In a recently developing story, on June 20, 2018, automaker and renewable energy giant Tesla filed suit against its now former employee Martin Tripp in the U.S. District Court for the District of Nevada. According to Tesla, Tripp, a former Tesla process technician working in the company’s Nevada Gigafactory battery plant, exported confidential and trade secret information (including data, documents, photos, and video) related to the automaker’s manufacturing operating systems, raw-material waste, and safety standards. Tripp then uploaded the illegally obtained information to his personal email and cloud-based storage accounts and ultimately transferred that information to outside entities. In its 12-page compliant, Tesla alleges that Tripp’s actions constitute violations of both federal and state trade secrete laws (e.g., Defend Trade Secrets Act, 18 U.S.C. §§ 1836 et seq.; Nevada Uniform Trade Secrets Act, Nev. Rev. Stat. §§ 600A.10 et seq), a breach of contract (e.g., breach of the Proprietary Information Agreement between Tesla and Tripp), and a breach of Fiduciary Duty of Loyalty that Tripp owed Tesla under Nevada law.
Days after filing suit, Tesla filed two Emergency Motions for Authorization to Issue Document Preservation Subpoenas. According to both Motions, Tesla claims defendant Tripp had confessed to not only the theft of Tesla’s trade secrets, but to also deleting portions of the information he stole from his personal email accounts, other personal messenger accounts, and his cloud storage accounts in an effort to “cover his tracks and spoliate evidence of his wrongdoing.” (see First Motion 1 at p. 2, ln. 5-8; see also Second Motion 2 at p. 2, ln. 5-8).
U.S. Magistrate Judge Valerie P. Cooke granted both motions authorizing Tesla to serve document preservation subpoenas on cloud-computing non-parties Apple, Inc. (iCloud), Microsoft Corporation (OneDrive; SharePoint), Google LLC, AT&T Wireless, Facebook, Inc. (Facebook Messenger), WhatsApp, Inc. (WhatsApp), Open Whisper Systems (Signal), and Drobox, Inc. The subpoenas require that the non-party technology companies preserve documents, data, and records from and pertaining to Tripp’s email and cloud-based storage accounts including copies of files previously deleted by Tripp that are still accessible by the non-parties. (see First Motion at p. 2, ln. 10-13). Importantly, these subpoenas only require the preservation of documents and not their actual production (for now).
In an interesting twist, while Tesla alleges employee sabotage Tripp recently came forward claiming whistleblower status after “seeing ‘some really scare things’ inside the company, including dangerously punctured batteries installed in cars,” as reported by The Washington Post, and after discovering various aspects of Tesla’s raw-material waste production, as reported by Business Insider.
This case is still in its early stages and it will be interesting to see how Tripp responds to Tesla’s lawsuit. Regardless of the outcome, however, one interesting aspect this case highlights is how easy it has become for an employee to steal trade secrets and other confidential information from their employer with the advent of cloud-based technologies. Gone are the days requiring transportation of physical copying and transportation of documents from a secure physical location (think Watergate and the Pentagon Papers). Here to stay are the days of simply writing code to hack into a computer system, stealing electronic data, and exporting that information to the cloud from which the information becomes readily available for dissemination to third parties. While the advent of the cloud has ushered in enormous technological and business-model advantages, it is important to remember even the most useful technologies, when abused, can be used to cause harm, including stealing a company’s intellectual property. This case demonstrates the critical need for users of cloud technology to be diligent in their security efforts.