Michael D. Moberly March 11, 2014 ‘A blog where attention span matters’.
On February 19, 2013, Mandiant, a U.S.-based cyber-security firm released a report purporting to have evidence linking a specific unit of the (Chinese) People’s Liberation Army in Shanghai to a global cyber espionage campaign against companies in twenty economic sectors. The campaign was designed to misappropriate valuable intellectual property and other forms of intangible assets, i.e., intellectual, structural, and relationship capital. And why is this relevant? It’s because steadily rising percentages, i.e., 80+% of most company’s value, sources of revenue, profitability, and sustainability lie in – emerge directly from intangible assets!
As would be expected, Mandiant’s report received substantial media coverage, prompted no doubt in part by its immediate and categorical rejection by Chinese government officials. Of note, the following day (February 20, 2013) the Obama administration release a newly tweaked strategy to combat theft of intellectual property and other intangible assets from U.S. companies based on the argument that trade secret theft threatens U.S. national (economic) security, with five strategic actions noted…
- Focus diplomatic efforts to protect trade secrets overseas.
- Promote voluntary best practices by private industry to protect trade secrets.
- Enhance domestic law enforcement operations.
- Improve domestic legislation, and
- Public awareness and stakeholder outreach.
Economic Espionage Equates With National Security…
Economic espionage involves government and/or otherwise state sponsored initiatives to clandestinely acquire information assets from another (foreign) government or company that are in a safeguarded state. That is, the information assets
- are owned by a company.
- distinguished as being proprietary, or
- meet the requisites of trade secrecy.
- enforced, protected by intellectual property law, or,
- categorized as being classified by a government entity.
Frequently though, economic espionage is referred to as corporate or industrial espionage.
The U.S., and I assume other countries as well, are correctly inclined, in my view, particularly in a 21st century context, to equate or elevate the aggressive, increasingly sophisticated and predatorial targeting capabilities of economic espionage to national and economic security status, as expressed by former FBI Director Sessions in the mid-1990’s. Or, in more recent contexts, numerous U.S. private sector and government leaders point to economic (cyber) espionage as metastasizing to the point of being a (the) primary contributor to the “greatest transfer of wealth in history’. While this characterization may have originated with intent to dramatize the significance of this adverse phenomena, it’s hardly arguable.
I suspect, but have no direct evidence to support such a claim, there is an agenda, correctly or not, to modify the context of economic espionage, away from its 1996 roots with the passage of the Economic Espionage Act, by consistently describing it as cyber-espionage vs. the more straightforward term of economic espionage.
To be sure, well before the advent of sophisticated cyber technologies, economic espionage was just as stealthy and successful as it presumably is today. The difference being, both protectors and adversaries apparently hold the view that all valuable information assets now exist primarily in electronic ‘bits and byte’ contexts.
However, be assured, that does not suggest economic and competitive advantage adversaries overlook or dismiss the extraordinary value embedded in human (intellectual, structural, and relationship) capital. Readers of this blog recognize, economic (cyber) espionage has manifested itself in multiple forms in the past quarter century.
International Law and Economic (Cyber) Espionage…
Countries’ desire and need to engage in more consistently potent legal prosecutions and other countermeasures to combat economic (cyber) espionage are challenged somewhat by existing international law on espionage, says David P. Fidler, Professor of Law at the Indiana University and a Fellow at I.U.s Center for Applied Cyber-security Research and member of the American Society of International Law.
In his fine article titled ‘Economic Cyber Espionage and International Law: Controversies Involving Government Acquisition of Trade Secrets through Cyber Technologies’ (ASIL, March 20, 2013, Volume 17, Issue 10), Fidler points out that while a victim country, and presumably company as well, could assert that spying violates the principles of sovereignty and non-intervention, state practice has, probably unfortunately in my view, has accepted state-sponsored espionage to the extent that such appeals may not be regarded as serious or sufficient claims, standing alone.
Although cyber espionage is sometimes described as “cyber attacks” and “cyber-war,” Fidler identifies no government that regards cyber espionage as constituting a prohibited use of force. Other bodies of international law under which espionage issues arise, such as rules on armed conflict and/or with respect to diplomatic relations in periods absent a declaration of war, do not prohibit or necessarily constrain espionage, or economic espionage in particular.
Many Countries Obviously Prohibit Economic Espionage…
Many countries prohibit economic espionage under (their own) national law. However, enforcement of such laws may present challenges because the specific elements of economic espionage include foreign government participation. Using extradition or mutual legal assistance treaties proves ineffective also, especially says Fidler, when the requested state is accused of sponsoring criminal acts, i.e., economic espionage.
Is there a possible role for TRIPS…
The Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) of the World Trade Organization (WTO) requires each WTO member to protect, within its territorial boundaries, certain types of intellectual property rights, including trade secrets.
Some have argued that the U.S. should use protections enunciated in international trade law regarding intellectual property against countries engaged in economic (cyber) espionage. As readers already know, private sector enterprises engaged in trade and investment agreements and/or transactions have used international law to safeguard their intellectual property rights.
However, WTO members have, to date, shown little or no interest, according to Professor Fidler, in addressing economic espionage within the constructs of WTO, despite mounting concerns. One reason is that WTO members have not used WTO-based strategies, the reason, Fidler says, lies in the difficulty of successfully formulating a claim that economic espionage actually violates WTO agreements.
WTO rules impose obligations on WTO members to fulfill within their territorial boundaries. That is, WTO members that engage in economic espionage, i.e., covertly (illegally) obtaining intellectual property and other forms of intangible assets of other WTO members which operate companies within that countries’ territorial boundaries could be in violation of those WTO obligations. No prudent business person should exhibit naiveté about such obligations.
Even if a WTO member could construct what may become a successful claim that economic (cyber) espionage violates a WTO rule, it would have to establish that another WTO member’s government is responsible for the act. Usually, Professor Fidler argues, establishing governmental responsibility for challenged acts is not difficult, but WTO cases have generally not involved accusations regarding state-sponsored economic (cyber) espionage. It is not clear, Fidler suggests, whether a WTO (nation, government) member could successfully satisfy such a burden by relying solely on evidence provided by the private sector victim, e.g., Mandiant’s report without revealing any existing counter-intelligence tradecraft that may be in place.
Far too much time focused on naming the culprits…
Far too much time, in my view, has been focused on identifying and naming who the (economic espionage) culprit countries are, with far too little attention and resources from private sector companies on designing, incorporating, and executing effective strategies to combat it. Let’s say, for instance, we accept Mandiant’s report in full, along with the annual report by the Office of the National Counterintelligence Executive, and various other reports citing China as the single most aggressive economic (cyber) espionage adversary.
I am quite confident readers of this blog are pragmatists. That is to say, we would be very surprised to learn of a company that would elect to cease operations and/or business transactions in a country with 1.2 billion+ potential consumers! Just don’t see that happening!
(A special thanks to David P. Fidler, Professor of Law at the Indiana University and a Fellow at I.U.s Center for Applied Cyber-security Research and member of the American Society of International Law for his fine article titled ‘Economic Cyber Espionage and International Law: Controversies Involving Government Acquisition of Trade Secrets through Cyber Technologies’ (ASIL, March 20, 2013, Volume 17, Issue 10) that inspired this post.)