Motorola case shows importance of detecting insider IP theft quickly

The Department of Justice (DOJ) announced on February 7, 2022, the unsealing of an indictment that charged Chinese telecommunications company Hytera Communications with conspiring with former Motorola Solutions employees to “steal digital mobile radio (DMR) technology from Motorola.”

This announcement is just the latest piece in a multi-year saga involving the theft of Motorola’s intellectual property (IP) by employees prior to their departure from Motorola. While the DOJ indictment redacts the name of the employees who are included in the indictment, a look back into the civil litigation between Motorola and Hytera provides clues as to their identities.

Should Hytera be found guilty, they face a “criminal fine of three times the value of the stolen trade secret to the company, including expenses for research, design, and other costs that it avoided. (Motorola has invested more than $3.5 billion in the development of its DMR technology).

Interestingly, Hytera was once a partner of Motorola’s, distributing Motorola’s products in the Southeast Asian market. That partnership ended in approximately 2001. Beginning in late 2007, multiple Motorola employees were targeted for recruitment and hire by Hytera and were eventually lured away in 2008.

The federal indictment and civil case brought forward by Motorola provide evidence that while Motorola had put in place an intellectual property protection regime, which included safeguards on stored information and execution of non-disclosure agreements (NDAs) by departing employees, these safeguards were insufficient to detect the actions of these insiders in 2008.

Evidence of insider wrongdoing

For example, in February 2008, 11,400 documents within an internal Motorola database that contained DMR trade secrets were accessed by the employees. One employee emailed another co-conspirator, “Are we going to ‘reuse’ as much as possible or do we need to develop most of them from scratch to avoid patent infringement and if [we] want it to be fast and reuse as much as possible from the existing Motorola product, then we may need less headcount ….” The next day, an email between co-conspirators indicated, “I have been working very hard in backing up all the information. We are trying to grab whatever we can. We will surely need some of them when we are there. I think we have a total of 30G [gigabytes] now. Do you have anything in mind that you need while we are still here?”

Clearly indicative of the theft of intellectual property as being a part of the move to Hytera were the multiple email exchanges between the co-conspirators. One email in particular summed up the situation, “It is going to cause a lot of problems as we are technical people and bring along a lot of knowledge. We will have signed the NDA and some of our lies may cause problems once Motorola finds out.”

Motorola did conduct exit interviews. The interviews did not reveal they were leaving to join Hytera. Nor did the data protection schema in place in 2008 provide complete protection. The paper trail appears to have been revealed during the forensic review of the log files which occurred in support of the 2017 litigation.

The company restricted access to “to confidential information only to select individuals, and even then, only subject to strict confidentiality and non-disclosure agreements.” Additionally, Motorola had all employees read and attest to understanding the “standard operating procedures” of the company, which prohibit the sharing of confidential information with unauthorized recipients. When the employees departed, the individuals agreed to “promptly deliver … all documents and other records which relate to the business activities of Motorola or any other materials which belong to Motorola.”

Motorola employees downloaded more than 7,000 documents

Between May and October 2008, the individuals were hired by Hytera. Less than 24 months later, in May 2010, Hytera began selling DMR products. The civil suits identify three individuals who departed Motorola for Hytera and their roles within Hytera as of 2017.

• Gee Siong Kok (a.k.a. G.S. Kok), was a senior engineering manager at Motorola, when he reappeared at Hytera he landed as senior vice president with a focus on the company’s transition from analog to digital communications solutions, to include DMR technology.
• T. Kok was a senior software engineer at Motorola. He went on to become sales director at Hytera.
• Samuel Chia was an engineering section manager at Motorola and became director of software engineering at Hytera.

The complaint goes on to note that internal investigation revealed the employees downloaded over 7,000 technical, marketing, sales and legal documents. The documents included “highly confidential information and implementations, marketing, legal protection, and other confidential details.” These documents included Motorola’s internal patent applications.

In 2008, the employees had natural, substantial access to the stolen information. Why? In many cases, they or their teams were the ones creating the information, so their access to data was within their designated areas of responsibility. They had a bona fide need to know.

In the trade secret complaint of 2017, Motorola acknowledges that its “technology has improved substantially in recent years over what was available in 2008.”

In February 2020, a U.S. federal court found in favor of Motorola in its trade secret theft case and ordered Hytera to pay Motorola $764.6 million ($345.8 million compensatory damages and $418.8 million punitive damages).

Thoughts for CISOs

Discovering improper or anomalous access to sensitive information in the moment and prior to the departure of a malevolent employee may save years of future litigation. This tactic is tantamount to chasing after the bolted horse to get it back into the barn. Motorola’s pockets are deep, few companies have these resources available to pursue a multi-year civil engagement to recover stolen intellectual property.   

Sadly, the multiyear effort by a competitor to shave their research and development costs by taking the R&D of another is nothing new. CISOs know intellectually their employees are their most trusted resource. That is, trusted until they opt-out of that trust equation. This is why having a robust insider risk management program in companies both large and small is of utmost importance.