Imagine That IP Law Blog

It is March, and while love celebrated on Valentine’s Day may be in the air for many, breakups are inevitable. In the case of a breakup between an employer and an employee, the departure of an employee with access or knowledge of the employer’s intellectual property (IP) can put the employer at risk for IP theft or exposure. Disputes over IP ownership can have significant negative impact on a company’s value, growth potential, and reputation, even if the company ultimately comes out the victor. Therefore, it is critical to have a well-defined and consistent exit process for departing employees, regardless of whether the departure is amicable or contentious.

It’s Complicated

Ownership of IP can be complicated, so it is important for both sides to clearly demarcate ownership of IP both during the employment relationship and upon its termination. The remote work environment that many businesses are currently operating in raises additional complications, particularly in situations where the activities involved in creating, designing, inventing, or developing the IP took place using the departing employee’s own personal resources (technology, Wi-Fi, home, materials, etc.) as opposed to the employer’s resources. Most employment agreements in the IP space include clauses that explain what rights a person has to any creative ideas they've created while at work, and nearly all agreements in this space include a duty to assign work-related IP rights the employer. Where applicable, identify the inventions that the exiting employee is listed on and agreements that the employee or the employee’s division is involved with, and run a search to see if the employee is listed on any pending applications. If any deficiencies are identified, prepare and execute IP assignment agreements or amend existing agreements to ensure that the employer retains the appropriate IP following the employee’s departure. Failure to do this can have expensive consequences. For example, in Applera Corp. v. Illumina, Inc., 375 F. App'x 12, 15 (Fed. Cir. 2010), an employee of Company A developed a new DNA sequencing technique and filed a patent on it while employed with Company A. He allegedly developed the technology on his own time and used a personal laboratory notebook and his home computer to prepare the patent application. He later took the technology to a new employer, and litigation ultimately ensued. The court largely sided with the inventor, holding that the language used in Company A’s assignment clause was loose enough to allow the employee to keep his patent. Arguably, had Company A taken the time to inventory all of the employee’s patents and execute any necessary assignment agreements upon the employee’s departure, litigation may well have been avoided.

We Need to Talk

Like any relationship, the end of an employment relationship requires closure, in the form of a comprehensive and structured exit interview for all departing employees. It is common to think of IP theft as nefarious, but in some cases, the offending employee may simply be unaware or uninformed of their legal obligations. Provide the departing employee with a copy of the most recent version of their employment agreement and any addenda thereto, and remind the departing employee of their legal obligations under those agreements. Where the employment agreement contains already-existing non-compete clauses, non-solicitation agreements, non-disclosure provisions, or other restrictive covenants, go over these provisions in detail and ensure that the employee understands that they will be bound by these agreements after leaving the company. Clearly communicate the legal consequences of sharing protected information to departing employees. Have the employee sign an acknowledgment form that confirms knowledge and understanding of these continuing legal obligations.

Is There Someone Else? During the exit interview, question the departing employee about his or her new job, including identifying the new employer, position, duties, and responsibilities to determine the risk of unwanted disclosure. Information gleaned during the exit interview (or from the employee’s refusal to do so) can also help the company assess any risk of misappropriation and determine whether further steps are necessary. Where the employee is departing to work for a competitor or a company operating in a similar space, consider whether NDA’s or NSA’s need to be executed or amplified. Advise the departing employee to provide their new employer with a copy of their exit paperwork so that the new employer is informed of the employee’s ongoing responsibilities with respect to your company’s IP. Also, make sure you have the employee’s updated contact information.

Did You Cheat on Me?

When you receive notice that an employee is leaving, identify all files in your company that the departing employee is assigned to, has access to, or has worked on. In addition to giving yourself a subject area roadmap for your exit interview, it may also shed light on whether the departing employee has accessed, saved, or otherwise transferred files prior to departure. Unauthorized or unnecessary access attempts may be a red flag that the employee intends to misappropriate your trade secrets or protected IP. Review logon activity and remote access logs for anomalous or unusual behavior such as unknown devices, new locations, or activity outside normal hours. Monitor file transfers to external storage hardware such as USB devices. Where permissible and warranted, review internet history for visits to unauthorized file storage websites and monitor email activity for sensitive data or documents being forwarded to personal accounts. The remote work environment can create additional complications here, as privacy laws may shield an employee’s personal devices, so always have the departing employee certify that they have deleted or otherwise destroyed all copies of company materials that may be stored on their personal devices or in their personal workspaces. The much publicized case of Waymo v. Uber, civil case No. cv 17-939 WHA (N.D. Cal. 2015) is a cautionary tale on this front. In the month prior to his departure, an employee of Google’s self-driving car unit Waymo downloaded over 14,000 proprietary files and engineering schematics from Google’s SVN server to his Google-issued laptop, transferred them to his personal MacBook, uploaded them to his personal Dropbox account, and ultimately used these files in connection with his new self-driving truck company under the Uber umbrella. Much litigation ensued, including a criminal complaint. During the course of litigation, it was revealed that the employee was not a regular user of the SVN repository while employed at Waymo, had specifically requested credentials to access it during the month prior to his departure, and accessed it exactly one time (to download the proprietary files). Arguably, had Waymo looked into the employee’s digital activity in the month prior to his departure (which itself was suspect as he resigned without notice), this unusual activity should have been a red flag, and Waymo may have been able to stop the appropriation before it caused so much damage.

Get Your Stuff Back

Prior to the employee’s last day, make sure the employee has returned all company-owned computers, mobile devices, office keys, badges, access cards, and other company-owned property and devices. For devices and files of any kind, make sure that you will be able to access them after the employee departs. Have the employee sign an acknowledgment form that confirms he or she has returned all company devices and returned or destroyed all company documents/information. If the departing employee was a key contributor to your company’s most valuable IP, or if you have concerns that the departing employee may attempt to use company trade secrets or other confidential information in violation of his or her contractual commitments, consider preserving the employee’s hard drive and/or company-owned mobile devices after departure. Many employers routinely wipe a departed employee’s hardware and return it to service, which can pose serious complications if you later discover that the departing employee helped themselves to trade secrets before leaving. In these cases, the cost of preserving and storing a hard drive is trivial in comparison to the costs of a lawsuit. Forensic examination of the hard drive can show, for example, when USB drives were inserted and what the directories on the drives were named. They can also show when items were viewed and copied and can give access to deleted emails, search history, and other messages. Litigation between mobile gaming giants in Zynga v. Scopely, Case No. 3:16-cv-6855 MEJ (N.D. Cal. 2016) highlights the wisdom in preserving hard drives of key employees who depart for rival companies. When the creative director on one of Zynga’s most ambitious soon-to-be-released games jumped ship to Scopely, Zynga preserved his hard drive. When that same employee poached additional Zynga employees to work for Scopely, Zynga preserved their hard drives too. Forensic analysis of the hard drives revealed that the employees had transferred tens of thousands of files in the period just before leaving to external USB storage devices, and took steps to cover their tracks by deleting transferred files and renaming certain others. An exit interview lookback might not have caught the unusual activity because of the evasive techniques. However, later forensic analysis of the hard drives pulled back the curtain and gave Zynga the receipts they needed to bring litigation against Scopely, including internet searches for “how to erase a computer hard drive.”

Change the Locks

Even if the employee’s departure is wholly amicable, it is important to disable all access once the employment relationship ends. Once the employee is gone, the IT department should terminate all key cards, passwords, authorizations, and other permissions to devices, data, infrastructure and the employer’s facility. Change network passwords and PINs where necessary, and update passwords for shared accounts. Reset entry codes, deactivate any accounts associated with the employee, and review remote access software and VPN credentials to ensure the former employee doesn’t have access to it. In other words, change the locks.

In closing, breakups are never easy, but they don’t have to hurt. A comprehensive and consistent exit process can protect your company from IP misappropriation when you part ways with an employee. It reminds the employee of his or her legal obligations; ensures the security of company-owned devices, documents, and information; and provides you with intelligence about the employee’s activities and new employer to determine the risk of unwanted disclosure.

Reprinted with permission from the March 3, 2021 issue of The Legal Intelligencer ©2021 ALM Media Properties, LLC. Further duplication without permission is prohibited. All rights reserved.

Looking for more information on this topic? Register for Volpe Koenig's  March 18, 2021 webinar:  The Revolving Door: Intellectual Property Issues for Incoming and Outgoing Employees and Contractors