Skip to main content

Prevent IP Theft During a COVID RIF - Don’t Let Your Trade Secrets Depart with Employees


Watch it on demand by clicking here.

COVID-19 has altered the world in many transformative, possibly permanent, ways. Businesses have been forced to re-forecast earnings and make changes to survive. Companies aim to protect the bottom line as revenues tank, and they have turned to reductions in force (RIFs) in order to control the cost side of the equation. These mass layoffs have created a host of risks for legal, IT, and compliance departments. This blog will cover key tips for mitigating IP theft risks as waves of departing employees are being offboarded.

Prevent IP Theft During a COVID RIF - Don’t Let Your Trade Secrets Depart with Employees

Why is IP theft on the rise right now? When employees are separated from a company, it is commonplace for these ex-employees to take some form of electronic data with them. This information does not necessarily belong to them and should be surrendered back to their employers as part of a formal offboarding process. In the current COVID era when greater numbers of employees are working from home, ad-hoc workaround steps are implemented to replace a formal offboarding process. Exit interviews are conducted halfheartedly and a great deal of trust is placed on the employee to “do the right thing” when it comes to the treatment and timing for returning company materials. Absent the normal office setting, departing employees are not closely monitored for purposeful or incidental misappropriation of data. It also becomes more difficult to demarcate company data versus personal data when a mixture of devices are used interchangeably during extended shelter-at-home periods when corporate data is allowed to flow freely within the employee’s private home network.

What is so different about a COVID RIF vs. a standard RIF? Many of the RIFs being implemented during COVID are larger than normal and companies may not have rigorous methods in place to ensure the protection of their trade secrets. It is impossible to enforce the rules of the road with a well-conceived compliance program when all employees are remote, and it’s particularly challenging for companies to know where all of the data exists in the home environment. If employees do not receive proper training around good data hygiene practices while working from home, bad user habits can easily develop and the company’s reactive efforts to map, collect, and validate company data for offboarding purposes can lead to haphazard results at best.

How does this situation affect the client’s bottom line? Trade secret litigation is expensive and the remediation process is also notoriously pricey. Litigation around trade secrets is often far more expensive than the value of the trade secret itself, so it’s a huge challenge to tackle IP theft from COVID RIFs and these unique problems stand to only get worse in the current climate. According to the Association of Certified Fraud Examiners, an organization can expect about five percent of its revenue lost to fraud and misconduct schemes. Losses become larger when the value of a specific piece of intellectual property is stolen, or the sum of any amount of IP theft over a longer duration goes undetected over time for a particular organization. COVID RIFs present a unique challenge because of the scale and circumstance of departures. The scale and circumstance of a COVID RIF can easily overwhelm the company’s ability to perform the process thoroughly and thoughtfully.

What new forensics challenges are being encountered? A forensic investigation is significantly hampered when there are fewer data sources and evidence types to leverage in order to triangulate and corroborate wrongdoing. Companies do not own the real estate and all of the devices in a work-from-home setting – the employees do. Expect an increase in the filing of orders to compel if suspected IP is located on an employee’s privately-owned device or cloud data source and the employee doesn’t surrender that information voluntarily. It is further complicated when this IP propagates to other unauthorized destinations (e.g. a new employer’s enterprise environment that happens to be a competitor). A company setting provides for a multitude of audit trail artifacts that can be acquired without issue to augment a company-sanctioned investigation. Companies will need to implement as much rigor as possible with the offboarding process while employees are working from home by thinking more proactively up front, ahead of a RIF. Employee handbooks need to be revised, appropriate use policies need to be enhanced, new training sessions need to be conducted, and IT data loss prevention programs need to be reviewed.

How important are sound forensics when litigating a trade secret case? Taking a forensically sound approach at the evidence collection stage is critical. This is where corporate IT can miss the mark early on. Properly trained forensics investigators use legally defensible methods to preserve electronic data and avoid spoliating metadata. Leveraging experts can also help better substantiate findings of data exfiltration, IP theft, and trade secret misappropriation.

In order to mitigate your company’s IP theft risk during the COVID era when the scale and circumstance of a RIF can easily overwhelm you, remember where sensitive corporate data lives, review the steps to protect trade secrets, ensure your employees are trained on practical data hygiene practices, and formulate a better offboarding program for remote employees.

If you have questions about any of the above, please feel free to reach out to me at  


About the Author

Executive Director, Digital Forensics | As Executive Director of Digital Forensics within Lighthouse's Advisory group focused on governance, risk, and compliance issues, Jerry provides expert witness and strategic consulting services to law firms and corporations in the areas of computer forensics, investigations, electronic discovery, and litigation support. Jerry brings over 15 years of experience in digital forensics, ediscovery, automated risk assessments, compliance monitoring, and investigative analytics to his role as the Forensics lead at Lighthouse. Prior to this role, Jerry was the U.S. Director of Forensics at Inventus, LLC, where he acted as the national leader of digital forensic services and evidence collection for investigation and litigation matters and was responsible for the development of proactive risk management consulting services. Before joining Inventus, LLC, Jerry served as an independent contractor supporting an OFAC investigation for a large online retailer in response to a regulatory inquiry. Prior to this, Jerry was the Advisory Director of Forensic Technology Services and Investigative Analytics at PwC where he focused on global supply chain fraud and compliance solutions in pharmaceutical life sciences and food trust. He was responsible for advising clients on regulatory affairs and enforcement trends involving the Food and Drug Administration (FDA) and Department of Justice (DOJ) as it related to false claims, anti-bribery and anti-corruption, and food safety. Jerry has also held leadership positions at Ernst and Young, KPMG, and Navigant Consulting. Jerry received his B.A. in Political Science with a focus on International Relations from UCLA.

Profile Photo of Jerry Bui