The lawsuit filed by Google’s Waymo self-driving car company is heating up for Uber. Waymo attorneys recently filed court documents that suggest Uber knew that Anthony Levandowski had brought trade secrets with him to Uber when he left Waymo. Levandowski was fired by Uber in May.
This unfolding public drama doesn’t just impact the companies involved; it has implications for the future of the autonomous vehicle industry and technology companies and leadership in general. Insider theft allegations highlight a serious problem for U.S. companies that are creating technology that will drive business, run governments and be used by billions of people in the future. This case should be a wake-up call to all companies working on cutting edge technology. It’s clear the potential for IP theft from insiders with their own agenda is only going to grow.
1. The stakes are huge.
All these tech companies are sitting on the secret sauce for companies of the future -- not just self-driving cars, but drones, robots, bio-engineering. Those inventions won’t just deliver the next big company; they will create great economic growth and determine global economic dominance for countries.
Tech is already dominating the landscape. Right now, the combined market worth of the top five technology companies (Apple, Google, Microsoft, Amazon and Facebook) is about $3.03 trillion, representing about 16 percent of the U.S. gross domestic product and putting it in seventh place among countries, between France and India. Separately, Gartner predicts global IT spending will reach $3.5 trillion this year. No doubt, this trend will continue and technology companies will be a hotbed of groundbreaking technology for the foreseeable future.
The intense competition among technology companies puts every company at risk, and if this could happen to Google, it could happen to any company. Even for Google this is a big misstep, if the allegations are true. The company apparently didn’t notice anything was amiss until a third party tipped it off via email. So, how can tech companies avoid being the next Waymo (assuming the IP theft accusations turn out to be true)?
2. There’s much that Silicon Valley can learn from Wall Street.
Tech companies should follow the model set by the financial industry, which is subject to regulations that require strict monitoring to prevent insider trading and stock manipulation. With financial firms, the risk is that fraud can affect markets and ultimately impact global economies. If the U.S. government considers these financial institutions too big to fail because of the repercussions that could be felt across industries around the world, I would argue that given the rapid innovation and growing market caps of tech companies, they too are too big to fail.
I’m not suggesting that government regulation is needed. In fact, I think tech companies can do it more effectively on their own, just like they’ve addressed other market opportunities. If not, government may step in to protect sensitive data upon which industries -- and the U.S. economy -- may one day rely.
3. Security practices should be truly egalitarian.
Technology companies turn talented programmers and visionaries into rockstars who are often given special treatment. These big hires are likely to be spared the level of security scrutiny that most employees are subjected to and yet they also have access to some of the biggest secrets. Meanwhile, they are most likely to fly the coop to start their own companies or to be lured away by competitors. And they may have more of a sense of ownership over their creations and thus feel entitled to take information with them. Strong internal security policies should be applied evenly across the organization, requiring the CEO on down to use strong passwords and monitoring the access and use of sensitive data.
4. A cultural shift is required.
There also needs to be a radical cultural shift that leads to changes in practices and mindset. It’s unclear what Google practices are with regard to insider threats. The company has an open culture, both literally and figuratively, which enables it to innovate. But, has that openness seeped into internal operations? Apple, meanwhile, has built its business -- and it’s internal development processes and culture -- on a strong foundation of secrecy. At Apple, different teams don’t know what other teams are working on, prototypes have tracking technology on them and security teams are on alert constantly. Tech companies may want to borrow a page from Apple’s playbook.
Of course, critical to any insider threat program is having in place strong policies and practices to prevent IP theft. Security teams need tools that will allow them to easily notice patterns that indicate suspicious activity, such as employees accessing data they aren’t approved to view, or downloading thousands of files onto a hard drive or other external storage source. They need strict internal procedures with regard to who has access to the information and who it can be shared with. And, of course, any employee monitoring policy should be transparent to employees so they know up front what activities and data are being closely watched and why.
There will no doubt be more allegations of insider theft of trade secrets among technology companies because of the sheer velocity and volume of IP being created. Tech executives, who will be closely watching the Uber-Waymo case, would be smart to take heed, not only to protect their own business, but also the industry at large.