company-wide training on what constitutes a trade secret, and be sure to provide examples of acceptable and unacceptable conversations regarding ‘how we did things at my previous company,’" Pooley advises. "Give specific instructions on what to do if an employee thinks she may have been exposed to secret information. And perhaps most important, provide information and encouragement about where to go if employees have questions or are concerned about an ethically ambiguous situation."
Have a de-contamination plan in place. It’s much better to be prepared than to be sorry, so assume that despite your best efforts, you’ll encounter information infection from new hires. Know how to proceed if and when this happens. According to Pooley, your first goal should be to understand the facts: what information was received, when and how it entered, to what extent it has spread through the organization or its systems, and whether or how it has been used.
Unless the issue seems trivial (e.g., it’s information of minor importance, possibly publicly available, and exposed to only one person), immediately involve legal counsel to help decide what to do next, and to provide a privilege against disclosure of your internal communications.
"Assuming that any unwanted infection you suffer was truly an accident or the result of a rogue employee’s misconduct, then your challenge will be to combine risk management with ethical behavior," he explains. "Happily, they usually align. Voluntary disclosure to the information’s owner is often appreciated, with no greater consequence than cooperating on a plan for containment. Naturally, if the damage has been more extensive, then there is more risk that litigation will result. But by keeping the situation secret from the victim, you will increase the risk of serious consequences if the facts surface. So the ethical choice is also the smarter choice."
"Ultimately, establishing an overall culture of respect for intellectual property is your best defense against information contamination when you are hiring employees away from the competition," Pooley concludes. "When everyone in your organization understands the importance of respecting trade secrets and other privileged data, this knowledge will shape their actions and interactions with potential candidates and new hires."
# # #
How "Safe" Is Your Interview Process? Two Forms to
Prevent Sensitive Information Contamination from New Employees
By James Pooley, author of Secrets: Managing Information Assets in the Age of Cyberespionage (Verus Press, 2015, ISBN: 978-0-9963910-0-9, $24.97)
When recruiting new employees, it’s important to make sure that they do not bring previous employers’ trade secrets and other protected information into your company. The following forms will help you ensure that candidates know what information they should not disclose (either during the recruitment process or once hired), why, and what the consequences will be if your company’s policy is violated. These forms are samples and can be edited to reflect your company’s policies and requirements.
Pre-Employment Interview Checklist
- Discuss company policies regarding information protection
- Company’s information
- Others’ information (including candidate’s employer)
- Discuss and provide a copy of contracts candidate will have to sign
- Have candidate sign assurance of no confidential information (A sample of this form is provided below.)
- Emphasize policy prohibiting use of unauthorized data
- Ask about current employment, without inviting disclosure of secrets
- Observe candidate’s attitude toward rights of current employer
- Get copy of any restrictive agreements
- If already terminated, ask about warnings or concerns
Candidate Assurance Regarding Secrets of Others
To: Widgets, Inc.
I am applying for employment with Widgets, Inc. I assure you as follows:
- I can perform the duties of the position for which you are considering me, without violating my obligations to any other person or company.
- I have given you copies of all nondisclosure, invention assignment, or other restrictive contracts I have entered into in my past employment.
- I will not disclose to you or use in my work for you any confidential information derived from sources other than my work for you. I will not bring to Widgets, Inc., or otherwise use or disclose any materials or information belonging to any other person or company.
- I understand that failure to comply with the policies of Widgets, Inc., regarding protection of confidential information may have serious disciplinary consequences, including dismissal.
Dated: ________________
Signed: _________________________
About the Author:
James Pooley is the author of Secrets: Managing Information Assets in the Age of Cyberespionage. He provides international strategic and management advice in patent and trade secret matters, performs pre-litigation investigation and analysis, and consults on information security programs.
Mr. Pooley recently completed a five-year term as deputy director general at the World Intellectual Property Organization in Geneva, where he was responsible for management of the international patent system (PCT). Before his service at WIPO, Mr. Pooley was a successful trial lawyer in Silicon Valley for over 35 years, representing clients in patent, trade secret, and technology litigation. He has also taught trade secret law at the University of California, Berkeley, and has served as president of the American Intellectual Property Law Association and of the National Inventors Hall of Fame, where he currently serves as chairman of the board.
Mr. Pooley is an author or coauthor of several major works in the IP field, including his treatise Trade Secrets (Law Journal Press) and the Patent Case Management Judicial Guide (Federal Judicial Center). He graduated from Columbia University Law School as a Harlan Fiske Stone Scholar in 1973 and holds a bachelor of arts, with honors, from Lafayette College.
About the Book:
Secrets: Managing Information Assets in the Age of Cyberespionage (Verus Press, 2015, ISBN: 978-0-9963910-0-9, $24.97) is available at bookstores nationwide and on Amazon.
For further information, please visit www.veruspress.com.