return to ICG Spaces home    ICG Risk Blog    discussions    newsletters    login    

Newsletter - ICG's Intellectual Property (IP) Protection Abstracts




Hemorrhaging intellectual property to Asia


In response to a comment regarding one's risk detection and amelioration posture when venturing offshore into a region, or an industrial segment, of high value to nations such as France, Israel, Germany, Russia, or the PRC, a private list member noted:

"I truly believe that your analysis applies to the current "outsourcing" outcry. But, the outcry is just about jobs now. It's the future (the USA's) that is in economic peril. Our industrialists don't seem to get it."

Unfortunately the commercial stampede at both the industrial and venture capital level has long been underway and the PRC is harvesting the bounty.

We have painfully learned that at the Venture Capital (VC) level, investors are driving their stable of firms to create product and produce revenue. Risk assessment is very low on their horizon. Private conversations reveal that VCs preach the mantra "to their portfolio companies to outsource hardware development and manufacturing to China or become uncompetitive." Some VCs have already made the next step of forming development groups in the PRC precisely to serve their entire stable of firms...

On the established industrial side, the OEMs (Original Equipment Manufacturers at the top of their respective supply chains) have been virtually ordering their suppliers explicitly or implicitly to China (a) to produce lower cost products for resale back to the OEM or one of the subsuppliers in the chain, or (b) support OEM plants in-country. The demand for cost reduction is the pole star. Our prediction is that the OEMs, whose hubris leads them to mistakenly feel themselves above the risk horizon, will not protect their suppliers as new Chinese or other low-cost country providers come on line and will shift purchases to those new firms... more

back to top

What are they stealing now? Or do you just hand it to them?

Not the best justification for sale but it is indicative of the size of the problem.

Commercial firms are at a disadvantage in that most are driven respectively by cost, cost, and cost while the skilled few are driven by cost, time, and risk (the latter two being other forms of cost). Only the very rare firms and the military look at risk, time, and cost.

How is a company to know what is valuable and to whom? Yes, all 18 of the MCTs (Military Critical Technologies) are consistently targeted but many commercial firms, if they think about it at all, think that it must apply to someone other than themselves.

It helps to see one’s products and services within the consistent themes that have emerged over the past six years:

  • Dual-use technologies
  • Components over complete systems
  • Unclassified technologies

back to top

Who’s on the National Security Threat List and why?

The FBI's National Security List (NSL) has two parts, the Issues Threat List (activities that get you on the list) and the classified Country Threat List (states whose activities are "so hostile, or of such concern" that investigations are warranted).

The issues list contains:

  • Terrorism (violent acts, criminal violations if committed in US jurisdiction, intimidation or coercion of government or population)
  • Espionage (US national defense info)
  • Proliferation (of WMD and advanced conventional weapons)
  • Economic Espionage (sensitive financial, trade or economic policy information, proprietary economic information, or critical technologies)
  • National Information Infrastructure (facilities, people, information, computers, cable, satellite, or telecom)
  • US Government (government programs, facilities, information, or personnel)
  • Perception Management (manipulating information, communicating false information, or propagating deceptive information to distort the perception of US policies)
  • Foreign Intelligence Activities (anything else not described above)

That broad sweep nets both friend and foe, broad national agendas and quite targeted issues. Former DCI Robert Gates made the understatement of the quarter century in noting: more

back to top

Industrial espionage: how your intellectual property is stolen


We have previously discussed what is being stolen and who steals it. This discusses the means by which it is stolen.

The National Counterintelligence Center (NACIC) was established in 1994 to improve US counterintelligence (CI) coordination and cooperation among our CI agencies. The first of NACIC's Annual Report to Congress on Foreign Intelligence Collection and Industrial Espionage was published in 1995 and yearly thereafter. The industrial espionage collection methods section from the inaugural 1995 issue is still one of its unclass best and is often cited by later reports.

Ideological and military adversaries, allies, and neutrals alike target US economic and technological information. The 'friendlies,' in fact, can more successful per dollar expended as they build atop their legitimate access to US information to further their intel targeting. Certain allies such as France, Israel, and the PRC "have infrastructures that allow them to easily internalize high-tech information and utilize it in competition against US firms."

"Practitioners seldom use one method in isolation but combine them into concerted collection programs. Although countries or corporations have been known to turn legitimate transactions or business relationships into clandestine collection opportunities, some of the methods listed are most often used for legitimate purposes. While their inclusion here is not intended to imply illegal activity, they are listed as potential elements of a broader, coordinated intelligence effort."

Here are the basic methods. Were you to canvass your organization, it is most likely that you have been targeted by multiple means either to secure new data or to validate data previously obtained: more

back to top

Similar mitigation trajectories: Intellectual property theft and quality

I had the opportunity to share some opinions on the impact of intellectual property (IP) theft, some already posted to this list, with a large, global supplier of parts and subsystems that was known for its production and quality focus but it had not been clear to me that the supplier was also ahead of many of its peers in its understanding of the diversion risk that it and its subsuppliers faced in certain regions.

I mentioned certain points from Hemorrhaging intellectual property to Asia, adding that since the OEMs had financial pressures of their own and would not relent in their demands for immediate direct cost reduction such that the supplier had no opportunity to not go to the desired low cost area, that it was up to the supplier to address the incursions against the intellectual property of their firm and the subsuppliers in any critical path of their supply chain...

This commenced a discussion in which the supplier noted that it had never demanded such proof of ability from its subsuppliers that they could protect their intellectual property or any shared by this top tier supplier. I noted that was likely so as none of the open source descriptions of their strategic supplier selection process had any mention of IP theft mitigation. I then noted that their supplier selection process did have a vast amount of selection criteria pertaining to quality and that the supplier regularly made detailed examinations of a potential subsupplier's ability to produce quality parts prior to awarding a contract and that it made periodic evaluations of that supplier's ability to sustain its quality.

I offered the prediction that just as quality has become a mandatory requirement in order to bid, i.e., that it had become part of the baseline needs, that successful, surviving firms will make IP theft a part of that same baseline. Furthermore, IP theft mitigation will follow a similar adoption trajectory to that of quality -- and it can be presented to management on that basis in order to ease implementation. Some suppliers will see the need clearly -- or will be selected by their ability to see the need -- and become early adopters that maintain the first mover advantage provided by their R&D while others will fall behind, will be picked off in terms of differentiating technology, and will exit the market. more

back to top

Intellectual property theft: the unspoken unknown of offshoring

Domestic and international outsourcing, the latter now known as offshoring in the US and also as nearshoring in Europe, is a subject I follow closely for its impacts on supply chain risk, intellectual property theft, risk pricing, and certain counterthreat needs.

What I find remarkably absent in the general discussion of job and economic loss to the country's nationals being outsourced, and economic gain to the outsourcing domestic firms and to the outsourcing destination, is the virtual absence of the impact of intellectual property (IP) theft on the outsourcing firms and, ultimately, the national economy of those firms.

For those firms sufficiently advanced to look beyond mere supply chain 'cost at tier' so that they look at the troika of cost, time, and risk, the risk focus is devoted to business interruptions to timely delivery and component quality, and not IP theft. Thus I read with dismay the otherwise fine writing of Forrester's John McCarthy on offshoring. IP theft is effectively not in attendance.

And it is not, I believe, that McCarthy is unaware of risk and security issues as he made an extremely thoughtful presentation to the SafeNet 2000 security summit well before 11 September that holds up well today, laying out a tiering of personal privacy, the desire of businesses to gravitation to regulation in order to achieve stability, and a phasing of "government intervention into security and privacy online." Yet, I feel that McCarthy today stops short of the total offshoring threat when he says that" companies, for the most part, face the same security issues whether managing data with local employees or overseas workers."

While I submit that there are added, but addressable, risks in employing foreign nationals and foreign firms, the larger risk is the placing of critical IP resources in an offshore environment where they are vastly more susceptible to exploitation by one or more collectors... more

back to top

Refining a China forecast


Continuing our effort to refine a prediction for Chinese economic direction, I believe that China will:

(1) Increasingly digest and take advantage of foreign technology to create increasingly effective and efficient local products (and only then will it more rigorously enforce anti-piracy laws -- akin to what Japan is now doing in such areas as flat panels)

(2) Go beyond commercial, increasingly commodity products to embed unique Chinese standards that bar or slow foreign entry, i.e., increasing Chinese price-volume curve efficiencies while damping foreign efficiencies and denying revenue to Chinese competitors (e.g., DVD, CMDA, PC chipsets, Red Flag Unix, encryption algorithms)

(3) Continuing reduction or elimination of foreign royalty payments for any and all products - a corollary to (2) - be they products made for domestic Chinese consumption or export (the recent Microsoft contract cancellation is a mere tip of this iceberg)

(4) Displace less efficient foreign suppliers in foreign supply chains and so assume a greater percentage of a supply chain's critical path (e.g., US automotive OEMs will continue their pursuit of lowest cost suppliers to the point that they will abandon their historic 'domestic' suppliers for Chinese suppliers, thereby decreasing the critical mass of those offshore suppliers) more

back to top

A tipping point in intellectual property protection?

It would appear that the US is at a turning point in its treatment, or tolerance, of global intellectual property (IP) theft, although it is fair to say that our process is flawed:

  • Too much of the Administration's focus is on on-line piracy and counterfeit parts, often sold as unbadged copies of the original and where the impact is seen to go no farther than direct revenue loss, liability over presumed 'faulty' parts, and impact to the producers' reputations.
  • Too much of the Administration's approach is devoted to ineffective, and even counterproductive means, primarily legal remedies and policy guidance buttressed by industry lobbying to influence legal and policy changes.

It is revealing that the recent report that is underpinning the renewed Dept of Justice interest in IP, and is the report that AG Ashcroft reviewed with MEMA (Motor & Equipment Manufacturers Association), Congressman Knollenberg, and other US manufacturers is principally devoted to legal and criminal investigative remedies. Reading the AG's announced recommendations of that report reflects the same legal and policy approach. Although these remedies will not work, and will actually backfire, as Cisco discovered in its tiff with Huawei, there are quite workable alternatives.

What seems to be missing, or has been missing, is the understanding that:

  • The real problem of counterfeit parts is that the counterfeiters will gradually uncloak to produce badged products that directly compete with the producers from which they had expropriated intellectual property, and thus can undercut the original producers' pricing, i.e., the endgame is being driven from the market, not mere revenue dilution or 'faulty' parts.
  • Counterfeits pale in comparison to foreign competitors expropriating intellectual property specifically to produce badged parts that build an independent brand awareness for price and quality that quickly drive the original producer from the market.
  • The principal remedies on offer presume a working legal framework in the expropriating nations that reciprocate the legal protections that we have come to expect, and depend upon, in our Anglo-European legal systems, i.e., without this reciprocation, our legal remedies for adjudication and redress are ineffectual in the country where the expropriation occurs. more

back to top

US intellectual property protection: the targets are asleep or unarmed, the advising guardians are AWOL and the police are offering placebos

To paraphrase the misattributed quote of Everett Dirksen, a billion to India, a billion to China, and pretty soon you're taking about serious outsourcing - and along with it an uncontrolled and unprotected intellectual property (IP) stream. The unremitting drumbeat of each InfoWorld RSS feed item that crosses my desk (see link list below) on yet another offshore investment reminds me of the laxity of US administrations to address strategic shortfalls in things so essential as K-16+ education, promoting advanced technologies - genetics and biologics included, and what I call the "sleeping princess" vulnerability of irreplaceable IP.

David Berlind's The United States of India notes:

In less than two months time it has become clear that, between Cisco, Intel, and now Microsoft, India will get injected with at least $3.8 billion. China is getting similar injections. According to a report in InfoWorld, Intel chairman Craig Barrett talked about why education is making China more competitive while he was cutting the ribbon on a new $200 million test and assembly center his company built in the western Chinese city of Chengdu.

The landscape for global IP protection (and that includes both domestic and offshore locations) is not a pretty one. Worse, I see no improvement since penning A tipping point in intellectual property protection? in January 2005. (I submit the predictions in Emerging Information Technology (IT) themes in India and China and Refining a China forecast as well.)

I wager that the majority of firms do not know that they are at risk and that, if they do become aware, do not know where to turn for assistance. Fearful of alienating one or more factions with unknown consequences, firms silently capitulate. Targets that are waking seem mostly to feel disarmed despite the presence of heroic individuals. Their leadership does seem to be engaging despite every indicator that they are aware, an equally fatal condition. Consider our current view of global IP risk:

back to top

Trends in Intellectual Property (IP) transfer to China

Trends outlined in the 1999 Bureau of Industry and Security's U.S. Commercial Technology Transfers to the People’s Republic of China have accelerated to the present day:

China’s laws, regulations, and policies with regard to foreign investment and trade include numerous provisions and mandates for foreign technology transfer. These policies are clearly intended to support domestic reform and modernization efforts toward self-sufficiency in high-tech sectors. Furthermore, many of the provisions included in China's existing industrial policies appear to raise questions as to their consistency with international trade practices and bilateral agreements... Despite these policies, however, many foreign corporations continue to invest in China, including US high-tech companies. In doing so, these companies often must transfer commercial technology in various forms in order to accommodate Chinese foreign investment and import regulations, which have become increasingly selective in terms of the level and type of technologies allowed. Thus, it is clear that foreign firms are being coerced into transferring technology (which they probably would not otherwise do) as the price to be paid for access to China's market.

The more difficult question to answer, however, is the degree to which these transfers are "forced" [as the] degree to which US technology is being transferred to China is a combination of Chinese law and strategic decision-making on the part of US corporations...

Long past the period of sending "outdated factory equipment to China to produce older models no longer salable in the West, the 2006 landscape shows a continuing foreign competition in China:

so fierce [that] Honda is about to introduce its latest version of the Civic only several months after it went on sale in Europe, Japan and the United States. Toyota, meanwhile, is assembling its Prius gasoline-electric sedan only in Japan and China...

That technology infusion is now reversing the acquisition direction. Shanghai Automotive Industry Corporation (SAIC) "acquired a controlling stake in Korean car maker Ssangyong Motor Co." in 2004. Nanjing Automobile Corporation bested SAIC to acquire the UK's MG Rover Group in 2005. more

back to top

Low cost is not low risk: realities of IP Loss

The US supply base is undeniably concerned about IP loss in China; trade issues, protection of intellectual property and the opening of China's market to foreign products were high on the US agenda during Chinese president Hu Jintao's recent visit to North America. While certain assets are likely targets inside China, the key is to think "asset" instead of "country". Risk cannot be based on countries or "risky areas" but rather wherever a sufficiently valuable asset is accessible at any tier in any country - as the collector will move to the least defended point that contains the IP. We currently see, for example, collection efforts on the US west coast against electronics assets long before they are transferred to a presumably risky country in Asia. Commercial and dual-use technologies are high on the collection list.

The idea of trying to isolate "risky countries" with respect to IP migration remains unworkable due to the revenue loss and market share erosion that occurs when IP is withheld plus the fact that nations such as China demand that you be there in order with competent products in order to do business.

The three key areas of vulnerabilities remain the same: Pricing model compromise (supplier outsourcing, subcontracting, etc.), Data citadel attack (R&D hives and data warehouses), and Human resources (HR) churn. All three are critical, yet we find that HR too often gets scant attention even though collection effectiveness is high while risk and cost are low.

Yes, all technology migrates over time but most firms assume risk by default in (a) not identifying what is already compromised, (b) identifying what assets need to be protected and (c) the amount of dollars and effort needed to realistically protect those assets - wherever they occur in the supply chain. If a collector obtains a critical IP asset, the owner's entire ROI justification collapses along with the expected revenue stream. And when the IP asset is the core of a system or subsystem that often contains more mature, less competitive technology, the entire system revenue stream truncates.

Many of the risks to suppliers as well as OEMs were inadvertently demonstrated in a recent 2006 SAE World seminar, Lessons Learned in China: The Automotive Supplier Perspective distilled from "more than 50 interviews and surveys with executives of global automotive suppliers located in the U.S."

back to top

Persistent limitations and deficiencies among the 'guardian class' of business advisors charged with protecting their clients' interests in China

We are now seeing firms that have prided themselves on US manufacturing being driven to China by simultaneous margin pressure and the recognition of rising Chinese reverse engineering of their products. Early indications are that these firms, not having sound guidance to the contrary, are operating under the odd assumption that it is better to "do something in China rather than to lose all" to reverse engineering.) Once in Asia, unprotected, more of the firm's assets can be at risk. (Experience has shown that firms driven offshore in such a "flight condition" are generally destabilized, plunged into a "catch-up mode" at any cost and inattentive to IP collection efforts; they usually quickly become an easily harvestable asset.)

How do firms, especially those global firms with broad skill sets, get into such a fix? Who are their advisors? Are they omissive? Answers differ between nascent Venture Capitalist (VC) funded firms and established firms. Venture Capitalist firms are usually small groups of former operators and entrepreneurs whose only external advisors are law firms and investment bankers (for the initial public offering. Established industrial firms are larger, employing tiers of professional managers that contract a broad spectrum of advisory agents, notably management consultancies, IT consultancies, banks, investment houses and law firms. We see three common characteristics among these advisory groups:

  1. Proper (actionable) IP protection guidelines are absent; in their place are ineffectual guidelines that confer a false sense of security among clients
  2. IP is frequently missing among the key characteristics that clients are urged to address when going offshore
  3. Fear of reprisal by a host government refusing them business restrains the level of advice offered to clients more

back to top

Physicians, heal thyselves: The Big Four accountancies are setting up as targets for Intellectual Property (IP) theft

If the Big Four are, as I believe, headed in the direction of becoming a lost cause, what is a corporate SEC-regulated IP-dependent client to do in the age of Sarbanes Oxley? Even when clients are independently building up a credible IP protection program, where do you draw the line on Big Four access to the IP upon which future revenue depends? There may be a remarkable opportunity for second tier accountancies not yet compromised, such as an IP-focused exposure or assessment program (which implies that they will per force have to have their own means of protection in place). With all of that in place, however, they could go in and assess Big Four clients, establish IP-driven carve-outs for business critical valuations and position themselves in a new market space. Even knowing what has been compromised, although painful for boards to face, can staunch an IP hemorrhage as well as evolve into a tool for the allocation of suitably-valued IP protective measures.

RSM McGladrey, Grant Thornton, and BDO Seidman, this is your moment. Where in the market are you?...

We predict that the Big Four accountancies, PricewaterhouseCoopers, Deloitte Touche Tohmatsu, Ernst & Young and KPMG are now, and will continue to be, sustained targets for Intellectual Property (IP) harvesting by Chinese aspirants to this coveted market space - and they will be targets not just within the confines of China.

If a reader is taken aback, the questions he or she might ask are, "How can it not be?" "How could the highly profitable, strategic services sector be impervious to what is occurring in the manufacturing and R&D sectors?" By now, a client should be asking, "What happens to all the client data above and beyond the business processes of a Big Four member?" more

back to top

The second industrialization model - powered by IP harvesting

"Piracy" has become a very imprecise term in describing the risks and impacts to Intellectual Property (IP) in what we call the second industrialization model. We track a four tiered model of IP violation that is marking the progression of newly industrializing states:

  1. Simple piracy (copy with no effort to hide piracy - the audio/video model that applies to anything replicable from CD and DVD)
  2. "Badged" substitute (pirated or stolen Intellectual Property used to create a product masquerading as a legitimate offering by a legitimate supplier)
  3. Substitute product (pirated or stolen Intellectual Property used to create a "no name" or "new name" product competing with a legitimate offering, usually on price)
  4. Supplier substitution (original legitimate supplier is forced from the market, replaced by the copier)

While all four are IP theft, we have bowed to convention in the popular press to describe the first as piracy while reserving the other three as IP theft, especially as the theft is masked such that the sellers have distanced themselves from the theft.

back to top