A Criminal Conviction for Theft of a Trade Secret Does Not Require a Trade Secret

In an unusual case involving trade secrets, a court determined that the mere belief that stolen information is a trade secret, even when no trade secret was stolen, is criminally convictable. As an important tool for protecting intellectual property, businesses will often keep valuable information  secret, and only provide access to individuals necessary to complete some business objective. Most businesses grant access to the trade secret on the belief that misappropriation is actionable under the Defend Trade Secrets Act of 2016, as well as state laws that are substantially similar to the federal law. It is less known, however, that the theft of a trade secret is a federal crime, pursuant to the Economic Espionage Act of 1996 (“EEA”), as codified at 18 U.S.C. § 1832.

In this particular case out of Chicago, an employee resigned and, before leaving, downloaded 1900 files from his employer. He believed that this information constituted trade secrets of his employer, and had the intention to take these trade secrets to his new foreign based employer. However, prior to boarding his plane to China, he was stopped by the United States Customs and Border Patrol, where the hard drive was discovered.

In February 2019, he was convicted by a jury of actual and attempted theft of trade secrets, pursuant to the EEA. The jury also determined that, to a large extent, the stolen documents did not constitute a trade secret. The defendant filed for a post-conviction motion for a new trial, with an argument that you can’t be convicted of theft of trade secrets if the information did not include any trade secrets.

On October 9, 2019, the judge ruled that theft of trade secrets under the EEA exists even if the underlying materials don’t constitute a trade secret. This suggests that stealing what is believed to be a trade secret constitutes a crime. This outcome certainly poses a unique perspective on a lesser known consequence regarding theft of a trade secret. Whether this concept will transfer to non-criminal litigation over the theft of trade secrets has yet to be determined.

For a detailed history, please see United States of America v. Robert O’Rourke, No. 17-cr-00495, (N.D. Ill. 2019).

VW Contributor: Alex B. Rainville
© 2019 Vandenack Weaver LLC
For more information, Contact Us


Continue to Scrape Away! Microsoft’s LinkedIn Ordered to Lift Ban on Third Party Access to Public Profile Data

In the closely followed hiQ Labs, Inc. v. LinkedIn case, the Ninth Circuit affirmed the district court’s decision holding that hiQ, a data analytics company, is entitled to a preliminary injunction forbidding LinkedIn from denying hiQ access to publicly available LinkedIn member profiles. hiQ had been scraping data and building products from LinkedIn public profiles. LinkedIn argued that hiQ was in violation of LinkedIn’s user agreement as well as California law and federal law, including the Computer Fraud and Abuse Act (CFAA) and sent hiQ a cease-and-desist letter.

Similarly, back in 2018, a district court in Washington D.C. ruled that using automated tools to access publicly available information on the open web is not a crime, even when a website bans automated access in its terms of service. The case, Sandvig v. Sessions, narrowly interpreted the CFAA. This federal law makes it illegal to access a computer connected to the Internet “without authorization,” but neglects to specify what “authorization” means. In pertinent part, the court reasoned that:

“Scraping is merely a technological advance that makes information collection easier; it is not meaningfully different from using a tape recorded instead of taking written notes, or using the panorama function on a smartphone instead of taking a series of photos from different positions. And, as already discussed, the information plaintiffs seek is located in a public forum.”

The Ninth Circuit decision and reasoning is in line with Sandvig. However, the court was clear not to outlaw a website owner from pursuing any recourse against wholesale appropriation of its public content. Rather, the court articulated a public policy concern if companies like LinkedIn can use sole discretion to determine who can collect and use data when that company does not own the data which they make publicly available to viewers. Read in this way, the court is mitigating the opportunity for LinkedIn to gain a monopoly on public information of the site’s 500 million member profiles.

Many view hiQ Labs, Inc. v. LinkedIn as a victory for the open source web. The internet is a critical space for researchers, journalists, businesses, and individuals who require meaningful access to collect and analyze public information. Specifically, businesses use web scraping bots to relentlessly pursue data which might help grow their business by monitoring competitor pricing. Web scraping is also integral for predictive analysis, where businesses can study and understand products and associated consumer behavior to assess their costs and benefits. Thus, web scraping provides significant business value to a multitude of companies across various sectors.

LinkedIn could appeal the 9th Circuit’s decision to the U.S. Supreme Court. Until then, data miners, researchers, and other third parties can continue to use any public online data not owned or password protected by a website owner.

VW Contributor: Skylar Young
© 2019 Vandenack Weaver LLC
For more information, Contact Us

Oral Argument to Be Heard By Supreme Court Over Specifics of Title VII

Supreme Court Update

The 2019-20 term of the United States Supreme Court opens today.

On October 8th, the Court will heard an oral argument on a set of cases that could determine whether sexual orientation and gender identity are covered by Title VII of the 1964 Civil Rights Act.  Courts and commentators are divided on the issue, which has been the subject of active litigation in multiple cases for several years.  This may be the most significant ruling of the Court in the area of employment law this term, and will be closely watched.

A decision could be issued before the end of the year; timing is to be determined by the Court.


VW Contributor: Matthew G. Dunning
© 2019 Vandenack Weaver LLC
For more information, Contact Us

CBD Sellers Beware: FTC Issues Warnings on CBD Marketing Practices

By Ryan Coufal

On September 10th, 2019 the Federal Trade Commission (“FTC”) sent warning letters to three companies that sell oils, tinctures, capsules, “gummies,” and creams which contain cannabidiol (“CBD”), a chemical compound derived from the cannabis plant.  While the FTC did not identify the companies publicly, the letters warn that it is illegal to advertise a product that can prevent, treat, or cure human disease without reliable scientific evidence to support such claims. 

The companies’ websites claim that CBD products “’work like magic’ to relieve ‘even the most agonizing pain,’” are a “miracle pain remedy,” and are highly effective at treating “the root cause of most major degenerative diseases.”  The websites then promote that CBD treats a whole host of diseases including: cancer, Alzheimer’s disease, multiple sclerosis (MS), fibromyalgia, cigarette addiction, colitis, autism, anorexia, bipolar disorder, post-traumatic stress disorder, schizophrenia, anxiety, depression, Lou Gehrig’s Disease (ALS), stroke, Parkinson’s disease, epilepsy, brain injuries, diabetes, Crohn’s disease, psoriasis, AIDS, arthritis, and heart disease, with one of the websites even stating the treatment is “clinically proven.” 

In its letters the FTC instructs the companies to review all claims made about their products, including consumer testimonials, to ensure such claims are supported by competent and reliable scientific evidence.  Making such unsubstantiated claims can be in direct violation of sections of the FTC Act, 15 U.S.C. §§ 45(a) and 52, which regulate advertising.  Additionally, such claims can violate the Federal Food, Drug, and Cosmetic Act (FDCA), 21 U.S.C. § 321(g)(1)(B) which is regulate by the U.S. Food and Drug Administration (FDA).  On March 28, 2019 the FTC and FDA jointly sent similar warnings to three different CBD companies about their marketing practices, with the FDA taking the stance that such marketing practices are evidence that CBD products are intended to be used as drugs, which require extensive testing and FDA approval before marketing the products in such a manner.  Making a claim that CBD is a drug that can cure disease when it has not been approved by the FDA could create the potential for violation of the FDCA.

The FTC gave the latest three companies fifteen (15) days to notify the agency of the specific actions they have taken to correct the agency’s concerns.  Companies that sell CBD products should take note of the marketing practices the FTC and FDA are regulating and review all claims made about their CBD products and ensure they are backed by reliable and competent scientific evidence, and ensure they are not marketing CBD products as drugs under the FDCA.

© 2019 Vandenack Weaver LLC
For more information, Contact Us




New Nebraska Law’s Impact on Filing Requirements for Corporations and Partnerships

LB 512 signed into law on May 30th, 2019, requires all S Corporations, limited liability companies, and partnerships with Nebraska source income to file a Nebraska return for all tax years beginning on or after January 1st, 2019.

Previously, S Corps, LLCs, and partnerships had to file a Nebraska income tax return if they had nonresident owners and were apportioning income.

The Nebraska Department of Revenue (DOR) encourages all S corporations, limited liability companies, and partnerships to e-file their pass-through entity returns. A Nebraska state ID is required when e-filing a pass though entity return.

A pass-through entity without an assigned Nebraska identification number will need to apply for a number before e-filing a 2019 Nebraska tax return. If your business does not have a Nebraska Tax ID Number, follow the link below to the Nebraska Department of Revenue to register your business.


© 2019 Vandenack Weaver LLC

For more information, Contact Us

Circuit Split on Data Breach Litigation

On March 25th, 2019, the Supreme Court denied review of a case involving individuals whose personal information held in a database was breached by hackers. Specifically, the issue was whether the parties requesting review had Article III “standing” to sue due to the database breach.

Standing is the authority of a court to hear a case. For the court to exercise such authority, the court will only hear cases based on events that cause actual injuries or create real threats of imminent harm to individuals who brought the case. The D.C. Circuit Court in its ruling of June 21st, 2019 deepened the split among contradicting circuit rulings. The D.C. Circuit Court ruled the petitioning party had standing to bring the case due to the breach of 21.5 million social security numbers, birth dates, and residency details of former, current, and prospective employees. The court held that, the plaintiff’s fear of facing a substantial risk of future identity theft met the burden to establish standing.

While the Sixth, Seventh, and Ninth circuits have similarly concluded that a heightened risk of identity theft is sufficient for individuals to possess standing to sue; the Second, Third, Fourth, and Eighth Circuits have ruled in the opposite direction. Distinct facts from this  latest data breach case include the nature of the defendant being a federal government agency and the alleged identity of the hacker being a foreign government entity where the breach was executed for purposes other than identity theft. Nonetheless, the D.C. Circuit Court found the federal government agency liable as well as Office of Personnel Management’s (OPMs) third-party vendor, despite the contract between the two parties. The Supreme Court may need to review and rule on this crucial issue in the near future given the current split of authority.

© 2019 Vandenack Weaver LLC

For more information, Contact Us



Citing Third Party Disclosure, Court Rules Attorney-Client Privilege does not Protect Certain Emails

Communications between attorneys and their clients are generally thought to be confidential under the protection of attorney-client privilege and work product doctrine.  On May 6, 2019, however, the United States District Court Southern District of New York ruled that attorney-client communications, in the form of emails, shared with a public relations firm were neither privileged nor protected by attorney work-product doctrine. In the trademark case of Universal Standard Inc. v. Target Corp., S.D.N.Y., No. 18 Civ. 6042, 5/6/19, Magistrate Judge Gabriel W. Gorenstein demonstrated the narrowness of circumstances in which a company can assert privilege after sharing information with third parties. The court held that since the PR firm hired by Universal Standard was not necessary to the emails between Universal Standard and its attorneys, was not an agent of the company, and was not hired to aid in legal tasks, privilege and work product did not apply to the communications.


Universal Standard creates women’s apparel with “size-inclusive” clothing brands and in 2018 brought suit against Target alleging that Target’s “Universal Thread” line of women’s clothing willfully infringed upon its trademark.  During a deposition for the case, Target’s attorney questioned one of Universal Standard’s witnesses about the email chains between Universal Standard, their PR firm, BrandLink, and their attorneys.  Universal Standard objected that the emails were privileged.


The court ruled the emails aren’t protected by attorney-client privilege as disclosure to a third party generally eliminates that privilege.  While Universal Standard argued three separate exceptions applied, the court disagreed with their conclusions:


  1. BrandLink was not necessary to the understanding of facts between attorney and client: The court said the emails in question involved the public relations strategy relating to the lawsuit; which could have been relayed directly to the attorneys alone to invoke privilege.
  2. BrandLink was not a “functional equivalent” of an employee or agent of Universal Standard: The court cited that BrandLink did not represent the company to third parties, maintain an office at the company, nor seek legal advice from Universal Standard’s counsel, failing the “functional equivalent” standard.
  3. BrandLink was not hired to complete legal tasks: The court noted a distinction regarding privilege in that there is a difference between when a client hires a third party versus when an attorney hires a third party to implement a legal strategy.  As BrandLink was hired for business purposes, the court held this exception did not apply.


The Court also rejected Universal Standard’s for work product doctrine protection as “conclusory” when they stated all the emails were created in anticipation of litigation and reflected the opinions of their counsel, as these statements were confined to a single sentence, and, as the court stated, a mere recital of the law.


Thus, when communicating with an attorney and the utilizing the convenience of email, it is important to be diligent on who you are including in your communications and what necessity they bring to the privileged conversation.