|
By Laton McCartney
In seeking the efficiencies and cost savings of outsourcing, companies often place trade secrets, intellectual property and critical information assets in the hands of their providers. This can create enormous problems, especially if the provider is based in China or India.
Not that the theft of assets is more likely to occur in Asia. But as Patrick J. Whalen told CIOZone, Asian legal systems are frequently less responsive and predictable than those in the U.S. and U.K.
As they increase the scope of their outsourcing efforts, organizations are sending more and more trade secrets offshore, added Whalen, a partner at law firm Spencer Fane Britt & Brown LLP, where he heads the intellectual property group.
At the same time, publicly traded companies are often so concerned with meeting quarterly earnings expectations that they rush to outsource, putting IP and trade secrets in jeopardy in the process, said Thomas J Quilty, CEO of BD Consulting and Investigations, Inc.
The loss of such information can be damaging in a number of ways. "Trade secret theft can reveal a company's product development plans for a new product or service," said Jerry E. Durant, chairman emeritus of the International Institute for Outsource Management. "Say, as an example, you're in the apparel business, and you discover that someone is selling knockoffs of your new line -- before you've introduced it."
"If someone steals your trade secrets, you could have an instant competitor," said Quilty, who is also managing director of Certellus Corp. "And if that company doesn't sell its products in the U.S., they can get away with anything they want. The laws frequently aren't enforceable outside the U.S."
"I see this happen all the time in my practice," added Spencer Fane's Whalen. "An employee at an outsourcing company steals intellectual property, and later the outsourcing client discovers there's a competitive operation using its intellectual property."
How can companies prevent this kind of theft?
IT and legal departments have to work hand in hand in drawing up outsourcing contractual arrangements, said Whalen. And outsourcing clients should never rely on boilerplate agreements. "These are no good," he noted. "The boilerplate clauses are entirely insufficient to cover the value of trade secrets or intellectual property."
"Make sure the supplier has an intellectual property risk program [IPR] in place and has practiced it and utilized it for at least a year," said Durant of Certellus. "The supplier should also have insurance to protect against theft and a strong history of IPR support."
A successful lawsuit for misappropriation of IP will only go so far. Even if a company wins all the supplier's assets, those assets are typically worth far less than its client's. "That's going to be the case unless you're dealing with the top two or three outsourcers," said Whalen.
IT needs to know what's on its company's network, where their most critical assets are located and how those assets are protected, Quilty warned. "Many IT departments don't know what their business units are doing so. As a result, they don't know what they need to protect when they go offshore."
Companies should demand an audit trail so they can see who has looked at the information, when they accessed it and who has copied it, added Quilty. "Also the CIO and staff should make it clear to the supplier that they're going to be looking at its system. If there's any hesitation on the supplier's part, you've already got a major problem."
Only registered users can write comments.
Please login or register. |
