NextFin News -- Attorney Cui Can has long handled cases involving trade secrets. The one that left the deepest impression on him was a man aged only 26.
He had worked at Company A for a year, then jumped to Company B—a direct competitor—and went undercover there for two years and four months. With a decent educational background and solid technical skills, plus the gift of gab, he became close friends with many of Company B’s engineers over those two-plus years. “If he’d stayed a few more years, he might even have had a shot at becoming a key member of Company B’s core team, or moving into mid- to senior-level management,” said an engineer at Company B.
If he hadn’t resigned so abruptly—and if his return to Company A hadn’t coincided with the moment Company B was about to release a major technology—no one would have suspected that this young man was a spy planted by a rival.
Company B quickly went back through his work computer and the surveillance footage. For more than two years, core information and drawings had been steadily funneled to Company A.
Because the amount involved was enormous, the young man could end up going to prison in just his third year after university graduation, spending the next three to ten years behind bars. Cui Can felt a deep sense of regret for him.
The client’s reaction also stuck with Cui Can. Right up to the stage when the criminal case was formally filed, the person in charge at Company B still couldn’t wrap his head around it: “We were traveling together on business and drinking together just last month. Why would he do it? Why would he do something like this?”
It felt straight out of Infernal Affairs, a Hong Kong crime movie.
Cui Can compares trade-secret “spy wars” between big companies to a war without bloodshed.
It doesn’t happen on a battlefield, but in offices, factory workshops, coffee shops—or even in an ordinary social media post. A delivery rider, a maintenance worker, a young engineer on their first job, or even a longtime employee the company trusts completely can all become an outlet through which information leaks.
There are no gunshots in this war, but the casualties are real. A stolen formula, a single drawing, a segment of source code—any of these can directly rewrite a company’s prospects for survival, and even reshape an entire industry. People caught up in trade-secret leaks may face anything from compensation claims to prison time. Like military conflict, its ultimate aim is to put competitors out of business.
But on the other side of the scale, “protecting trade secrets” is increasingly being overused—gradually turning into a weapon for large companies to monitor employees, punish those who leave, and even torpedo rivals’ fundraising and IPO plans.
Below is Cui Can’s account, in his own words:
The Hidden Battlefield of Corporate Competition
As a lawyer who knows trade secrets inside and out, even I sometimes find it hard to clearly define what, exactly, a trade secret is.
If you go by the legal definition, it’s straightforward: technical information and business information that is not known to the public, has commercial value, and for which the rights holder has taken appropriate confidentiality measures.
More specifically, it comes down to three words: secrecy, value, and confidentiality. For example, technical information such as formulas, drawings, source code, and AI model training data—as well as business information such as pricing strategies, operating costs, and customer lists.
Sounds easy enough to understand, right? But once it gets into actual cases, what counts as a secret? Under what circumstances does a secret have value?
Take customer lists, for instance—do they count as trade secrets? On that single question alone, legal academia has produced countless papers, and courts across the country have issued countless representative decisions, with no uniform view.
The truth is, the rules around trade secrets are already quite detailed—but no matter how detailed, they still can’t keep up with the endlessly changing real world. These finer points have to be assessed case by case, and they’re actually very complex.
In real life, the methods for obtaining trade secrets aren’t nearly as high-tech as in the movies. More often than not, business leaks start with people.
The most common method is poaching. Not just picking off one person here and there, but hiring in bulk—poaching whole departments, or even taking an entire business team.
From the cases I’ve handled, using poaching as a way to obtain trade secrets has been becoming more and more common. In many fast-growing industries, money alone isn’t enough—you also have to have the technology.
In sectors like large AI models, embodied intelligence, and new energy, offering double or triple salaries to lure people away has been commonplace. If you offer someone a price they simply can’t refuse, it’s hard for them not to be tempted. If a company acquires a competitor would cost 200 million yuan, but poaching 20 core talents only costs 20 million yuan, of course it will do the math.
A typical case is Geely v. WM Motor. After WM Motor was founded by a former Geely executive, it systematically poached more than 40 of Geely’s executives and key technical staff—reportedly tantamount to taking away an entire chassis R&D team. In the end, the court found trade secret infringement. The case also became a trade secret case in China with the highest damages to date, with an award of more than 600 million yuan.
So you’ll find that while many trade secret cases look like technical disputes on the surface, at their core they’re really wars over talent.
The Shanghai Third Intermediate People’s Court and the Shanghai Intellectual Property Court once jointly released a report on how trade secret cases were tried. Between 2015 and 2023, nearly 90% of the trade secret civil cases accepted by the two courts were triggered by employee mobility. And every single trade secret criminal case was caused by talent movement.
Besides poaching talent, another common approach is commercial bribery.
Some external consulting firms, under the banner of “expert interviews” or “industry research,” approach employees currently working at big tech companies and pay them for information. I once read a report saying that the fees these firms offer can be one to two thousand RMB per hour for rank-and-file staff, while senior managers or people with special access can command tens of thousands.
This has almost become a full-blown industry chain in the internet sector.
An even more covert method is corporate espionage. Commercial bribery means buying off someone who already works at your company; corporate espionage means I plant my own person inside.
Some spies are fairly low-level—they might disguise themselves as a delivery rider, a water delivery worker, and the like, to observe a factory’s layout and production environment. This usually only yields surface-level information.
What’s truly dangerous are people who know what they’re doing. Take an engineer, for example: they understand the technology and join your company with a clear objective. They can tell at a glance which materials are valuable. This kind of professional spy can steal secrets without downloading excessive files or drawing attention.
Some companies take an even longer-term approach, sending young people with clean backgrounds and no obvious baggage to competitors. It doesn’t matter who ends up making it; these people often don’t know one another, and they’re typically managed through single-line contact.
Of course, in recent years there has also been more and more digital theft and leakage of secrets.
When people hear “digital espionage,” their first reaction is often hacking—high-end, movie-style technical intrusion. But from the cases I’ve handled, what actually happens most frequently are very everyday actions.
For example: sharing a cloud-drive link to the wrong group chat; downloading a copy of the PPTs and business documents you worked on before leaving; sending company files through your personal WeChat; or casually posting a photo of the work area, or “anonymously” venting, on Xiaohongshu, WeChat Moments, or Maimai.
A lot of people do this unintentionally, or don’t even realize they’re leaking information—they’re just sharing their lives. But to professionals with bad intentions, the background of a single photo can be enough to pinpoint your floor and room, and everything you post can be pieced together into usable intelligence.
So after handling so many cases, I’ve felt this more and more strongly: people are the easiest link in the entire security chain to break.
In many large companies, technical security defenses aren’t actually that easy to breach. The most destructive methods are often the simplest. Someone who’s trusted by mistake can access a great deal of the company’s core information—and steal whatever they want, however they want.
Many trade-secret cases ultimately come down to an internal betrayal—a disaster that starts from within.
The Hefty Price of a Leak
Once a trade secret is leaked, what’s the price?
You can look at cases like this from two sides: the consequences the leaker must bear, and the losses the company will suffer.
For the leaker, many people think the worst that can happen is paying some compensation or getting fired. But in reality, the liabilities behind trade-secret cases are extremely serious, and typically fall into three categories: civil liability, criminal liability, and administrative liability.
The first is civil liability—paying money. For example, in the Geely–WM Motor case mentioned earlier, because it constituted joint tort liability, the individuals involved also had to bear joint and several liability. Just imagine it: if an ordinary person really ends up saddled with hundreds of millions in compensation, their life is basically over. Frankly, it might even be worse than doing time.
The second is criminal liability. The crime of infringing trade secrets has actually existed for many years. In some core industries, the value of trade secrets can easily be assessed as extremely high. R&D costs, potential returns, and competitive losses may all be factored in. You think you “just took a bit of material” or “only sent out a little information,” but from the company’s loss perspective, the amount can skyrocket in an instant. After the 2020 amendment to China’s Criminal Law, the sentencing range for trade-secret infringement was further increased, with the maximum reaching ten years.
The third is administrative liability. Market-regulation authorities can also punish trade-secret infringement, and the fines can be quite substantial.
So I genuinely want to remind everyone: don’t fixate on the small amount of money in front of you. Once you cross the red line, the consequences can be terrifying.
From the perspective of the company whose secrets were leaked, the damage isn’t just a vague “impact on the business”—it can very well wipe out the entire company.
In technology-intensive industries, technical strength decides your fate. Take chips: everyone buys only the best, and the winner takes all. Or take the most common example, the new energy industry—improving a battery’s efficiency by just 0.2% is already a major technological breakthrough. Once the technical edge is gone, or the technology gets stolen, the company may be finished—and the entire competitive landscape can change.
Then there’s the fiercely competitive internet sector. When Taobao Flash Sale and Meituan were fighting most intensely, if I could get the other company’s subsidy strategy, then the next day I’d only need to subsidize slightly more, and order volume could shift immediately. The economic value it creates is far beyond what most people imagine.
And there’s other operational information that may look less “technical” but is just as valuable—like a competitor’s internal structure, who truly holds power right now, what style the key decision-makers have, and which people on the team can be poached. In cutthroat competition, all of that turns into a weapon.
In an environment like this, startups are in real danger.
A lot of startup founders are truly capable, or they have a genuinely new technology in hand. But their biggest problem is that the technology is valuable, while the safeguards are flimsy. If I were an investor, and I couldn’t acquire the company, I might be able to obtain the technology illegally at a very low cost.
Dealing with this takes a lot of money and time. Many startup bosses don’t take it seriously at the beginning—often they only start “making up the lesson” after getting burned badly once.
When it comes to preventing trade-secret leaks, big companies generally do a more comprehensive job. On the technical side, the most common measures include things like embedded codes, invisible watermarks, and access logs in many documents. Don’t think that snapping a photo with your phone, taking a screenshot, or transferring it using a different device means no one will know. A lot of the time, the company can trace it back.
They also turn trade-secret protection into institutionalized systems, building it into HR training and employee risk-control management—for example, integrity-and-compliance training and quarterly risk-control briefings. Who got sent to prison over trade secrets, who was fired for taking kickbacks, who was held accountable for forwarding files—once these cases are brought up, people are likely to be “scared” into line. This is, in fact, a sophisticated and lawful form of “intimidation” that can be deployed effectively across most of a company.
Of course, these days many big companies cite information security and trade-secret protection to “monitor” employee behavior with increasing granularity—and sometimes they cross the line.
Trade Secret Protection or Employee Control?
I’ve been feeling this problem more and more clearly: monitoring and punishment in the name of trade secrets are being overused.
I’ve met many workers bound by non-compete restrictions. To be honest, how significant a trade secret can 99% of them really have access to? Many of them are just ordinary P5 or P6 employees, yet companies will casually sue them—claiming trade secrets—and demand liquidated damages worth two, or even five, times their annual salary.
Sometimes I ask corporate legal teams: why do you do this? Legal will thump their chest and say, we’re doing it to protect the company’s trade secrets.
But what I’m thinking is: spare me—there’s nothing that noble about it.
More often than not, it’s just a superficially righteous-sounding pretext. Lawsuits are becoming a means—and a weapon—for messing with people. I’ve seen far too many companies dress things up with all kinds of bizarre excuses when, in reality, it’s just different internal factions purging dissent.
This shift is also deepening the crisis of trust between companies and employees.
Take internet companies, for example. Ten years ago, when people talked about this industry, the words they used most were “open,” “innovative,” “inclusive,” and “encouraging individual initiative.” But ask a young person today: how would they describe the big tech giants?
For many, the first reaction might be: huge companies, rigid systems, endless rules—feeling like just a cog in the machine, with no sense of value. And then there’s the grind. Unhappy.
Of course, there are many reasons for this change. But I think a lack of trust between employers and employees is a major part of it.
When a company trusts its employees less and less, its management is bound to become stricter and stricter. And that strictness slowly erodes employees’ initiative.
These days I often handle non-compete cases involving big tech firms, and I’ve found that new hires are asked to sign far more paperwork than in the past. The employment contract runs ten or twenty pages, followed by a confidentiality agreement, a non-compete agreement, all kinds of letters of commitment, and even sessions on learning the company rules.
A young graduate, new to the company and not even started working yet, is immediately confronted with a pile of clauses: the non-compete agreement stipulates liquidated damages of five times their annual salary; the confidentiality agreement is more than ten pages long, repeatedly stressing what counts as confidential information, what behavior will get you fired, and what behavior will get you held accountable. After reading all that, how do you think they’ll feel?
That initial spark when they joined—if it isn’t extinguished—will be a lot smaller.
In the work that follows, employees will inevitably put “safety” first. They’ll think: I can sacrifice efficiency, I don’t have to chase the optimal solution, I can communicate less, speak up less, share less—but I absolutely cannot make a mistake.
From an individual’s perspective, there’s nothing wrong with that. But at the company level, efficiency, innovation, and collaboration all suffer.
When people resign, that lack of trust becomes even more pronounced.
Some companies view every departing employee as a potential risk. They think: we’ve spent years training you—are you going to walk away with our trade secrets? Are you heading to a competitor? Are you going to poach our clients and use our technology?
Then they either invoke a non-compete, or go after trade secrets—working backward to check what files the employee downloaded, what emails they sent, and what systems they logged into before resigning.
But sometimes companies should also ask themselves honestly: what exactly do you have that’s truly worth protecting? You say the company spent years developing an employee—but that employee also spent years working for the company. A company can’t focus only on what it invested while ignoring what the employee has already delivered. If both sides remain stuck in this guarded, mutually suspicious posture, trust can never be built.
Over the past few years, I’ve clearly felt labor-management tensions widening. People who are constantly being targeted by their bosses, or who are on the verge of being laid off, can develop tremendous resentment toward the company.
I previously handled a case involving a young person who hadn’t been in the internet industry for long. His boss wanted to “optimize” him out. He was furious. Around that time, a consulting firm contacted him and offered to pay for his advice, and he agreed.
That young man later told me that, at the time, anger had completely clouded his judgment. He only took payment for two hours, but he talked to them for more than a dozen hours—basically giving them a bunch of extra time for free. They even offered to pay more, and he said no: we agreed on two hours up front, so I’ll only charge for two hours. I don’t care about the money—I just want to give you the information.
Of course, the company eventually found out. Although it didn’t rise to the level of a criminal offense, the whole thing turned very ugly. He deeply regretted it himself, but by then it was too late.
There’s also another trend now: the right to sue over trade secrets and non-competes is being maliciously used as a tool of commercial warfare. For example, “sniping” an IPO or “sniping” a fundraising round—things like this are especially common in the new energy sector.
Let me give you an example.
There was a PhD with exceptional technical capabilities. He used to be a vice president at a new energy company, and later left to start his own business. His company grew quickly, and it raised money quickly too. In the end, a highly important major institution was preparing to come in. If that money had come in, the company’s valuation and its industry influence would have moved up noticeably to the next level.
Right at that moment, his former employer suddenly initiated litigation related to the non-compete and trade secrets, claiming that this key person had violated the non-compete, demanding that he cease the infringement, and seeking damages.
Before leaving, this PhD had actually been extremely cautious. Worried about disputes down the road, he had signed an agreement with his former employer: he gave up some stock options and bonuses in exchange for a promise from the former employer that it would not pursue non-compete or trade-secret liability against him in the future. The company also issued a written undertaking at the time.
But even so, the company—despite knowing full well that such an undertaking existed, and knowing the case would very likely be unwinnable—still filed the lawsuit at this critical fundraising juncture.
In the end, we won the case, but the financing fell through, the window of opportunity was missed, and commercially speaking, we still lost.
So as you can see, trade secret protection is not a simple matter of right or wrong. Of course, companies need to protect their core trade secrets—because this can be a matter of life or death for a business. But if “protecting trade secrets” is expanded without limits and turns into a tool for monitoring employees, punishing those who leave, targeting entrepreneurs, or even waging internal power struggles, it can just as easily undermine a company’s development and growth.
A company needs to guard against competitors, but it can’t treat every employee as a competitor. (Reporting by Cheng Jiajia and editing by Zhou JInyu; copyright: Jingxiang Workshop)
Explore more exclusive insights at nextfin.ai.
