§ 5.04 Prosecutions Under the EEA
| Jurisdiction | United States |
| Publication year | 2020 |
§ 5.04 Prosecutions Under the EEA
Since the enactment of the EEA in 1996, the federal government has brought approximately 206 prosecutions under the two separate provisions of the EEA, broken down by year as follows:
| Year | § 1831 | § 1832 | Total |
| 96 | 0 | 1 | 1 |
| 97 | 0 | 4 | 4 |
| 98 | 0 | 7 | 7 |
| 99 | 0 | 6 | 6 |
| 00 | 0 | 7 | 7 |
| 01 | 1 | 8 | 9 |
| 02 | 1 | 15 | 16 |
| 03 | 0 | 7 | 7 |
| 04 | 1 | 4 | 5 |
| 05 | 0 | 7 | 7 |
| 06 | 1 | 13 | 14 |
| 07 | 1 | 9 | 10 |
| 08 | 1 | 11 | 12 |
| 09 | 0 | 10 | 10 |
| 10 | 2 | 9 | 11 |
| 11 | 1 | 12 | 13 |
| 12 | 0 | 10 | 10 |
| 13 | 1 | 7 | 8 |
| 14 | 1 | 9 | 10 |
| 15 | 2 | 6 | 7 |
| 16 | 0 | 3 | 3 |
| 17 | 1 | 7 | 8 |
| 18 | 2 | 9 | 11 |
| 19 | 2 | 7 | 9 |
| Total | 18 | 188 | 205 |
In addition to alleged violations under Section 1831 or Section 1832, many of the cases also involved allegations that the defendant committed wire fraud688 violated the Computer Fraud and Abuse Act,689 or made a false statement to the FBI or another government official.690 For example, in United States v. Leroux, et al.,691 from January 2011 to March 2014, the four named defendants and others located in the United States and abroad allegedly hacked into the computer networks of Microsoft Corporation, Epic Games Inc., Valve Corporation, Zombie Studios, and the U.S. Army. The defendants and others allegedly obtained access to the victims' computer networks through methods including SQL injection and the use of stolen usernames and passwords of company employees and their software development partners. Once inside the victims' computer networks, the conspirators accessed and stole unreleased software, software source code, trade secrets, copyrighted and pre-release works, and other confidential and proprietary information. Members of the conspiracy also allegedly stole financial and other sensitive information relating to the companies—but not their customers—and certain employees of such companies. The defendants also allegedly conspired to use, share, and sell the stolen information. Defendant Nathan Leroux, pleaded guilty to conspiracy to commit computer intrusions and criminal copyright infringement and was sentenced to twenty-four months' imprisonment and defendant David Pokora, a Canadian national, pleaded guilty to conspiracy to commit fraud and was sentenced to eighteen months' imprisonment followed by three years supervised release. Defendants Sanadodeh Nesheiwat and Austin Alcala also pleaded guilty to charges other than under the EEA and were sentenced to eighteen months' imprisonment.
The above chart, however, does not include prosecutions in which the indictment involved allegations that the defendant misappropriated trade secrets but, instead of charging the defendant with a violation of the EEA, the government charged him or her with, for example, wire fraud, interstate transportation of stolen property, or a violation of the Computer Fraud and Abuse Act.692 For example, in 2015, the United States Attorney's Office for the Eastern District of Pennsylvania alleged that Temple University professor Xiaoxing Xi had committed wire fraud by allegedly transmitting schematics of a sophisticated device known as a "pocket heater." The government dropped the charges after it turned out that the blueprints were not actually for a pocket heater, but depicted an entirely different device. In another case, the United States Attorney's Office for the Southern District of Ohio alleged that Sherry Chen, who worked as a hydrologist for the National Weather Service, had violated the Computer Fraud and Abuse Act by using a stolen computer password to download information about dams in the United States and provided the information to Chinese scientists. The indictment also alleged that she had lied to FBI agents about meeting with a high-ranking Chinese official. One week before she was scheduled to go to trial, the government dropped all charges against Ms. Chen without explanation.
It is not surprising that the government has brought approximately 18 cases under Section 1831 as compared to approximately 200 cases under Section 1832, since it is far more difficult for the government to establish that the theft was intended to benefit a foreign country than simply that the theft was intended for the economic benefit of a party. The difficulty in establishing this element and the similarity in sentencing between Section 1831 and Section 1832 under the Sentencing Guidelines means that, in some cases, the government may choose to allege a violation of Section 1832, even where there is some evidence of involvement by a foreign country.
There has only been a single case that has gone to trial involving Section 1831 as compared to a dozen cases involving Section 1832. Walter Liew was convicted of economic espionage under Section 1831, among other counts, on March 6, 2014, after a two-month jury trial in the Northern District of California.693 The jury found that Liew, and his company, USA Performance Technology, Inc. and Robert Maegerle conspired to steal trade secrets from E.I. DuPont de Nemours & Company regarding DuPont's chloride-route titanium dioxide production technology and sold those secrets to state-owned companies in the People's Republic of China. The purpose of the conspiracy was to help those companies develop large-scale production facilities in the PRC, including a planned 100,000-ton titanium dioxide factory. Liew was sentenced to fifteen months' imprisonment.
Only a single defendant was able to successfully defeat a charge of violating the EEA on the grounds that the information he misappropriated constituted "general knowledge, skills or expertise."694 Further, none of the cases apparently involved a successful reverse engineering defense. This should assuage a concern when the EEA was enacted that the government would end up reading the EEA more broadly than civil trade secret law and successfully bring criminal cases that could not be pursued under civil law.
The vast majority of the prosecutions that the government has brought under the EEA involved manufacturing processes or high-technology industries. The stolen property included schematics, designs, blueprints, formulas, or samples, i.e., the information necessary to replicate the business's physical product. Very few cases involve "soft" information such as price lists, customer lists and supplier data. However, in one case, the defendants stole a competitor bidder's proposal, thus, enabling the defendants to submit a more attractive proposal and win a bidding process.695
Many of prosecutions that the government has brought under the EEA involved the manufacturing or high-tech industries The victim most often was a manufacturer of physical products like machinery or chemicals, and the stolen property typically included schematics, designs, blueprints, formulas, or samples, i.e., the information necessary to replicate the business's physical product. Exclusively "soft" information was stolen in a very limited number of these prosecutions. In three of them, the stolen information related to costs, pricing, and supplier data.696 In one case, the defendants stole a competitor bidder's proposal, thus enabling the defendants to submit a more attractive proposal and win a bidding process.697
Where the victim was in the high-tech computer, telecommunications, or pharmaceutical business, the stolen information often included source code, hardware, designs, or samples; again, information that could be used to identically replicate the business's product. For example, in one case, the defendant pled guilty to illegally accessing the victim's computer network and misappropriated and transferred the victim's trade secrets to another company and its employees.698 In another case, Microsoft's Certified Engineer and Solution Developer exams and answers were stolen and copied. The defendant pled guilty to a violation of Section 1832(c).699
Very few of the prosecutions involved victims in the service industry. In these cases, the businesses ranged widely from executive recruitment firms to an industrial refrigeration unit servicing company to a credit card company. The stolen information typically included the victim's sales/pricing data, customer information, or business methods.
Next, nearly all of the prosecutions under the EEA have been taken against individual defendants only. The majority of the individuals indicted have been employees or former employees of the corporations whose information they stole. Most of these employees took the information in order to either start their own company in competition with their former employer or to sell it to their employers' competitors or customers. Corporations were indicted in fewer than ten of all of the prosecutions. In two instances, the indicted corporations were closely held and thus not distinguishable from their individual owners who stole the information.700 In the third case, the corporation that was indicted was charged with copying the stolen document and trying to send the document to its affiliate in China.701 A fourth case was the only one of the service industry prosecutions in which a corporation was indicted as well as the individual employees who took the information.702 The stolen information was plans for industrial refrigeration projects that the victim corporation had installed.703 The employee defendants took the plans and then deleted the information from the victim's information systems.704 It is unclear from the decision what actions the corporation took that resulted in its indictment.
There also appears to be another important trend developing involving companies which immediately cooperate with the government after learning that one of their employees has allegedly been involved in a violation of the EEA. Thus, it is extremely critical for...
To continue reading
Request your trial