The Developing “Avoided Costs” Remedy in Trade Secret Litigation
Should a defendant found liable for stealing trade secrets have to fork over all of the research and development costs it theoretically avoided by misappropriating the secrets? Yes, according to the “avoided costs” theory of unjust enrichment that is gaining traction and resulting in large verdicts in DTSA and UTSA cases around the country.[1]
The theory is gaining such traction that in a recent decision out of the Southern District of California, the parties did not contest the availability of “avoided costs,” and the court accepted it as a viable remedy without dispute. Medimpact Healthcare Sys. v. IQVIA Inc., No. 19cv1865-GPC(DEB), 2022 U.S. Dist. LEXIS 186470, at *1 (S.D. Cal. Oct. 7, 2022). Instead, the parties fought over the appropriate method for calculating those costs and the scope of the costs, given the particular trade secrets alleged—issues that the Court left for further briefing.
RCMP Review Prompted by Employee’s Arrest Urges Changes to Bolster Internal Security
A confidential RCMP review, conducted after the arrest of a senior employee for allegedly leaking classified information, calls for a fundamental shift in the security culture of the national police force to be led at the highest levels.
The newly disclosed report makes 43 recommendations, including training updates, stricter adherence to federal security screening standards and the possible introduction of random physical searches.
The review “confirms gaps in the security practices of the RCMP that could be closed or at least narrowed,” says a message in the report from the joint chairs of the exercise.
Cloud and Hybrid Working Security Concerns Surge
Concerns among global technology leaders about the security of cloud, datacenter and hybrid working environments have increased significantly over the past year, according to a new paper from the IEEE.
Respondents came from organizations with more than 1000 employees across multiple industry sectors, including financial services, consumer goods, education, electronics, engineering, energy, government, healthcare, retail, technology and telecommunications.
The number voicing concerns about cloud vulnerabilities increased significantly from a year ago. Some 51% highlighted them as a potential threat for 2023, versus 35% in 2022.
GitHub Bug Exposed Repositories to Hijacking
Security researchers have discovered a new flaw in GitHub which they say could have enabled attackers to take control of repositories and spread malware to related apps and code.
Although GitHub has now fixed the bug in its “popular repository namespace retirement” feature, the same tool could be targeted by threat actors in the future, Checkmarx warned. In fact, a separate vulnerability in the same tool was exploited earlier this year, enabling hackers to hijack and poison popular PHP packages with millions of downloads.
Data Breach of Missile Maker MBDA May Have Been Real: CloudSEK
According to the security experts, the folder included files detailing the confidential personally identifiable information (PII) of MBDA’s employees, alongside multiple standard operating procedures (SOPs) underlying the requirements for NATO’s Counter Intelligence to avert threats related to Terrorism, Espionage, Sabotage and Subversion (TESS).
Insider Risk: More Prevalent than Ever, According to Microsoft
When you think of insider risk, what comes to mind — fraud, IP theft, maybe even corporate espionage?
While those are all undoubtedly significant causes for concern, the reality is that the riskiest insiders in your organization don’t even know they’re doing anything wrong.
Insider risk can be both inadvertent and malicious, as described in the report. It is defined as the potential for a person to use authorized access to an organization’s assets in a way that negatively affects the organization. This access can be physical or virtual, and assets can include information, processes, systems and facilities.