www. Stupid Business Mistakes .com
Preventing Computer Intellectual Property Theft
(Computer Scum: Protecting Your Business)
Posted on www.stupidbusinessmistakes.com by Sharry Edwards, M.ed., www.soundhealthinc.com, www.soundhealthresearch.org
Stupid Business Mistake #2 -- Trusting Your Intellectual Property to Unknown Computer "Experts."
Index: The Mistakes We Made!, Nineteen Tips to Protect You!, Updates
THE MISTAKES WE MADE!
We were approached in December, 1995 via the Internet by a man who seemed to know about our small company and our need for a computer programmer. He seemed quite knowledgeable; had good references; and we had friends in common. He offered to help put our intellectual property into a computer program format and he was willing to do this very fine deed for a 50/50 split of the profits.
All we had to do was supply him with the intellectual property and buy him the programs and computer hardware that he needed to do the work. He sent a list of what he would require, we sent the money; he bought the necessary items.
He worked on the program for five months; much longer than we had anticipated. It was a simple program that we were going to reveal at an annual conference. He convinced us that in order to complete the program on time he would need to come to our offices in Ohio; He was from London, England. We supplied him with an office and a computer. He stated that he would rather use the hard drive that we had already purchased for him; that he had brought with him from England. That seems like a reasonable request.
We asked for prototypes to work with. He supplied them but all of them crashed within a few days. Our knowledge of computer programming was limited and we didn't know that this was suspicious.
In addition, he seemed to always put the new programs on the test computer when we were not around; during lunch was a favorite time to enter an office. When asked about how to load the programs, he was always evasive.
Two weeks before the program was due to be released, I worked with this man to review the final edition. The program needed some minor adjustments but it was complete and working. It worked but it didn't look professional. The screens were awkward and childish in their design. We talked about this and he agreed to fix the problems.
The next day, he reported that he had problems at home and unless we could give him $3600 in advance from advance profits from the program, he would need to return to London immediately – without completing the program. We had an attorney draw up a contract and advanced the money on Friday at 5:00, the deadline set by the programmer. He agreed to report the next morning to do the revisions.
The next morning we discovered that he had absconded with the entire program and our money and our computer hard drive. He had erased all of the copies from our computers; booby trapped the remaining computers and left us with computer disks that he claimed was the program. On those disks were programs, all right, but they were filled with programs within programs that would crash any computer that used them.
At first I thought that he was an inexperienced programmer (because of the amateur quality of the actual program) but the sophistication of the encrypted crashing program convinced me otherwise.
We notified the police and were told that this was a civil matter and that this "gentleman" had probably thrown our property away. The officer on duty suggested that this was just a disagreement and that we might want to "check his trash" to see if he had discarded our property.
A check of his trash revealed an entire plan to sabotage our company. In the thief's own hand writing were notes to himself reading, "booby trap office computers", "create pseudo code", disable registry (for sales) plus an entire sabotage plan that was to go onto the disks that we were left to sell to trusting people.
In addition, he had stripped his office space of every computer program, even taking the hard drive that we had purchased. We also found evidence that he had purchased another hard drive and had mailed that to himself. So even if the custom authorities would have stopped him, he would not have had our property on his person.
His trash also contained evidence that he had looked through several offices and had taken what he wanted including private and legal files concerning a court case that contained evidence against our competition. He addition he took intellectual property files that were locked in a private lab.
Three weeks later, it was reported to us that our computer program was in the hands of our competition, our reputation was on its way to being ruined because we could not deliver a product that had been advertised for months. Our business was nearly at a stand still because we could not access our own computers.
We received another E-Mail from this gentleman informing us that all of his money was in off shore accounts and that all of his property has been transferred so there was really no use in suing him. We would surely be wasting our company's money and after all, didn't we need our time and money to recoup, he taunted?
We nearly lost our company but we weren't quite as dumb as he thought. We did have back-ups and I did file my intellectual property with my attorney. We had already applied for patents that were protected by Federal law. It took us nearly two weeks to recover to any similance to our usual working office. It will probably take at least a year to catch up. In the meantime, a year's worth of hard work has been delivered into the hand of our competition which they will release while we have nothing to offer.
A psychologist helped us move through the absolute chaos, a computer expert helped with recovery of our office computers. Dozens of very talented people helped us put the pieces back together and go on BUT we are still filled with disgust for the low life scum that would deliberately hurt hundreds of innocent people in the name of free enterprise.
It is our hope that some of following suggestion, that aren't maybe so obvious to the novice, can keep others from falling into the same trap that we did.
NINETEEN TIPS TO PROTECT YOUR
(These Tips are provided for educational informational purposes only, no legal, computer or other advice or consulting being implied.)
#01 - Buy your own programs and hardware. This way you can prove that you purchased it and that you own it.
#02 - Don't allow work to be done on hard drives that you don't physically control.
#03 - Make sure you get prototypes every few weeks or days according to a schedule. Demand time lines and deadlines and don't let anyone talk you out of them.
#04 - If a prototype continually crashes, be wary.
#05 - Don't allow anyone access to your computer or your office without your presence and watchful eye. Keep doors locked at lunch time. Put passwords on your computers that will protect your work when you are away from your desk.
#06 - Don't pay up-front without knowing what you are getting. Even then, there may be a "time bomb" that will cause the program to crash within a few days or hours.
#07 - Don't work with someone out of the country. US law is not quick to take up the cause. Even though, in our case, the FBI was involved, because of the possibility of interstate fraud, the process was very slow.
#08 - Get identification. A passport, ID card or driver's license. Don't settle for just having them give you the numbers, make a copy of the actual document.
#09 - Require a picture of all employees.
#10 - Don't fall for a sweet talker. Be business minded and hard-line when it comes to contracts. Don't trust the word of anyone you are attempting to do business with; check them out. The law requires that all dealings with intellectual property be in writing.
#11 - Don't fall for the line that a computer programmer owns what goes into a program. If it is your intellectual property, it belongs to you no matter what format they put it into.
#12 - Insist that contracts be signed before you hand over any intellectual property.
#13 - Keep your valuable computer disks, patents, evidence and important papers away from the office; preferably in a vault.
#14 - Never give one programmer all of the information for a program if that program is going to eventually be used for patent or copyright purposes. Divide the program into several stages if you need to.
#15 - Some very good programs are being marketed that can help you protect your programs. Use specialized program to create keys that will allow only those having a matching key (Dongle) to run the program.
#16 - Be wary of anyone who tells you that others in your company are incompetent and that they can't lower themselves to meet with subordinates.
#17 - Design and practice a disaster recovery plan should you be locked out of your own systems or should your entire system become unavailable.
#18 - Have a back-up system even you have to go into debt to create it.
#19 - LOCAL AUTHORITIES ARE JUST LEARNING THAT A COMPUTER DISK IS WORTH MORE THAN .50 CENTS. Don’t let them tell that this kind of crime is CIVIL; what these people are doing is CRIMINAL. Know the law and your rights as a victim! You have a right to equal protection under the law.
January, 1997 - We filed in civil court against the above mentioned programmer because the local police stated that they lacked the necessary expertise or resources to deal with this new type of crime. The case was particularly frustrating when the local prosecutor refused to file charges. He refused to give an explanation stating that he had prosecutorial discretion. We suspect that he simply didn't have the expertise.
February, 1997 - We were contacted by the programmer mentioned in the article above. He attempted to extort thousands of dollars for the return of our intellectual property. Again the prosecutor refused to deal with the situation. His excuse this time was that the person was not within his jurisdiction.
April, 1997 - After civil charges were filed against the programmer, he tried several tactics to try and show that we were severely misguided for even suggesting that he would take our property. He threatened to write to the local authorities, the local papers, our customers and our financial contributors. We received copies of letters from our loyal media contacts showing that poison pen letters had been written to them about our company. Several planned articles were canceled by other editors.
After several months of legal negotiations, the thief offered the information that two of our local, present employees had been involved with the thefts. We had already dismissed the two people due to other circumstances but the fact that the police would not cooperate when we filed the original complaint allowed theft, embezzlement and forgery to continue within our company for an additional five months.
In the end, the thief/extortionist agreed to return ALL property that we had reported that he had taken; including the computer programs, valuable program disks containing research data and a hard drive. In addition, he was forced to return the computer program that he had written, been paid for and then taken. It was useless at this point but the property was returned.
The thief was not under contract to work with a great deal of the property that he had taken, therefore this case was not civil in nature. Because the prosecutor refused to file criminal charges, we were forced to file in civil court. Even though the thief swore, to the authorities, that he did not take any of our property, he returned every item that we listed in the complaint to the police. The police would have been correct to refer us to civil court if the admitted thief has taken only that property that was under contract.
Because this man lived in England, no purpose would be served in pursuing him for the monetary losses that he caused because even though the judgment was in our favor, the chances of collecting from a person in another country is small. I would, however, pursue this avenue had he been a US citizen. This makes the strong point that hiring someone over the internet, who is also from another country, is a risky proposition.
January, 1999 - We still have not recovered from the financial loss but we have recovered from some of our ignorance. We are actively working toward informing other businesses as to the pitfalls of employee theft, what to look for, preventative measures and how to work with your local law enforcement in the event that you do fall prey to this type of computer scum.
January 2001 - Established a core group loosely known as Victims of Business Crime. We have worked with local authorities, a new administration, that is much more willing to work with business and computer crime. Still much more information and many new laws will continue to come out of this increasingly common theft of intellectual property and trade secrets.
February 2003 – One of the office personnel who participated in some of the activities mentioned here signed a confession that she had participated. In part, she admitted to signing my name to checks and bank documents, keeping two sets of bookkeeping records – one inaccurate, using our credit machines for unauthorized transactions…
There is more, but you get the picture.
June, 2003 – Because the local authorities were lax, and even uncooperative at times, in going after persons who have taken and used our intellectual property improperly, two more persons have attempted to acquire our property in the same way. We have decided to resort to Federal Court since the local authorities have not learned to take care of this type of crime. What this shows additionally is that if you are “hit” by this type of despicable behavior, it doesn’t pay to tell anyone because additional thieves get the idea that you are an easy mark.
Please see disclaimers on main page, www.stupidbusinessmistakes.com
Posted on the Internet by Ralph Fucetola JD, www.vitaminlawyer.com
Back to www.vitaminlawyernews.com