If you've ever developed a new product or formulated a new business idea, you've most likely grappled with the question of whether you should to protect it legally in some way. After working hard to develop intellectual property (IP), businesses usually want to protect it from others benefiting from it without permission. Typical methods for protection include patent filing and copyright registration, for example.
Although certain IP rights are automatic, you need to take steps to protect it: No one else is going to look for patent and design infringements or copyright and trademark violations on your behalf. Which returns us to the ongoing litigation between Waymo and Uber over thousands of IP documents.
Waymo, the self-driving car subsidiary of Google’s parent company, Alphabet, has accused one of its former engineers of stealing thousands of confidential documents before joining Uber’s self-driving team. Uber maintains it was unaware that the former Waymo employee, Anthony Levandowski, had allegedly downloaded 14,000 documents from Google's autonomous vehicle unit before leaving to launch his own start up, Otto, which Uber later acquired.
Waymo and Uber are racing to develop the first network of self-driving cars, to create what would be a potentially huge (and profitable) transportation service in the future. The crucial Intellectual Property (IP) that was allegedly stolen involves ‘LiDAR’, a new type of laser system that allows the cars to see roads and obstacles around them.
Waymo is suing Uber, claiming that on his way out the door, Levandowski took with him several gigabits worth of confidential documents related to Google’s proprietary LiDAR design, which they believe were later used in the creation of Uber’s own custom autonomous driving technology. At least some of this information likely qualifies for trade secret protection.
The most contentious arguments leading up to the trial have been around whether or not Levandowski downloaded the files before leaving Waymo, who he might have shared them with, and what Uber knew about the alleged theft and when. Uber refutes this, naturally, with both companies headed to trial in October. And Levandowski has since been dismissed.
For high risk employees such as Levandowski, who produce or have access to commercially sensitive IP, stringent controls, applied using advanced user behavior and data loss protection technology, are necessary. Information security and digital forensics checks have a critical role to play in ensuring that access to corporate IT systems is closely monitored, and that analysis of high-risk employee activities is performed regularly to identify suspect behavior.
Mining Digital Evidence to Uncover the Truth
For organizations that require more rigorous and exacting protection for sensitive (and valuable) data, fortunately there is a proven and highly-effective anomaly detection solution from HoloNet Security called OnFire. OnFire provides extremely precise user profiling by focusing on how each user is accessing sensitive data by linking moving data, and its source and destination, with each user.
What makes OnFire’s approach better than alternatives, is that all of this is done in real-time. Unlike other vendors that rely on a time-consuming process that involves reviewing third-party logs, then running analytics, at HoloNet we develop our own “right metadata” close to real-time and are thus able to provide next-to-real-time alerts.
In the case of Mr. Levandowski’s alleged transgression, OnFire’s advanced user anomaly detection would have already identified and correlated sensitive data (IP) with high-risk users (like Mr. Levandowski), with their applications and devices. In real-time, OnFire would have indicated whether Mr. Levandowski had or had not downloaded the large number files in question by comparing that activity to his normal “baseline”.
In real-time, OnFire would have also detected data download anomalies associated with Mr. Levandowski’s device. A drill-down would also have shown that the volume of data involved had exceeded the daily norm. With each real-time anomaly detection, OnFire would have alerted the network administrator.
It took months for Waymo to reach the conclusion that their IP had been allegedly stolen. Within seconds after detecting unusual activity, HoloNet OnFire would have been able to display conclusively what had transpired with indisputable digital evidence. By linking moving data, with its source, destination, and user, OnFire would have immediately and conclusively resolved the suspicions, speculation, and unanswered truths that are driving Waymo and Uber into costly litigation and placing both companies under the spotlight of undesirable media attention.
This blog reflects the contribution of the HoloNet team and guest bloggers who are security experts. HoloNet Security is led by a team of seasoned security industry professionals with a long, proven track record of successful security products and services.