I guess it’s a given that every major company has a well-staffed department which is charged with collecting and carefully studying what otherwise (if done by a government) would be referred to as open source intelligence: they collect every peace of information about their competitors and their products which are freely available, earning reports, court documents, white papers, patent filings, news paper articles, postings on blogs and social media and much, much more.
But I was wondering whether big companies go a step or two further than that and indulge in activities which are typically associated with intelligence agencies, for instance:
Would Motor Company A send out “agents” to sift through the garbage at the private residences of senior executives of Motor Company B and watch their every movement 24/7?
Would Motor Company B send out agents to bars which are known to be the favorite watering holes for employees of Motor Company A, have them eavesdrop on their conversations and maybe buy them drinks to loosen their tongues?
Would Motor Company A equip an airplane with state-of-the-art, high-end cameras and fly over the production facilities of Motor Company B, taking high-resolution pictures?
I’m only thinking about measures which are (I assume) not breaking any law, which means: no trespassing, no breaking into private homes, no planting of listening devices etc. Basically, only things that any private investigator (or really any private citizen) could do without getting into trouble with the law.
How about the time Ross Perot hired Bull Simons to put together a team of his EDS employees (he took the gig but refused money) to break some other employees of his out of an Iranian prison and then out of Iran?
Caveats: I am not a security professional and I do not claim to speak in any capacity for my employer.
Regarding the area I work in (oilfield services), the large multi-services companies surely engage at least some of the activities described in Wendell Wagner’s link. The specific company I work for, however, has a number of ethical policies in place which are enforced to the point that it would be highly unlikely that we would end up with a situation where operatives would, say, be sifting though competitor’s trash.
On the other hand, it would be only prudent to take steps to prevent that sort of surveillance from taking place by other competitors, and the large service companies have various internal security systems in place, the nature of which I don’t think would surprise anyone too much.
One further consideration is the monitoring of risks of political or social disturbances in the countries in which these companies operate. To that end, the usual thing is to contract with a private security company, typically made up of personnel with international military experience, to continuously assess operational risks and make recommendations to manage those risks. Although this occasionally may progress to the point of providing private armed guards for local staff (i.e. this was done by a French oil company in Angola during the '90s), I believe most companies would be rather leery of getting into any sort of paramilitary activities as the potential liabilities would be far too high.
Generally, if the local situation gets to the point where there is a significant risk of employees being caught up in violence or extended shutdowns of essential services, the company involved will suspend operations in the country, impose travel restrictions to that country, and will withdraw expat, and possibly local, personnel and their families if the situation warrants.
Yes. Some have more or less open departments tasked with keeping an eye on everything their competitors do, and it’s accepted that some part of those operations are “black.”
I’d say automakers and most traditional heavy industries are the least likely users. I mean, really, what’s GM going to find by snooping around Ford’s development lab, or vice versa? They’re likely more concerned about style and sales-oriented tactics than genuine trade secrets.
But tech and food… I wouldn’t put anything past the giants in those industries, or key small players (like specialty chip makers or flavoring labs). There, a small and possibly indetectible theft could turn a whole market’s tide.
I have worked two major companies (a world leading food production company and the industry leader in writing instruments) I have also worked for multiple energy companies as a contractor. NONE of them worked anything like what one would expect from an intelligence agency.
By this I mean:
[ol]
[li]Priviliged and even classified informtion was open for anyone to see - I have seen budgets, internal investigation paperwork, employee files, security diagrams, passwords etc left out in the open. And I wasn’t trying to look for these things; they were sitting on desks in unlocked offices where I had reasons to be.[/li][li]I have seen few efforts to integrate or get rid of disgruntled employees - I have had long-term employees tell me internal sectrets which a competitor would have paid me handsomely to reveal. I have overhead private conversations which, when added to other material, could have revealed the inner working of new product lines.[/li][li]I have seen employees commit all types of fraud and theft against these companies - From major fraud (which was finally caught) to simply ordering items and then taking them home (daily) to employees charging expensive meals on corp cards and then finagling expense reports to make certain that this would be approved.[/li][li]I’ve personally challenged people who were not where they were supposed to be - I was actually verbally counseled for this by a manager as I was deemed to be “hostile” to a contractor who was in the HR office when she had no reason to be.[/li][li]I have never seen a corporation sweep offices or phones for listening devices.[/li][li]I have witnessed employees exchanging details of confidential internal tests and interview questions[/li][li]I have taken cell phones and recording devices (not with the intention of recording anything) into meetings where things were revealed which could have caused serious issues for the company had they been released to the press or to an industry rival[/li][li]I’ve been to bars and clubs with current and former employees where things were discussed with people no longer part of the firm that would be valuable to the wrong people.[/li][li]I have taken home documents which I probably shouldn’t have at the INSISTENCE of my superiors just to get work done. I know of others who routinely do and several who have LOST company laptops with sensitive information[/li][/ol]
All of these thing would be ( I would imagine) verboten at any major intelligence agency.
My assessment: WHile they are obviously a few companies which are run like intelligence agency, they are likely the minority. And they probably fight a constant battle simply to keep things going in that matter.
I believe that any company could easily be penetrated by:
There’s an article in the February 10, 2014 issue of The New Yorker about a scientist who says that a company whose herbicide he had found problems with was collecting information about him and trying to use it to discredit him.
One problem with many of the clandestine intelligence activities described above is that they may constitute misappropriation of trade secrets. Which is a crime. The 5th Circuit case of E.I. duPont v. Christopher, 431 F.2d 1012 (1970) famously discussed the legality of using aerial photography to ferret out confidential information. The court ruled that this constituted an “improper means” of discovering the information, and denied the photographers’ motion for summary judgment. DuPont was asking for monetary damages as well as injunction prohibiting use of the photos.
So that’s a powerful disincentive to doing anything too hinky.
Yes, big companies have policies on the books that prohibit such ‘un-ethical’ activities.
So they hire other firms to do that.
Gives them the ability to deny that they do that, some legal distance in ccase of lawsuits, and the ability to blame it all on on over-zealous contractor who went too far beyond our instructions.
There are several large firms who make a lot of money doing this; much more money than they could get from Mom-and-Pop companies.
My first meaningful exposure to the idea of serious corporate espionage was Jurassic Park. How often do companies really and truly do that kind of stuff, with double agents (or “double employees”), spy gear, meeting your contact by the docks, living a life of danger, etc.? If I want to become a corporate spy, who do I talk to?
This. I don’t have any first hand experience, or even second-hand hearsay, but that’s the way big companies work. They’d much rather outsource something that’s not in one of their core businesses than spend the effort to develop it themselves.
Plus, I think anyone who thinks that big companies are inscrutable, tightly run ships with their own intelligence-gathering apparatus and counter-intelligence operations is drastically overestimating the competence of big companies.
A company I worked for was sold to another, bigger company for a BILLION dollars, and the smaller company was rife with incompetence and stupidity. Business-side leaders who made just… dumb decisions. Stuff that newly minted MBAs know better than to do. Bad market analysis. Not seeing the forest for the trees. Thinking they knew better than the operations “boots on the ground” in the field. If we’d have had a corporate intelligence gathering apparatus, it would have probably been some James Bond wannabe asshole promoted from sales who’d go to trade shows, get drunk and hit on women, not some Sidney Reilly master spy gathering pertinent and timely intelligence on our competitors’ moves.
In a large-scale example, the writing had been on the wall for Blockbuster for a decade (we even wrote a MBA-school paper on why they’d fail in 2002), but it took until last year or so for them to finally expire. Same for Kodak. Both of those were HUGE companies, and yet neither of them could find their asses with a flashlight and a map when it came to grand business strategy. Think about the big 3 automakers- they seem to perpetually struggle… despite having strong revenue in most cases. They clearly didn’t have the intelligence gathering capacity to figure that shit out even while they were circling the bowl.
You’re conflating two different things here: that the company as a whole, or divisions of it, might be bumbling boobies, and whether some division, probably admin, R&D or marketing, has a “spy” department. There is likely no company of any size that doesn’t have such a department, even if it’s called “market research” and does nothing but above-board activities. It’s probably still called “market research” when it uses underhanded techniques, active spies and moles - who don’t need to be Bond James Bond. As pointed out above, many companies leave sensitive information lying all over the place, so someone who gets access to labs and offices of competitors on any basis can bring back intelligence.
Saying companies have such departments and do such spying/info theft doesn’t mean it’s on a spy-movie level of glamor or capability. It sure as hell doesn’t mean the company uses the information well, or even that important players know the department and info exist. The “dark” stuff often reports to one high-level person, who may use it on a corporate strategy level or only to pad his own portfolio. Or, more likely, to make sure his division outmaneuvers everyone else’s, however detrimental that might be to the company as a whole.
It’s true that market research is the analog of intelligence if you’re comparing companies to military organizations, but the OP was asking if they run some sort of CIA-style black ops and/or intelligence gathering operations. I doubt that many do; the expense, time and potential liability just isn’t there for any company that I can think of. Hell, just the hint of that kind of thing is likely to get a company slapped with a suit, much less some dude in a tactical turtleneck actually sneaking into the building and taking photos with a Minox.
All companies do some form of market research, and I don’t doubt that they release misinformation in varying degrees, but it’s all likely done through the normal product development / market research and marketing departments, as well as maybe a few savvy recruiters who try and poach people from competitors whose technology/secrets they want, since even with non-disclosure agreements, people will still spill little parts of the beans in their daily work- “Back at company X, we did it this way.” and then sharp people can infer valuable info from that.
But I doubt they hire hot chicks and send them to run honeypots on competitors’ executives or managers, and I doubt they’re hacking each other’s computers, or anything like that. At the very best, they hire some other firm to do that in some believable way, or they just don’t do it.
The most I’ve seen done in the consumer electronics industry was one company sent engineers on job interviews at their competitors to see what projects they were working on to get a sense for what new products would be the next best thing.
I do remember hearing that GM hired private detectives to help discredit Ralph Nader. That’s sort of covert.
I also recall this story of someone trying to sell the Coke formula to Pepsi. Pepsi immediately alerted Coke.
For large corporations - generally -
It’s a wonder they work. They combine the worst of bureacracy and psychopathic capitalism. Decisions are mae (or often, put off) in arbitrary and inconsistent ways. Things that should be done often get delayed.
Having said that, the exceptions are the companies that HAVE to be lean and efficient. If Apple stumbles, it will become Blackberry. Hi Tech, fast-changing business, etc. - the ones that can’t function effectively, quickly stop all functions.
When you hear about these cases, typically it involves overzealous “investigators” of the lawyers hired to win the case, possibly directed by the legal department head of the company. If the lawsuit or bad publicity from the other side hurts, a legal outfit that can get rid of this, or a security company that can help make the problem disappear are probably looking at a good commission - no doubt an incentive to be zealous.
I’m not sure character assassination would be efffective. Even if they could have countered Nader with “why listen to that guy? He’s a frooty boy and deadbeat dad who worships satan and murders kittens…” Would that have made people ignore Nader’s message, or would it backfire and generate more publicity?
Then there’s the companies that legitimately consider themselves under seige - pharma, oil pipeline companies, forestry, etc. The protesters they typically encounter would not be satisfied unless the company basically closed shop and stopped doing business. Quite often some protest tactics are questionable or outright illegal. The stakes can be hundreds of millions of dollars.
No surprise if these companies feel under siege. Even without illegal activity, they will want to keep tabs on the opposition, and I’m sure this often includes buying information or undercover investigators “joining” the protesters. Where illegal activities may happen, it’s convenient if the company can have the authorities ready or hand them evidence on a silver platter. At very least, it helps if they beef up security when things are happening…