Psst! Got a Great Idea?
Here's how to grow your business without giving away your trade secrets.
BY LAIRD HARRISON
Dwane Pass had a great idea for a new business: a proprietary wireless system that would allow physicians to check medical records and write prescriptions on handheld computers. All he needed to launch the product that his company was developing was a partner with an established customer base. So he approached Medical Manager Health Systems of Tampa, Fla., whose software had helped thousands of doctors manage their medical practices. In return for access to those physicians, says Pass, 45, he gave plans for his wireless system to John Kang, then co-CEO at Medical Manager. But after he handed over his company's secrets in November 2000, Pass alleges, he waited in vain for Kang to supply the customers.
In April 2001, Medical Manager announced it was rolling out a wireless system that sounded to Pass exactly like the one he had offered to build. Last May, deprived of the millions of dollars it expected from a collaboration with Medical Manager, Pass's company, LynkUs Communications of Brandon, Fla., went out of business. And Medical Manager — now part of WebMD in Elmwood Park, N.J.--is facing a lawsuit. Officials of Medical Manager and WebMD say they never made a deal with Pass or got any secrets from LynkUs. Kang declined to comment.
The story illustrates the danger — of expensive misunderstandings and much worse — posed by business partnerships in the digital age. To speed their delivery of new products and services, more and more firms are asking partners for help. New Internet-based software makes the sharing much easier. But the collaborations also put trade secrets at risk. Start-ups like LynkUs are looking for established partners willing to share their customers. Big firms like WebMD are trying to legitimately absorb new ideas from start-ups. Manufacturers like Ford are sharing research with partsmakers like Lear and consulting them on product designs. Stores like Wal-Mart are giving their suppliers minute-by-minute sales data and in return asking all about the suppliers' inventory, capacity and customer lists.
Brett Wells, director of operations at QAC Inc., an electronics-manufacturing contractor in Pelham, N.H., says his employer is being drawn deeper into a network of shifting alliances with designers of X-ray machines, computers and cell phones. "They're becoming virtual manufacturers," Wells says, "while the real manufacturing is done by the contractors." QAC's customers are sending teams of auditors to the firm's factory to scrutinize its machinery, measure its capacity, ask about its other customers and even examine its financial statements.
QAC also fields such questions from ThreeCore of Danvers, Mass., which plays host to online auctions for electronic-component contracts. And it doesn't stop there. If QAC can't fill an order, it will often turn to one of its competitors for help. Competitors return the favor, and in the process, the two share so much information that keeping trade secrets has become almost impossible.
The situation is much the same in the auto industry, in which specifications for most new models are common knowledge three years before the cars reach the showroom, says Eugene Fong, a systems analyst at Ford. "This whole industry is built on spying and trying to find out what your competitors are doing"--through both honest and questionable means. Gary Corrigan, a spokesman for Dana, the big auto-parts maker in Toledo, Ohio, says some customers "ask for your proprietary technology; then they go around and shop it. They'll say, 'That's interesting. Can I see it?' And then they'll go to one of your competitors and say, 'Quote this.'"
Jim Hurley, a security consultant at the Boston-based Aberdeen Group, says that in partnerships across many industries, "clients have had experiences with theft of designs or theft of retail channels. It's quite common, and it's a real problem." Last month a joint survey by the FBI and the Computer Security Institute found that the average loss suffered by companies hit by the computer-enabled theft of proprietary information jumped from about $1 million in 1996 to nearly $6.5 million in 2001. The survey did not ask how much of the loss resulted from partnerships, but a 1999 survey by the American Society for Industrial Security and PricewaterhouseCoopers found that FORTUNE 1000 companies rated their partners as greater security threats than their competitors.
Concern about publicity was the most frequently cited reason for keeping two-thirds of victims from reporting computer-related crimes to the police, the FBI/CSI survey found. Among the most striking exceptions was a 1998 case in which Boston-based Gillette hired Wright Industries of Nashville, Tenn., to build fabrication equipment for the new Mach3 razor. Wright engineer Steven Davis was arrested after he sent information about the billion-dollar razor (which Gillette had spent several years designing) to competitors Warner-Lambert, Bic and American Safety Razor. At least one of the companies reported the theft to Gillette, which asked federal authorities to prosecute under the Economic Espionage Act of 1996. Davis was sentenced to 27 months in prison and ordered to pay $1.3 million to Wright and Gillette.
Most managers know that employees are legally bound not to disclose their employers' secrets. But once a company shares information with a business partner, those secrets are no longer protected; the partner and its employees are free to use the information unless they're bound by a nondisclosure agreement, explains Chicago intellectual-property attorney R. Mark Halligan. (LynkUs and Medical Manager signed such an agreement, which will probably be a focus of the trial, set for November.)
Software engineers are struggling to keep up with security challenges through password protection and encryption as well as programs that limit who can read, print, forward, save or cut and paste a digital document and for how long. Daniel Schreiber, the CEO of Dallas-based digital-security firm Alchemedia Technologies, says, "The only option left is to take a picture of the screen with a camera." But some people will do just that. In 1996 Guillermo Gaede, who worked for chipmaker Intel, pleaded guilty to videotaping from his computer screen information — worth more than $10 million — which he planned to sell to an Intel competitor.
Some firms respond by tightly restricting access to sensitive information. But that approach can impose unexpected costs. Tom Baker, who manages a website used by employees, customers and suppliers of Quaker Chemical of Conshohocken, Pa., at first strictly controlled access to the site — and as a result nobody used it. Says Baker: "Once you start to limit folks, their willingness to contribute goes away."
But businesses don't have to abandon all secrecy in the information age, says Tom Halbouty, chief information officer of Pioneer Natural Resources, based in Irving, Texas. The company often collaborates with its competitors. To protect secrets about oil-field discoveries and drilling-platform designs, Pioneer purchased software from Infraworks of Austin, Texas, that limits the reproduction of sensitive digital documents. The company encrypts its Internet communication with partners and insists that contractors working on site use Pioneer's e-mail system so the company can track what information they send to whom. Pioneer is also careful to obtain nondisclosure agreements early in each negotiation.
Digital networking certainly poses a risk to trade secrets, Halbouty says, "but if you're practical and prudent, you can use these tools to your advantage." Pioneer's secrets, he says, are as leakproof as its oil pipes.