“Espionage” conjures up images of spies slinking through dark alleys, cozying up to potential targets at luxurious parties, and trading a country’s most guarded secrets. Company executives know, however, that espionage is a threat in the corporate world as well. So-called “corporate espionage”—or the theft of company data by a company insider—can cost companies their competitive advantage and deprive them of millions of dollars in profits. Insider breaches occur in all industries—whenever a company has valuable data, from product designs to personal customer data to proprietary technology or methods, that company is a potential target of corporate espionage. Now, further complicating the issue, recent SEC actions in the cybersecurity context suggest that corporate espionage may pose not only a competitive challenge for publicly traded companies, but also a complex disclosure issue. Increasingly, companies must be mindful of not only how they guard their precious data from enemies within, but also how they publicly talk about those measures.

The Increasing Threat of Corporate Espionage

In 1789, Samuel Slater may have become America’s first corporate spy. That year, Slater emigrated from England, and brought with him closely guarded secrets about British techniques for manufacturing cotton that would revolutionize the American textile industry. In the centuries since, however, corporate espionage has become a scourge rather than a boon for many American companies. Congress has tried to address the problem through legislation by enacting, among other statutes, the Economic Espionage Act and the Defend Trade Secrets Act. Despite these legislative efforts, however, companies in every sector continue to grapple with the harm caused by corporate espionage. For example, in 1997, the year after Congress passed the Economic Espionage Act, the FBI arrested, among others, employees at Bristol-Meyers Squibb, Gillette, Kodak and Avery Dennison for the theft of millions of dollars’ worth of trade secrets.