Is it possible to "steal" trade secrets belonging to someone else? It would be tempting to think so for a number of reasons. First, trade secrets are often valuable – the lifeblood of many businesses – so their loss to, say, a competitor would be likely to cause real damage. Second, someone who deliberately takes something belonging to another – a wallet or a handbag – would be guilty of theft. So why not the same rule for a trade secret? Third, many people would think it fair that taking someone's valuable property should be subject to some punishment.
But as a matter of English law at least, that is not the case, even if headline writers are apt, for understandable reasons, to use the language of theft to describe the taking of another's trade secrets.
A recent case has highlighted the issue once more. In mid December 2016 newspaper reports appeared of a trial at Southwark Crown Court involving a Mr Ke Xu who, it was reported, was on trial for not returning trade secrets "stolen" from his previous employer. As will become clear, the case was a little more complex that that.
The case involving Mr Xu actually dates back to events in 2014. Frustrated apparently, by receiving only a £400,000 bonus (on top of his £85,000 salary), Mr Xu, who worked for a City financial trading company, accessed his employer's computer system and deleted a large number of records. He also allegedly copied a series of algorithmic trading codes, apparently with the intention of selling these to a competitor, to whom they would be extremely valuable.
Having copied the codes, he fled to Hong Kong, but was apprehended and extradited back to the UK to face trial.
In 2015 he was found guilty and sentenced to four years imprisonment. Found guilty of what exactly? Not for stealing his employer's trade secrets, although to most fair minded observers, that is exactly what he had done. He was charged with "fraud by abuse of his position", under Section 4 of the Fraud Act 2006, a charge he admitted. A separate charge of unauthorised access to a computer, which is a criminal offence under the Computer Misuse Act 1990, was not pursued against him.
So why was he not charged with theft of his ex employer's trade secrets? For the simple reason that information is not regarded as "property" for the purposes of the Theft Act 1968. True, a thief could steal the medium on which the secrets had been recorded or kept – a USB drive, a disk or even paper. But the value of the secrets lies in the information itself and not the medium on which the information happens to reside. This result, which might seem surprising to many, has been clear since a Court of Criminal Appeal case – Oxford v Moss – in 1978.
However, in an interesting twist to the original conviction, Mr Xu's recent December 2016 trial related to an ancilliary order made at his first trial in 2015. The court then made what is known as a "Serious Crime Prevention Order" ("SCPO") under the Serious Crime Act 2007. SCPOs are used "...to protect the public, by preventing, restricting or disrupting a person's involvement in serious crime."
In Mr Xu's case, a SCPO was imposed to oblige him to return physical copies of what he was alleged to have taken from his ex employer – copies of the codes – as well as his laptop. Mr Xu's reported excuse for not responding to the order was that he did not in fact, take copies of anything, and the Hong Kong relative to whom he had entrusted his laptop, had unfortunately been burgled, so it was no longer available.
The determination of Mr Xu's second trial is not yet known, but deliberate failure to comply with a SCPO is a serious offence punishable by a period of imprisonment.
The case exposes a potentially serious gap in the armoury of weapons available to be used against those – usually insiders – who "steal" business secrets. It is certainly the case that the civil action for breach of confidence, or breach of an employment contract, is sufficiently flexible to provide a fairly clear range of options and remedies for an aggrieved trade secrets owner whose secrets have been misappropriated. But would a criminal penalty for those who maliciously remove what are often the "crown jewels" of a business not be appropriate?
The Law Commission clearly thought so and in 1997 proposed the introduction of a new criminal offence to deal with trade secret misuse. That recommendation was not acted on which leaves us where we are.
The UK position can be contrasted with a number of other countries where the criminal law plays a more central role. Unfair competition laws in Germany, for example, contain both civil and criminal elements and some trade secret cases start life as criminal investigations before being taken over and proceeding as civil cases.
More significantly perhaps, the US has had a law to deal specifically with trade secret theft for some years. The Economic Espionage Act 1996 was introduced to deal with what was perceived to be a serious threat to US economic interests. Section 1831 of the Act is aimed at the theft of trade secrets for the benefit of a "foreign entity" and Section 1832 deals with theft intended to confer an economic benefit to another party.
The 1996 Act brought trade secret protection, albeit in relation to espionage and theft, into the federal court arena. Up to that point, all US trade secret laws had been state, not federally focused.
In May 2016 the US Defend Trade Secrets Act was enacted. Its significance is that it too brings trade secret actions into the Federal arena, but without displacing state trade secret laws. The DTSA cast its net wider than espionage or theft into the general area of misappropriation cases. The advantage of the DTSA is that federal courts have greater scope to deal with, say, applications for witness testimony or discovery where there is an international or inter-state element. A DTSA case must however, relate to inter-state or international trade, so cases which do not reach that threshold will still be dealt with at state level.
The UK is of course, contemplating the introduction of a new trade secrets law, promoted by the introduction of an EU Directive on the subject. The Directive must be implemented into UK law by 9 June 2018 which will be before the UK's exit from the EU. There is an open question about whether the UK will implement the Directive, but leaving that aside, one thing is clear. The Directive's scope is civil only. It does not introduce any new element of trade secret theft.
The most interesting aspects of this case are the criminal offences for which Mr Xu was charged and one of which he was convicted. The fraud charge – fraud by abuse of position – is one which could well apply to many senior insiders who abuse the trust placed in them by their employers by copying materials (in this case, computer codes) for use by themselves or a new employer. Similarly, the use of a SCPO, in this case as pressure to return stolen material, is a potent weapon for the authorities.
It seems likely however that many businesses will prefer to deal with trade secret theft by the traditional route of an injunction and damages rather than entrusting the case to a criminal prosecutor. More to the point, the police and CPS probably have enough on their plate without a raft of cases of this sort. On the reported facts, the Xu case seems fairly clear cut. Other cases of "trade secret theft" will be much less straightforward. Unless a prosecutor is satisfied that the use of public money will, more likely than not, result in a successful conviction, then businesses will be left to their own devices.
If you require further information on anything covered in this briefing please contact John Hull (firstname.lastname@example.org ; 020 3375 7352) or your usual contact at the firm on 020 3375 7000. Further information can also be found on the Information Matters page on our website.
This publication is a general summary of the law. It should not replace legal advice tailored to your specific circumstances.
© Farrer & Co LLP, January 2017