As a competitive intelligence company, we are all too familiar with the misconceptions about the ethics of intelligence gathering. The latest allegations surfacing in the cases of Waymo v. Uber and Jacobs v. Uber, have once again called mainstream attention to the ethical line between competitive intelligence (CI) and corporate espionage. These terms are often used almost interchangeably, presented as equally questionable business practices and nothing could be further from the truth.
Corporate Espionage -- also referred to as Economic or Industrial Espionage -- is classified by the illegal theft and use of stolen information. This practice involves the intentional and covert use of tactics like hacking or wiretapping to steal trade secrets from competitor's proprietary systems and softwares. Unlike Corporate Espionage, Competitive Intelligence is a strategy that uses legitimate, open source research tactics (web scraping, social media monitoring, etc.) to gather information on competitors and market changes to inform strategy and decision making.
Based on the allegations cited by Richard Jacobs
in the (redacted) letter published online, we thought it would be a good opportunity to illustrate and explain the ethics of CI and where organizations can cross the line.
(It's important to keep in mind that these are still just allegations.)
According to Jacobs' letter, Uber used illegal intelligence gathering tactics to steal trade secrets from competitors. Instead of going through open source channels, the company is alleged to have intentionally hacked into competitors' databases to collect and store information on employees, financials, business plans and more. In addition to hacking, the company is accused of using underhanded tactics to gain access to closed social media groups for the purpose of gathering "threat intelligence" on protests and union groups.
Hacking is not part of the standard operating procedure in ethical CI strategies. For example, CI Radar
uses web crawlers to perform open-source research on public websites that anyone can access. We do not hack into private servers to steal trade secrets from other companies. Hacking is a characteristic of corporate espionage, not competitive intelligence.
In addition to hacking, Jacobs alleges that Uber also used wiretapping to gain intelligence on competitors, government entities and union groups. If true, this is a serious allegation for any organization to go up against. The use of wiretapping to gain information is a direct violation of state and federal laws. In this case, Uber is accused of setting up surveillance operations in private facilities at hotels and conference venues used by competitors' executive teams for meetings. These operations allegedly delivered live updates, including video and photos, to Uber's executive team.
Hopefully this is already well-known, but ethical intelligence gathering tactics never include wiretapping or breaking state and federal laws. That kind of approach pretty obviously qualifies as espionage.
According to Jacobs, Uber stole competitor trade secrets using customer and driver impersonation. Personnel from the company allegedly impersonated real people online to monitor competitors and opposition groups by accessing closed groups on social media. Jacobs also reported that in 2016, city teams in different locations were impersonating partner-drivers or taxi operators to get into private WhatsApp messaging channels. In his letter, Jacobs said that he discovered a playbook for the operations team that explained "how to infiltrate such closed social media groups."
Again, we really hope that this goes without saying, but impersonation (also affectionately known as catfishing) is not a standard CI practice. This type of threat intelligence gathering violates several laws and qualifies as stealing trade secrets. Ethical CI programs and companies like ours that track online activity, only monitor social media and competitor communications through open-source channels that are available to the public.
4. Destroying Records
This could be considered one of the "bombshells" in Jacobs' letter. He alleges that Uber "implemented a sophisticated strategy to destroy, conceal, cover up, and falsify records or documents with the intent to impede or obstruct government investigations as well as discovery obligations in pending or future litigation."
Jacobs details his attempt to implement a shared research portal where information would be archived. Again, if his allegations are true, he was met by opposition from senior leaders who did not want to keep documented records of the intelligence they gathered, which is out of the ordinary for corporate intelligence programs of this caliber. He also reports several other instances of the organization using communication systems that would destroy messages upon receipt, and using attorney-client confidentiality for documents with questionably sourced intelligence.
This is where you can clearly separate ethical CI strategies from corporate espionage. When an organization is following standard protocol, a shared research portal is an invaluable resource for analysts and key stakeholders. Documents and articles that are gathered through open-source research and contain key intelligence, are something that most organizations want to save for strategy and decision making -- not necessarily burn after reading.
Hopefully, we've helped to clarify a bit better what differentiates competitive intelligence from espionage using several of the examples posed in the Jacobs v. Uber letter.
CI is a smart business practice for companies that want to remain competitive in an increasingly complex business world. Engaging in covert operations like corporate espionage is a dangerous game that leads to legal investigations and allegations like the ones that Uber is facing now.
To learn more about ethical competitive intelligence and its history, download our guide on the History of Competitive Intelligence.