Following a jury trial in the United States District Court for the Southern District of New York, Sergey Aleynikov was convicted of stealing and transferring a proprietary computer source code used in his former employer’s high-frequency trading system, in violation of the Economic Espionage Act of 1996 (“EEA”), 18 U.S.C. § 1832, and the National Stolen Property Act (“NSPA”), 18 U.S.C. § 2314. On appeal, Aleynikov argued that his conduct did not constitute an offense under either statute because 1) the source code was not a “stolen” “good” within the meaning of the NSPA and 2) the source code was not “related to or included in a product that is produced for or placed in interstate or foreign commerce” within the meaning of the EEA. The United States Court of Appeals for the Second Circuit agreed with Aleynikov and reversed the District Court’s ruling.
Aleynikov worked at Goldman Sachs & Co. (“Goldman”) from 2007 to 2009 as a computer programmer, developing source code for Goldman’s proprietary high-frequency trading system. Goldman does not license this system to anyone, and closely guards its secrecy . The company’s confidentiality policies required Aleynikov to keep all of Goldman’s proprietary information confidential, including any intellectual property created by Aleynikov. These policies also forbid Aleynikov from taking Goldman’s proprietary information with him upon leaving the company.
In April of 2009, Aleynikov joined Teza Technologies LLC as an Executive Vice President to develop Teza’s high-frequency trading system. While it might normally be expected to take years to develop such a system, Teza’s founder conveyed to Aleynikov that he wanted the system completed within six months. On his last day at Goldman in June of 2009, Aleynikov encrypted and uploaded to a server in Germany more than 500,000 lines of source code from Goldman’s trading system, including code for the infrastructure, algorithms, and market data connectivity programs. After the uploading, Aleynikov deleted the encryption program and other artifacts of the uploading. At his home in New Jersey, Aleynikov downloaded the source code from the server in Germany to his home computer and copied some of the files to his other computers. Two months later, Aleynikov flew from New Jersey to Chicago to attend meetings at Teza. He brought a flash drive and a laptop, which contained some of Goldman’s source code. The next day, the FBI arrested Aleynikov upon his return to Newark Airport.
An indictment by the U.S. Government charged Aleynikov with violating the EEA, the NSPA and the Computer Fraud and Abuse Act, (“CFAA”) 18 U.S.C. § 1030. Aleynikov moved to dismiss the indictment for failure to state an offense, and the District Court only dismissed the CFAA count. The jury convicted Aleynikov on the EEA Count and the NSPA counts. Specifically, with respect to the EEA count, the District Court found that the stolen code was a trade secret that the trading system constituted a “product” to which the source code related, and that the system was “produced for” interstate commerce. With regard to the NSPA , the District Court held that the source code for the trading system constituted “goods” that were “stolen” within the meaning of the NSPA. Aleynikov was sentenced to 97 months of imprisonment, a three-year term of supervised release, and a $12,500 fine.
On appeal, the Second Circuit Court of Appeals analyzed the scope of the NSPA and the EEA. First, the Second Circuit examined whether Aleynikov’s acts of uploading source code to a server in Germany, downloading the source code to his computer in New Jersey and later transferring the source code to Illinois qualified the source code to be considered stolen “goods” within the meaning of the NSPA. In determining that the source code did not constitute stolen “goods” within the statutory definition, the Second Circuit joined several other circuits in relying on Dowling v. United States for the proposition that theft and subsequent interstate transmission of purely intangible property is not within the scope of the NSPA. The Court further noted that storing an intangible property on a tangible medium does not transfer the intangible property into a stolen good under the NSPA. Because Aleynikov did not “assume physical control” over a stolen good when he copied the source code and did not “deprive [Goldman] of its use,” he did not violate the NSPA.
The Court next considered whether Aleynikov violated the EEA. In interpreting the EEA, the Second Circuit noted that products “placed in” commerce under the meaning of the EEA are products that have been introduced into the stream of commerce, and have reached the marketplace. Alternatively, products that have not yet been “placed in” commerce but are intended to reach the marketplace can be termed as being “produced for” commerce under the EEA. The Court found that Goldman’s system was neither “produced for” nor “placed in” commerce because Goldman had no intention of selling the system to anyone, and concluded that Aleynikov’s theft of source code relating to that system therefore was not an offense under the EEA. Thus, although Aleynikov should have known that his conduct was in breach of his confidential obligations to his former employer Goldman and dishonest, the Court found that it was not violative of either of the EEA or the NSPA.
For practitioners, the Aleynikov decision is a stark reminder to ensure proper safeguards are in place to prevent and detect the theft or other misappropriation of proprietary information, whether electronically stored or otherwise. At least one commentator has suggested that the U.S. Government might have prevailed in Aleynikov by including a criminal copyright claim in its charges. Aleynikov may of course still face a civil action for trade secret theft in state court.