Japanese National Police Agency Reports on COVID-19 Cybercrime Cases in First Half of 2020

As numerous countries around the world continue to grapple with the COVID-19 pandemic, it is important for governments and law enforcement to maintain a steady and comprehensive focus on the trends in COVID-related crime.  While reported rates for crimes involving physical force, such as assaults and property crimes, have dropped this year in multiple countries such as the United States, Canada, France, and the United Kingdom,  a number of those countries have also seen substantial increases in reported rates for cyberattacks and other cybercrimes exploiting the pandemic.  For example, Canadian firms reportedly have been “bombarded” by COVID-related cyberattacks, and the Federal Bureau of Investigation has reported on upsurges in COVID-related online fraud and various categories of cyberattacks (malware, phishing, and ransomware).

One country that is seeing a marked disparity between the reported incidence of physical crimes and COVID-themed cybercrimes is Japan.  This past summer, the Japanese National Police Agency (NPA) released statistics showing that for the first half of 2020, Japan was “on course to set a record for the fewest criminal cases in a postwar year,” with an overall 15.4 percent decrease in crime compared to the first half of 2020.

On October 1, however, the NPA released statistics showing that in the first half of 2020, police across Japan had handled 608 COVID-19 cybercrime cases. The principal categories of those cases included the following:

  • Face Mask Order Fraud: 286 cases (47 percent) were fraud cases that involved members of the public failing to receive face masks that they had ordered online.
  • Government-Benefit Fraud: 155 cases (25 percent) were apparent fraud cases in which people were sent suspicious emails, from alleged mobile phone companies, that instructed recipients to apply for government-offered cash benefits via a website link.
  • Credit-Card Theft: 55 cases (9 percent) involved the theft of credit-card data that would-be purchasers of face masks had provided.
  • Obstruction of Business: 57 cases (9 percent) involved obstruction of business, “such as false information posted online claiming that infected people were in certain eateries.”  Some of these cases reportedly led to police action.
  • Malware: The NPA also confirmed multiple cyberattacks on companies, which included hackers reportedly posing as a public health center and urging email recipients to open files attached to those emails.

In addition, the NPA reported a total of 885 fraudulent-money transfer cases in the first half of 2020 involving Internet banking services, with losses totaling approximately ¥512 million (US$4.8 million).  The NPA indicated that a majority of those cases involve cybercriminals falsely representing themselves as financial institutions or parcel delivery firms and urging victims to access phishing sites where their personal data can be stolen. Japanese police reportedly have arrested a small number of individuals who fraudulently applied for government funds intended to assist businesses during the pandemic.  So far, however, there are no indications that Japan, or any other country for that matter, can successfully track and apprehend a significant number of those responsible for COVID-related online crimes.

Federal Court Awards Centripetal Networks $1.9 Billion in Patent-Infringement Trial Against Cisco Networks

In recent years, a number of companies have embraced, in principle and practice, the concept of “efficient infringement” of other companies’ patents.  The concept, which bears some similarity to the concept of “efficient breach” in contract law, refers to the situation in which a company “deliberately chooses to infringe a patent given that it is cheaper than to license the patent.”

Because of various legal and regulatory changes over the past decade, Professors Adam Mossoff and Bhamati Viswanathan have argued, “a company economically gains from deliberately infringing patents” and “pays less in either legal fees or in court-ordered damages than it would have paid in a license negotiated with a patent owner.”  As they noted, a company’s calculation of the costs of efficient infringement fails to take into account that efficient infringement, like opportunistic breaches of contract, “threaten the viability of legal institutions and the policies that drive them, such as incentivizing investments and promoting commercial transactions.”

A recent federal court decision in a highly publicized patent trial may prompt companies to reconsider whether “efficient infringement” is necessarily less costly than licensing.  On October 5, 2020, the U.S. District Court for the Eastern District of Virginia, after a 22-day bench trial, found not only that Cisco Systems had infringed four patents that cybersecurity solutions provider, Centripetal Networks, asserted, but that the case was “an egregious case of willful misconduct beyond typical infringement.”

In support of that conclusion, the District Court made numerous findings and conclusions, including:

  • Four of the patents that Centripetal asserted were valid and directly infringed, and Centripetal had proved that direct infringement of each element of the asserted claims by a preponderance of the evidence;
  • Centripetal and Cisco were direct competitors with regard to the infringing software as well as firewalls;
  • Enhanced damages were warranted by the evidence, given Cisco’s willful infringement of the four patents; and
  • Cisco had pre-suit knowledge of Centripetal’s asserted patents.

Under the patent damages provisions of the relevant patent statute, 35 U.S.C. § 284, a court is authorized to “increase the damages up to three times the amount found or assessed.”  In this case, the District Court concluded that the relief due to Centripetal included the following elements:

  • Actual Damages: Actual damages that Centripetal suffered as a result of Cisco’s infringement totaled $755,808,545.  Because of Cisco’s “willful and egregious” infringement, those damages were multiplied enhanced by a factor of 2.5x to equal $1,889,521,362.50.
  • Pre-Judgment Interest: The District Court awarded Centripetal pre-judgment interest of $13,717,925 applied to the actual damages before enhancement plus Centripetal’s costs.  After adding the enhanced damages and pre-judgment interest, the District Court directed a total award of $1,903,239,287.50, payable in a lump sum due on the judgment date.
  • Running Royalty:  In addition, the District Court imposed a running royalty of 10 percent on the apportioned sales of the accused products and their successors for a three-year period, followed by a second three-year term with a running royalty of 5 percent on those sales.  The Court also specified that for the first three-year term of 10 percent, the annual royalty “shall not be less than $167,711,374.10 and shall not be more than $300,076,834,” and for the second three-year term of 5 percent, the annual royalty “shall not be less than $83,855,867.00 and shall not be more than $150,038,417.” (Emphasis omitted)

Cisco has stated that it will appeal this decision to the U.S. Court of Appeals for the Fourth Circuit.  It is possible that the Fourth Circuit could reach a different conclusion regarding the computation of damages and the running royalty.  It appears less likely, however, that the Fourth Circuit would reverse the District Court’s decision altogether, given the District Court’s thorough review of the evidence at trial and its efforts to reach its conclusion by comparing this case to other cases in which enhanced damages have been awarded.

In any event, this decision should serve notice that patent infringements can sometimes be highly inefficient for willful infringers.  Whether or not it indicates that the pendulum is beginning to swing, however slowly, in favor of smaller patentholders confronted with infringement by larger competitors remains to be seen.