|
Article Excerpt
I. INTRODUCTION
II. THE PROBLEM A. State-Sponsored Economic Espionage B. Economic Espionage and the Internet C. Economic Espionage: The Usual Suspects? 1. France 2. Russia 3. Japan 4. China 5. Germany 6. Israel 7. South Korea D. Business Competitive E. Scope of the Problem F. Criminal Espionage III. THE LAW: ECONOMIC ESPIONAGE ACT (EEA) A. Provisions 1. Trade Secret 2. Offenses B. Enforcement 430 1. Systemic Factors 431 2. Context IV. THE FUTURE A. Improved Reaction B. Prevention 1. Implementation Strategies 2. Liability C. Sum
I. INTRODUCTION
Economic espionage and trade secret theft threaten our Nation's national security and economic well-being. (1)
The United States is facing an international challenge: economic espionage, the theft of our intellectual assets and proprietary information. (2) The events of September 11, 2001 pushed the seriousness of this activity to the far recesses of the public's consciousness. While this threat to our national security lacks the visceral impact of September 11th, the long term national security implications (a decline in economic competitiveness) stemming from the systemic theft of intellectual property has consequences no less serious than a real-world terrorist attack. Espionage targeting intellectual assets and proprietary information is driven by the international competition characterizing a global economy. (3) Americans have long ignored the preeminent rule of international economic competition: "Expediency outgrosses morality." (4) The success or failure of our ability to compete will determine U.S. economic well-being and, ultimately, our national security. The global economy that emerged after the Cold War is replete with strong, independent, predatory competitors, a state of affairs that can be attributed largely to U.S. economic globalism and the showcasing of American technology. (5) The desire for American technology is the primary motivation for the continuing economic espionage activities undertaken by a multitude of foreign countries.
It has been obvious for over a decade that economic espionage is a serious problem. (6) Appreciating the seriousness of this threat, Congress passed the Economic Espionage Act of 1996; the President signed the Act into law on October 11, 1996. (7) The Economic Espionage Act (EEA) took a traditional approach to the activity at issue by treating the misappropriation of proprietary economic information as theft and criminalizing it. (8) Congress believed that by prosecuting and sanctioning those who unlawfully appropriate proprietary information, we can deter others from engaging in such conduct. (9)
Prosecution and punishment can contribute to preventing economic espionage, but they, alone, cannot accomplish this, for reasons we explain below. Our purpose in writing this Article is to point out the danger of relying on traditional solutions in a nontraditional era; reacting to completed acts of economic espionage by sanctioning the perpetrator(s) is an effective strategy only if they can be identified, located, and apprehended.
Part II explains what economic espionage is and why it is a serious problem. Part III reviews the provisions and enforcement of the Economic Espionage Act and explains why it is not a viable approach to economic espionage in the twenty-first century. Part IV considers how we can more effectively address economic espionage.
II. THE PROBLEM
This Part outlines the problems we face from economic espionage. As subpart II.A notes, trade secrets, which are at the heart of economic espionage, extend beyond classified military information and technologies into a world in which information has become our most important asset, subpart II.B describes how cyberspace has altered the traditional dynamic involved in economic espionage; the Internet has erased significant financing, proximity, scale, and physical constraints while at the same time protecting an attacker's identity and reducing risk. subpart II.C explains that economic espionage has become a worldwide threat, with a long list of "usual suspects." Subpart II.D notes that economic espionage can yield significant business and competitive advantages and explains that an understanding of these advantages is necessary to understand the legal and illegal practices of information gathering. Finally, subpart II.E reviews the overall scope of the problem, while subpart II.F. focuses on hacker tools and the logistical methods of present day economic espionage.
A. State-Sponsored Economic Espionage
[S]ome foreign countries, including the major players, ... continued to employ state actors--including their intelligence services--as well as commercial enterprises, particularly when seeking the most sensitive and difficult to acquire technologies. (10)
The critical element of the EEA, which is analyzed in Part III, infra, is the involvement of foreign governments, their agents, or instrumentalities deriving benefits from the acquisition of a nation's trade secrets. U.S. expenditures on research and development initiatives are in excess of two hundred billion dollars annually and are the largest by far of any developed country. This fact, together with the reality that economic competition is an immutable aspect of international relations, makes the United States a target rich environment for economic espionage activity. The critical issue this Article highlights is the fact that espionage is much broader than efforts by traditional adversaries to avail themselves of strictly classified military information. The current threat is posed by traditional and nontraditional adversaries. This threat is directed at the spectrum of proprietary and military technologies that have traditionally provided the United States with a qualitative economic and military advantage. These advantages translate directly to the economic and military strength that has enabled the United States to attain its current status as the world's only true super-power.
The EEA resulted from Congress' recognizing that foreign elements were engaging in active and on-going economic espionage operations. (11) These activities are designed to exploit the benefits of U.S. research and development without expending the financial capital necessary to develop indigenous technologies or trade secrets. In today's world, a nation's economic viability is the true measure of its power. (12) Military strength is contingent upon an economy's ability to integrate technological advancements having dual use (commercial and military) applications.
B. Economic Espionage and the Internet (13)
Increasingly, foreign entities need not even come to the United States to acquire sensitive technology but, instead, can work within their own borders. There, U.S. firms have difficulty securing their secrets and have few legal protections once proprietary information has been lost. (14)
Economic espionage is far from a new phenomenon. The development of the U.S. textile industry in the early 1800s is a direct result of Francis Cabot Lowell visiting England and memorizing the workings of their power looms. Upon returning to New England he recruited a master mechanic to recreate and develop what he had memorized. (15) The Chinese were able to protect their proprietary interests in the silk trade for in excess of two thousand years, further illustrating that economic espionage is not a recent phenomena. (16) The secret was ultimately lost, according to one account, when a Chinese princess married a foreign prince and smuggled silkworm eggs out of China by hiding them in her voluminous hair piece (circa AD 440). (17) A second account credits two Nestorian monks (circa AD 550) with smuggling silkworm eggs in their hollow bamboo staves for delivery to the Byzantine Emperor Justinian. (18) The point of these historical anecdotes is to demonstrate that human behavioral characteristics have not changed over the ages. This behavior continues to provide the incentive for reducing an adversary's competitive advantage by utilizing espionage techniques to elicit proprietary secrets.
The challenge of protecting intellectual and proprietary assets has been made more difficult by the arrival of the information age and the Internet. Information has become a marketable commodity with an inherent value and intrinsic self-worth. The fact that technological progress has evolved to the point where information is stored on networks, many of which are linked together by the Internet, has changed the framework relating to information protection and the legal boundaries that traditionally served to constrain the dissemination of sensitive data to nonauthorized users.
Prior to the era of digital connectivity, intellectual property and trade secrets were targeted by foreign intelligence services, competitors and criminals, using collection methods consisting of classic agent recruitments, volunteers, surveillance, surreptitious entry, and specialized technical operations. (19) All of these techniques were characterized by boundaries imposed by conventional three-dimensional limits relating to proximity, scale, physical constraints, and patterns. (20) The Internet and its employment of a new medium, cyberspace, dramatically changed the nature of information collection whether the collector is a foreign intelligence service, competitor or criminal. (21) Cyberspace does not restrict a collector to traditional techniques. It expands collection methods and operations by leveraging existing tradecraft with a dramatic reduction in risk and a corresponding logarithmic increase in potential reward. (22)
Collectors employing Internet collection techniques are not bound by the need to have proximate access to targeted information or agents. The process of spotting, assessing, recruiting, evaluating, and deploying potential agents no longer requires that a case officer make direct contact to accomplish tasks relating to logistics, communications, and security. These basic house-cleaning functions frequently permitted counterintelligence agents to detect, deter, and disrupt an adversary's operations. Their absence necessitates a major shift in counterintelligence operations to counter the absence of traditional indicators of collection activity.
Prior to the employment of digital memory devices and network connectivity, intelligence operatives were limited with respect to the scale of their operations and individual case officer and agent supervisory spans of control. "Cyber case officers" using virtual agents do not have the scale of their operations limited to a finite number of "cyber agents" but, instead, can deploy virtual cyber resources in unlimited quantities simultaneously. These cyber agents can respond to multiple collection requirements, remotely targeting multiple objectives simultaneously with limited risk. The reduction in risk is due to the absence of physical constraints present in traditional intelligence operations.
Perhaps the greatest advantage to the collector is the ability to utilize the absence of proximity, scale, and lack of physical constraints together with deception schemes intended to conceal the identity and location of the actual adversary. The novelty of digital intelligence-gathering and concomitant absence of patterns is a primary factor in the reduction of risk, making these methods so attractive. A victimized government, corporation, or individual today will have an exceptionally challenging task merely identifying the cyber collector who has targeted their information. This is, of course, assuming the victim is even aware of the fact that he or she has been subject to an attack!
Additional factors driving intelligence operatives to fully engage in virtual collection methods and operations is the well-documented reluctance of victims to report digital penetration and the fact that several studies reflect exceptionally low awareness of victims recognizing that they have been subjected to attacks.
C. Economic Espionage: The Usual Suspects?
[T]he Federal Bureau of Investigation ... has reported that at least twenty-three foreign governments actively target the intellectual property of U.S. corporations. One FBI study also found that of 173 countries, 100 were spending resources to acquire U.S. technology. (23)
Reports published by the Central Intelligence Agency and Government Accounting Office have publicly identified foreign countries engaging in state-sponsored collection activities targeting intellectual property and trade secrets belonging to the United States. (24) Recognizing the severity of foreign collection operations targeting U.S. technology, Congress has required an annual report which will keep it informed of the threat parameters. (25) This report, which is entitled "Annual Report to Congress on Foreign Economic Collection and Industrial Espionage," is published annually in a classified and unclassified version. (26) The 2003 unclassified version notes that "[f]oreign businessmen, scientists, academics, and government officials from more than 90 countries continued targeting sensitive U.S. technologies and corporate trade secrets in both 2002 and 2003, according to a variety of reporting available to the U.S. Counterintelligence (CI) Community." (27) A primary distinction between the two versions of the report relates to the identification of specific foreign countries engaging in various collection activities. However, despite the omission of specific country identities in the open version of the Annual Report, cursory research of open sources permits an analyst to make judgments likely reflecting those nations most actively engaged in these operations.
A 1996 article in the Washington Post referred to a CIA public report identifying the governments of France, Israel, China, Russia, Iran, and Cuba as being extensively involved in economic espionage. According to the article, "[a]s for Japan, which is often accused of high-tech thievery, the CIA said that nation's efforts to collect economic data 'are mostly legal and involve seeking openly available material or hiring well-placed consultants." (28) The information reported in the article was released by the CIA as part of a declassified hearing volume on "Current and Projected National Security Threats to the United States." (29)
In addition to the countries acknowledged in the CIA report, recently published news accounts and other documents have included South Korea and Germany as active participants in efforts aimed at collecting U.S. sensitive information. (30) It should be stated that historically the U.S. government has been reluctant to publicly identify foreign governments considered to be its traditional allies as engaging in economic espionage. This reluctance reflects the diplomatic reality that relations between governments occur on many levels simultaneously. Therefore, publicly acknowledging that an ally is aggressively attempting to collect sensitive government information may serve to needlessly escalate diplomatic tensions. Normally, these concerns are addressed via back channels with private warnings and subtle signals indicating that continued behavior deemed unacceptable may rise to a level outside of normal diplomatic channels, and if the behavior continues, it may be accompanied by embarrassing political consequences. Additionally, it is generally acknowledged that all countries engage in various aspects of espionage to one degree or another. The inclination to promulgate a "holier than thou" attitude with respect to espionage has the potential to be perceived as highly hypocritical in the event of a retaliatory response.
The advent of the information age and corresponding global connectivity has increased the vulnerabilities of U.S. intellectual assets. The 2003 Annual Report to Congress reports that multiple sources of evidence suggest that foreign interests are increasingly looking to cyber tools as a means of enhancing their ability to illegally acquire sensitive information. (31) Digital incursions are difficult to detect, and there is a lack of factual data conclusively establishing the dollar value of assets lost annually by these methods. However, estimates by the American Society of Industrial Security, U.S. Chamber of Commerce, and PricewaterhouseCoopers, derived from a 2002 survey of Fortune 1000 corporations and 600 small to mid-sized U.S. companies, state that proprietary information and intellectual property losses accounted for between fifty-three and fifty-nine billion dollars. (32) There is a consensus that the Internet has provided traditional and nontraditional adversaries with a low-risk, inexpensive collection mechanism capable of targeting and circumventing security countermeasures. (33) Anecdotal country information obtained exclusively from open sources is presented to illustrate the international variety of threats and cyber tactics employed by various foreign governments.
1. France (34)
The French view of economic competition is characterized by the belief that a state of continuous competition exists among nations where market advantages are pursued by all available means. (35) This helps to explain the lengthy history of French government intelligence agencies targeting U.S. economic and proprietary data. The French General Directorate of External Security (DGSE) has been reported as targeting economic intelligence since at least 1964. (36) Corporations reported to be targeted by the DGSE in the past have included Loral Space Systems and Hughes Aircraft, the former Lockheed Missile and Space Company, TRW, and GTE. (37) Information targeted included satellite and telecommunications data. (38)
Former director of French Intelligence Pierre Marion is frequently quoted as stating, "getting intelligence in economic, technological, and industrial matters [from] a country [with] which you are allied ... is not incompatible with the fact of being allied." (39) A unique aspect of French economic espionage collection efforts, detailed by Peter Scwweizer in his book Friendly Spies, involves the use of "honorary correspondents" or part-time agents. (40) This network of part timers is comprised of corporate officials living overseas, French bankers in New York City and bureaucrats at the European Community in Brussels. (41) Employees of nationalized French companies are particularly prone to act as part time collectors. (42)
In 1996, the French established the Ecole de Guerre Econimique (School of Economic Warfare). (43) It was established by the Defense Consultancy International, a semi-public company linked to the French Defense Ministry. (44) "French academics, journalists, retired military and intelligence officials work for the school." (45) The school's director Christian Harbulot is quoted as stating:
[T]he U.S. is the top priority. There is true industrial competition and there are many fields where we have everything to lose. We cannot let ourselves be pushed around. A huge number of companies have disappeared because they were bought out or destroyed by the Americans. We have to protect ourselves. (46)
It is evident that the French view the cyber arena as a significant resource in satisfying their collection requirements. It has been reported as early as 1987 that French intelligence co-opted a French hacker by threatening prosecution unless he cooperated with their request that he infiltrate the French hacking community. French intelligence desired information relating to the latest hacking techniques and tools. (47) It is highly unlikely that the interest exhibited by French Intelligence has declined in the intervening years subsequent to this event, and with the explosion of spyware and other virtual resources, the capabilities of the French intelligence service are presumed to have increased in sophistication and effectiveness.
2. Russia
During the Cold War, Russian efforts to collect sensitive military information were considered the primary intelligence threat targeting the United States. A recent article in the November 15, 2004 issue of U.S. News & World Report has a report stating intelligence insiders furnished information revealing that Vladimir Putin had recently increased Russian resources targeting the United States to levels reaching the high water mark of the Cold War. (48) However, current collection efforts are aimed at trade and manufacturing secrets of major U.S. corporations, like IBM and ExxonMobil, with the intent of obtaining information relating to contracts that corporate America is pursuing. The United States' involvement in the War on Terror is perceived as a major distraction facilitating these collection efforts. (49)
This information makes incidents like the one occurring in October 2000, where Microsoft staff noticed a problem with new accounts being created that did not match their audit logs, potentially more significant. (50) In researching the anomaly, it was discovered that an employee received an e-mail carrying a worm and inadvertently installed it. (51) The worm, subsequently identified as the QAZ worm, functioned as a backdoor tool giving remote users control of an infected PC. (52) After gaining entry to the infected computer, the worm disguised itself as a NOTEPAD.EXE file and could be spread through the network as a shared resource. (53) The worm then sent a remote signal to a computer in Asia identifying the location of the newly infected computer (54) and also, according to some analysts, automatically downloaded and installed various hacking tools from another remote site. (55) The intruder then used a program to collect passwords and automatically sent them to an e-mail address in Russia. (56) Using the collected passwords, the intruder posed as a Microsoft employee working at a remote location and accessed sensitive proprietary information. (57) It cannot be conclusively established if this action was state-sponsored; however, this does not lessen the significance of this espionage activity since the loss of sensitive information was the ultimate result.
An incident like this, referred to as worm-based espionage, establishes that it is not necessary for a collector to "hack" a computer directly, but rather, it may employ virtual agents (worms) to perform the penetration and report back to the case officer. The utilization of virtual agents poses significant challenges to those responsible for security countermeasures and complicates the legal remedies traditionally intended to serve as deterrents. Virtual agents are not constrained by international borders. Consequently, when remotely deployed, their detection and subsequent investigation may involve multinational investigative coordination, jurisdictional disputes, and legislative disparity with respect to whether a criminal act has been committed.
3. Japan
Japan's economic espionage and intelligence collection activities directed against the United States are unique in several respects. The Japanese government has a limited formal intelligence organization; however, its major corporations, in conjunction with the Japanese Ministry of International Trade and Industry (MITI), have active corporate intelligence organizations that collect economic and political information. (58) Japan has used human sources within U.S. corporations, bribed corporate employees to purchase proprietary data, and used Japanese graduate students and researchers to collect sensitive information from universities and research institutes. (59)
An example of Japanese researchers involved in espionage activities occurred in May 2001, when Japanese researchers Hiroaki Serizawa and Takashi Okamoto were indicted on charges of stealing genetic materials pertaining to Alzheimer's disease from the Cleveland Clinic Foundation in May 1999. A plea bargain resulted in a reduction of charges against Serizawa from industrial espionage to one count of perjury. Okamoto resigned from the clinic in July 1999 and returned to Japan. The United States claimed Okamoto acted with the intent of profiting by delivering the materials to Japan's Institute of Physical and Chemical Research, popularly known as RIKEN. RIKEN employed Okamoto after he returned to Japan. (60)
In another incident, a Japanese television network (NHK) played a prominent role in aiding Japanese corporate and governmental interests in penetrating the trade secrets of American biotechnology firms. (61) Using the pretense of a documentary film to gain access to several biotechnology firms, NHK personnel, attempted to film proprietary information processes and documents. (62) Detailed interview data was solicited from scientists relating to their research activities and combined with film footage permitting NHK to obtain significant insights into the technologies, R&D activities and strategic capabilities of these firms. (63)
Estimates that eighty-five to ninety percent of intelligence collected by Japanese government and industry sources is economic information largely based on proprietary data have been reported by publications such as "The OPSEC Journal." (64) A 1987 CIA report identified two top Japanese intelligence priorities as 1) intelligence relating to access to foreign sources of raw materials and 2) detailed information on technological and scientific developments in the United States and Western Europe. (65) "The report states that nearly eighty percent of all Japanese intelligence assets are focused on gathering technical and economic information from the United States and Europe." (66)
Currently, a debate is occurring in Japan with respect to the legality of deploying cyber weapons. The Japanese Constitution prohibits its military from engaging in offensive operations. Determining whether the deployment of computer viruses and hacking techniques is considered an offensive military tactic requires clarification. However, there is no prohibition against using cyber tactics to elicit sensitive information. Published reports reflect that the Japanese Self Defense Forces have budgeted for the establishment of a cyberforce. It would be highly unusual if capabilities developed for this cyberforce are not deployed. It is conceivable that virtual assets developed for the self-defense forces could be provided to private sector intelligence gathering organizations for operational use.
4. China
In 1999, the Congressional Cox Committee Report on the People's Republic of China's (PRC) espionage activities directed at the United States was released. (67) This document provided a comprehensive examination of Chinese espionage targeting various U.S. industries for the express purpose of accelerating the acquisition and development of dual-use science and technology intended to enhance Chinese economic performance. The Cox Report's findings include a determination that in 1986 a major initiative identified as the 863 Program was approved by the Chinese leadership to advance the Chinese economy. According to the Report, this program produced nearly 1,500 research achievements by 1996. Approximately 30,000 scientific and support personnel were actively engaged on this project. (68)
Numerous accounts of Chinese economic espionage activities have been reported by the press supporting the findings of the Cox Report. In its March 22, 1999 issue, Newsweek magazine outlined a shopping list of PRC technology requirements that included those listed below. A comparison of this list and the types of technology reported in legal proceedings as being sought by agents of the PRC tends to validate the Newsweek information. (69)
Newsweek List
Avionics: Aircraft engines, air frames, gyroscopes and simulation equipment and software ...
Materials: High-strength polymers and strong plastics used...
|
