CEO and founder Crisis Team
Columnist
Share this content

Protecting intellectual property: How recent events have changed the game

The demise of a data sharing agreement between the EU and US, and an American ultimatum for Tik Tok, have massive implications when it comes to protecting intellectual property.

18th Aug 2020
CEO and founder Crisis Team
Columnist
Share this content
TikTok and Facebook application on screen Apple iPhone XR
istock_Anatoliy Sizov_aweb

Intellectual Property (IP) is important for most businesses, but for many businesses, it is absolutely everything. A couple of recent news events might change the way you consider protecting it.

You would be excused for missing the fact that Privacy Shield, the data sharing agreement between the EU and US, had recently been overturned following a challenge in the EU high court, but you will have likely heard what has been happening to Tik Tok. 

You may well not be a user of the social network that is owned by a Chinese company and is full of dancing teens, but demands by the Trump administration that this apparently innocuous app has just 45 days to secure a buyer for its US business before a ban comes into effect, have been headline news.

Chinese spying and theft of intellectual property

At face value this is all about Chinese spying and the threat that Tik Tok represents to the privacy of its users in the US. China mass surveillance is widespread. The allegation is that Chinese companies like Huawei and Tik Tok are proxies for the Chinese state and are tools that the Chinese leadership is using to extend its surveillance operations beyond its borders.

Chinese theft and abuse of intellectual property is nothing new, but the underlying message from the recent news stories is that maybe we should also be concerned about the Americans. 

For most national law enforcement agencies, the main means of snooping is via the Legal Intercept (LI) mechanism that is built into all equipment used in the telecoms and internet infrastructure. Within the country, it allows local authorities on production of a warrant to tap into a network for a given purpose. This applies to all nations and all local carriers, whatever brand of equipment they use. 

Huawei spying on?

Accusations that Huawei equipment has back doors that the Chinese can exploit ring hollow when extensive testing has failed to find any such backdoors. The only examples of such behaviour was when the NSA intercepted computer network devices from Cisco, bound for China and installed malware on them, as revealed by Edward Snowden.

If you are still concerned that your IP is under threat when in transit, then encryption is a sensible precaution. Unfortunately, Crypto AG, a Swiss firm that sold encryption technology to 120 countries, was recently revealed to have been secretly owned by the CIA for decades. So be careful what encryption you use.

What about the safety of your IP when it is in development? 

Much of the world relies on US technology companies for their tech.  The likes of AWS, Azure and Google Cloud are used for data storage in the cloud; Office 365, Google Apps or Salesforce for applications; Zoom or Microsoft Teams for messaging; and Facebook, LinkedIn and Twitter for social media. All of these companies profess to have the highest levels of security which should put your data safely beyond the reach of the Chinese.

However, these companies are all subject to FISA and the US CLOUD Act, extraterritorial US laws that allow the NSA to serve warrants in secret to seize data from any of them – even if the data is held outside the US, such as in datacentres in Europe. 

This snooping is the very reason that the EU/US transatlantic data sharing treaty was recently overturned – as reported recently with the US failing to uphold privacy protections promised to EU citizens. UK criminal justice organisations, including the police and courts, have already been issued guidance that they can no longer discuss or share any personal data on cloud platforms or applications from US firms, following the ruling.

Threat to companies

The NSA’s snooping is not just a threat to individuals though, Snowden also revealed that the NSA 'spied on companies' and ‘engaged in industrial espionage’.

The Tik Tok example goes significantly further. It is not the IP that is being seized, but the entire US operation – a very dangerous precedent. And while tech experts would argue that it doesn’t matter who owns TikTok (a Chinese or an American firm) when considering the privacy of its users, it matters a great deal to those owning similar IP, whose operations could be seized next. 

How to protect your firm and your client’s business

If you are a predominantly IP-based business (especially if your main rivals are US firms):

Invest in the very best cybersecurity and encrypt all particularly sensitive data such as IP

Store your most sensitive data in your own datacentres and not on public or hybrid clouds operated by US firms

Avoid using cloud-based or SaaS applications like Office 365, Google Apps or any major SaaS brands for discussing, exchanging or storing IP

Plus, if you are a tech firm with international operations and users (e.g. a start-up wanting to take on the US tech giants):

Offer services to US users from outside the US. Do not open offices or operations within the USA (the same goes for China). You cannot then have your operations or your data seized.

I am not for a moment suggesting a level of moral equivalence between NATO nations like the UK and US (even under their current leadership) and other nations like China and Russia, where the human rights records and rule of law are open to question. However, while the threat from hackers or IP thieves from Russia and China is well known, the threat from our ‘America First’ allies can all too easily be overlooked.

Replies (0)

Please login or register to join the discussion.

There are currently no replies, be the first to post a reply.