Intellectual property can present operational risks - knowledge and protocols can help.
While keeping boards apprised of developing risks that materially threaten company operations, are you considering operational risks stemming from intellectual property? Operational risks indeed can originate from IP - from competitors, non-practicing entities, governmental interactions or illegal activities. Relevant education and experience is necessary for boards, and those that advise and inform boards must be sensitized to such risks. While some of these risks are obvious, for example, a major patent infringement campaign filed against a company by a direct competitor; there are many other less recognized but equally dangerous pitfalls.
We have found that intellectual property risk from within an organization is often overlooked and consequently, its threat underappreciated. Recently, Alphabet sued Uber for trade secret misappropriation, alleging that one of its former Waymo executives (self-driving car project) copied about 14,000 files and referenced these while working for Uber after Uber acquired this former executive's startup (commonly known as "Otto"). We wonder how surprised Uber's board must have been when they were first informed of this litigation. Further, consider the magnitude of the alleged damages: Alphabet demanded $2.6 billion in damages stemming from a single allegation of trade secret misappropriation. When this happened, we suspect Uber's board had to wonder if (and why) something was missed in its pre-acquisition due diligence review of Otto. They must have wondered what actions they could have taken to manage this risk and avoid litigation.
Alphabet was also exposed to internal IP risk stemming from one of its own executives. After this employee left to start Otto, Alphabet realized that files containing company trade secrets may have also "left the building." Alphabet also realized that the subsequent acquisition of Otto by Uber was a competitive threat, and upon investigation, believed that its misappropriated trade secrets were being used by Uber. Any company can benefit by understanding the following: What internal controls did Alphabet have in place to catch the alleged impropriety? How and when was the board notified?
IP risks from within often arise from employees "lateralling" both into and out of a company. But they can also arise from insufficient internal control protocols when caring for company intellectual property. In recent years, we have seen several complex transactions that revealed improper IP safeguarding and handling.
One remarkable case involved a multi-billion-dollar public company that was making a public offering of its securities. During a follow-on securities offering, the underwriters discovered something significant: the name of the public company, which had acquired considerable good will and market recognition, was not owned by the company at all, but by its founder. The founder could not be coaxed into contributing the name to the company, derailing the securities offering. Ultimately the company's operating assets were sold to a strategic buyer. Just one narrow aspect of intellectual property - but it held pivotal value.
Intellectual property risk must be assessed, understood and managed with abundant care. A board must be confident that its executives will recognize IP risks related to their business actions, and understand when risks become great enough to necessitate informing the board.
Here are some best practices for mitigating IP risk:
These days, IP is often the largest asset owned by a company. Also, many of those that generate this IP, switch companies with unnerving frequency. In this environment, guarding against IP risks is a challenge, but can be helped by best practices and an educated and experienced board.