Wednesday, May 27, 2009

Jail for commercial/industrial espionage

Charles Tan Chye Guan (Managing Director of a company called “du Lexbuild International Pte Ltd) is probably the first man in Singapore to be sent to jail for 3 weeks and fined $5,000, for a commercial or industrial espionage case. In this particular case, he had downloaded a confidential computer file from a notebook computer belonging to the DSTA into his thumbdrive. Defence Science and Technology Agency or DSTA is the consulting arm of the Ministry of Defence.

By doing this unauthorised downloading, the accused committed an offence under section 3(1) of the Computer Misuse Act. The key relevant words of this sub-section are
"any person who knowingly causes a computer to perform any function for the purpose of securing access without authority to any program or data held in any computer
".

He pleaded guilty to the offence and was sentenced by the Subordinate Courts. He then appealed to the High Court regarding his sentence but Justice Choo Han Teck dismissed his appeal. Among the facts justifying his jail sentence when previous offenders who were former employees of Citibank were only fined, were the information related to a tender for a contract to build the SAF’s Munitions Storage Container System (“MSCS”) (in other words, an ammunition rack) and this information was "not devoid of military signifance" (to quote the judge).

It is possible that the accused could also have been charged under section 9 of the Computer Misuse Act which deals with protected computers which includes computers containing national defence information. The punishment for this could be up to 20 years jail.

One important point to note is that if the accused had seen hard copy of the relevant information and had used a handphone camera to take pictures of it, it is unlikely that he would have committed any criminal offence, although an offence under the Copyright Act might be a remote possibility.

JEL Corporation - charges laid

The Business Times in January 2008 reported that the fraud investigation arm of major audit firm KPMG, KPMG Forensics, had found creative accounting in listed company JEL Corporation's accounts for Financial Year 2006 and the first half of Financial Year 2007. The creative accounting resulted in overstatements of profits of $11.84 million. Among some of the tricks used were the creation of fake invoices and accounting documents. These were designed to show transactions with other companies when such transactions were fake.

For details, please refer to http://137.132.179.30/Portals/0/images/CGFRC/docs/CG_News_Feb_2008.pdf.

As of today, 28 May 2009, latest news is that several persons have been charged in court in relation to the above accounting. Ng Soon Heng, the financial controller and JEL's ex-CEO and chairman Eric Tan Boon Yong, ex-deputy CEO and CFO Wee Teck Han and ex-COO Eric Leow Hock Leong were those charged. It is unclear what offences they were charged with but likely offences would be under the Companies Act, and since JEL is also listed, there are also possible offences under the Securitites and Futures Act.

Tuesday, May 12, 2009

Corporate espionage

Do we need criminal laws on corporate espionage in Singapore?

Where an employee steals confidential computer data from his employer, the Computer Misuse Act may well be the appropriate statute to punish the wrongdoer. See for example, the recent Citibank cases where its ex-employees were heavily fined for stealing client data.

Is it possible that in some situations, the employee may steal valuable data without the use of computers or the like, cause massive damage to his employer, and yet not be liable under current criminal laws? I think that you could in some situations use the Penal Code or other statutes against such an employee but their applicability is by no means clear.

If anyone has come across a situation where there is a big loophole in this area, I welcome your contribution.