How much longer can Europe afford to ignore cyber-enabled ‘trade secret theft’ as a form of IP Crime?

The latest report from the EUIPO and Europol on IP Crime threats assessment makes clear that such threats are viewed as limited to instances of piracy and counterfeiting. Important as these criminal activities may be to threaten the health of our economy such a limited approach is at odds with American jurisprudence where, ”the threat of trade secrets theft to U.S. corporations conducting business internationally is a well-recognized and extensively documented phenomenon”, and “top intellectual property priority” for investigation by the FBI. The United States Trade Representative’s Special 301 Report (2018) goes further by identifying a failure to adequately protect trade secrets by trading partners as a key area of concern, given U.S. government recognition that “trade secrets may constitute the most critical intellectual property assets” for U.S. corporations.

It was for this reason that the U.S. government reported it had been, “extremely active in Brussels in support of the EU trade secrets directive” (2016), using its co-chairmanship of the Transatlantic IPR Working Group to push ”this topic to the forefront on EU action on intellectual property matters”, albeit this legislative initiative was ultimately only limited to the civil law domain.

Work undertaken by the OECD in 2014 recognises that the U.S. leads the world in the legal protection of trade secrets, with the UK struggling to stay above the average – behind the legal jurisdictions of Canada, Lithuania, Spain, Japan, Netherlands, Ireland, Israel, New Zealand, Hong Kong (China), Singapore and Australia. A UN Conference on Trade and Development Report (2011) confirmed over 50% of global trade in services is now undertaken online, with a global fraud report (2010) recording incidents of data theft now surpassing that of physical theft. One area of primary concern highlighted by U.S. Secretary of State Hillary Rodham Clinton in 2012 was,”emerging powers are putting economics at the centre of their foreign policies” and making commercial cyber espionage a central part of their policy toolbox.

During his presidential campaign candidate Trump highlighted the blue-ribbon panel report into the Theft of American Intellectual Property, the updated version of which cites estimates of the value of trade secret theft as between 1% to 3% of GDP. It is sobering to note the Director of the European Centre for International Political Economy would point out, “there is no evidence or indication that cyber espionage against European firms is any lesser in scale than against other countries,” offering an estimation of “the cost of cyber espionage to Europe at 55 billion euros annually (and placing) 289,000 jobs at risk.”

Whereas the UK government would advocate that the solution lies with firms enhancing their own cybersecurity protection, such an approach is likely to become increasingly unrealistic as a holistic solution in the emerging 5G/Industry 4 era, where decades of R&D are susceptible to being ‘hacked’ at the click of the mouse.  Calls for parity of criminal law protection with SME counterparts in the U.S. can only be expected to grow within the UK.

With the UK providing notice to leave the EU and looking to build upon its current trading position with the U.S. a parity of criminal law protection against trade secret theft can only offer some reassurance to the U.S., with a trading partner which is currently said to offer better criminal law protection for the boardroom table than the theft of boardroom secrets (Alan Campbell QC 1967).

Welcome though such a legislative initiative might be for our vulnerable SMEs, Europol has already reported that national criminal legislation cannot of itself provide a unilateral solution. With TRIPS now nearing a quarter of a century of operation there are reassuring signs that the U.S., Japan and EU are starting to form a ‘coalition of the willing’ to work together on the margins of the TRIPS Council to elaborate upon the nature of the legal protection to be afforded under Article 39, with a special emphasis on SMEs (side event 9th November 2016).

Europe has been at the vanguard of developments for the legal protection of personal data, the question is whether the appetite now exists to extend the legal protection for valuable commercial data by using the criminal law.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s