Nowadays, most intellectual property (IP) is electronic and includes patents, trademarks, copyrights and trade secrets. What is classified as a trade secret is broad and can include the data found in sales and marketing databases, as well as business plans and market research projects. What links all of these kinds of data is that without the right precautions, it can be easy to steal and used to put a company at disadvantage.

What are the risk factors for IP theft?

In the majority of cases, IP theft is linked to redundancies or dismissals. A disgruntled employee or group of employs leaves the company and takes with them sensitive documents such as customer information, financial plans and business research. This data can then be used to attract new employers or to start a rival business.

Preventing IP theft
Unlike data breaches, intellectual property theft is usually committed internally by employees who have easy access to data.  Removing access to data is easier said than done, especially when someone’s job relies on say, using a sales contact data base.  For in-house counsel who have concerns around IP theft and want to take a proactive approach, I would suggest a two pronged approach:

  • Incorporate IP theft checks into the redundancy or dismissal procedures

Before an employee leaves, contact your computer forensics provider to perform an initial spot checks on their devices. If any red flags are found, a more extensive examination can take place and the matter dealt with before they have left the company.

  • Arrange for regular spot checks of emails and laptops

If your business is particularly sensitive to IP theft, you could consider implementing regular monitoring as part of wider compliance checks.

How can computer forensics help in the event of IP theft?

If you think your company has been targeted it is important that you call a computer forensics provider at the earliest opportunity. The below case study shows how even months after a suspect theft, computer forensics professionals can help bring a case to justice.

Our Client
We were contacted by a General Counsel from a top electronics firm who had become suspicious of the activities of a former employee. In the months following the departure of the employee, existing clients had reported that they had been approached from a business set up by the ex-employee.

As the former employee was contractually forbidden from using company data outside of his role, they were liable for prosecution by our client. KrolLDiscovery was tasked with investigating whether or not the individual had stolen intellectual property.

The investigation
The client had retained the laptop used by the suspect. The laptop was handed over to KrolLDiscovery and data from the laptop was forensically captured by our experts. We analysed this data and began to piece together a timeline of the suspect’s activities.

A textbook case 
The data held on the laptop enabled us to draw a detailed timeline of the employee’s activities. The first red flag was that significant activity had taken place of outside working hours just prior to the employee leaving the company. This is one of the most common signs of IP/ data theft. We discovered the employee had been accessing confidential sales areas and have viewed several files they would not normally have been interested in. Shortly afterwards, the suspect had made a copy of their corporate email on the laptop and immediately afterwards, inserted a USB device.  We found evidence that files matching the filenames of confidential sales documents had been opened from this same USB.

The outcome
The GC used our report and findings to apply for a Court order to have the suspect’s USB and private computer analysed.  Following this, the GC was able to have the devices securely wiped, agree settlement and put measures in place to prevent their intellectual property being used by the ex-employee.

About the author:
Tina-ShahTina Shah is a US trained lawyer and joined in 2012 as an Electronic Evidence Consultant within the legal technologies division of KrolLDiscovery. Her role is to advise on how to effectively manage electronically stored documents in matters ranging from litigation, arbitration, internal and regulatory investigations.

Should you have any questions on GDPR and Data Privacy, ediscovery and digital forensics you may always call Tina for advice or email her @

+44 (0) 20 7549 3870 Amsterdam Office
+44 (0) 77 9989 6853 Mobile

KrolLDiscovery provides technology-driven services and software to help legal, corporate and government entities manage, recover, search, analyse, and produce data efficiently and cost-effectively. In addition to its award-winning suite of software, Kroll Ontrack provides data recovery, data destruction, electronic discovery and document review services.

For more information about Kroll Ontrack and its offerings please visit: www/ and follow @KrollOntrackEU on Twitter.