Waymo, Uber Smokin’ Due Diligence Report is on Fire

The Waymo v. Uber court battle continues to captivate us, as the federal court made public the August 2016 due diligence report which Uber’s outside counsels had contracted Stroz Friedberg to conduct prior to the purchase of the self-driving startup Ottomotto. The 34-page document appears to pour gasoline on the smoldering question, Did Uber know that Ottomotto was founded and created off the purloined intellectual property of Google’s Waymo?

The task given to Stroz in March 2016 indicates Uber was checking all the boxes prior to the purchase—or perhaps the company was a bit suspicious.

“… whether or not certain Ottomotto employees – Anthony Levandowski (“Levandowski”), Lior Ron (“Ron”), Don Burnette (“Burnette”), Soren Juelsgaard (“Juelsgaard”), and Colin Sebern (“Sebern”) (collectively, the “Diligenced Employees”) engaged in the following:

    a) took with them or retained confidential and/or proprietary information from their former employer, Google, Inc. (“Google”), that might be relevant to counsel’s determination that one or more of the Diligenced Employees may have violated their confidentiality agreements with Google; and

    b) participated in actions that might be relevant to counsel’s determination whether one or more of the Diligenced Employees breached their non-solicitation, non-compete, or fiduciary obligations in connection with their move to Ottomotto.”  

Interesting, especially looking back, was Levandowski’s two side-letters with Stroz that limited the provision of “Google Information” to the above.

What Was Found

The Stroz team forensically preserved 28 devices and 25 cloud-based repositories of the four former Google employees. From these devices and repositories, Stroz preserved 100,000 potentially relevant documents (email, chat, text and documents), 74,000 potentially relevant images and 176,000 source code files.

A second-level review parsed the information, providing a narrower focus, resulting in “1,383 files in Relativity; 69 chat messages and approximately 534 pictures.” The source code files were not included in the second-level review.

Levandowski’s Interview and Forensic Results

During Levandowski’s interview, he admitted that he kept Google’s information on his personal laptop, in a Dropbox folder and a downloads folder. He also admitted that he would, as a matter of course, email Google files to his personal email account and used “USB drives to transfer data between his desktop to the self-driving cars.” He provided assurance that any and all USB drives containing Google data had been appropriately destroyed.

DevOps Unbound Podcast

The report also reveals the existence of meetings led by Levandowski with Google employees to discuss exiting Google and creating a startup. Beginning in June 2015, Levandowski began a series of ongoing meetings with Uber executives. He asked an Uber executive, Brian McClendon, then vice president of Mapping at Uber (who resigned from Uber in March 2017), how much Uber would pay for the Google team. Levandowski was seeking a “market value.”

Stroz investigators were told by Levandowski that in March 2016, Levandowski discovered he had stored disks that contained a substantial amount of Google’s proprietary data, which he (Levandowski) removed and destroyed. He claimed to have taken the data, which was on five Drobo 5d disks, to a Shred Works facility in Oakland for destruction.

Did Levandowski Destroy the Data or Not?

The facility had no record of Levandowski, though there was a copy of a cash receipt for the destruction of five disks on March 14. Furthermore, the forensic examination of Levandowski’s devices showed a destroyed iMessage dated March 11 to an unknown recipient that read, “I’ll clean that shit out,” followed by a second on March 14 that read, “We’re ready for junk King.”

The due diligence report speculates that perhaps Levandowski was doing a bit of mopping up and covering his tracks in anticipation of the due diligence process.

Did They Retain Google’s Information?

The forensic review showed 50,000 emails in Levandowski’s Google email retained on his personal computer. While he feigned no knowledge of the existence of such, the email depository and 10 specific emails were accessed between Sept.1, 2015, and Jan. 28, 2016. Stroz expressed skepticism and opined, “It is difficult to believe that Levandowski was not, prior to his interview, fully aware of the extent of the data that he had retained.”

What the forensic examination showed is Levandowski was apparently accessing stored Google data in January and March 2016—data which Levandowski had stored in Google Docs.  All in all, “734 source code files came from Levandowski’s device or accounts,” according to Stroz.

While information was found on all four of the individual “diligence employees,” remarkably, 174,311 Google source code files were found by Stroz on Juelsgaard’s devices and accounts.

Lessons Learned

It was clear that these employees mixed personal and professional data sets. They all departed Google with Google data in hand. Whether it was intentional or simply residue of the mix of business and personal devices matters only to motive; the bottom line is, their employer from which they were departing had its data walk out the door.

This should be a wake-up call to all on tightening up data protocols—and, more specifically, exit protocols with respect to protecting one’s intellectual property.

What’s Next?

One cannot imagine that Uber will not be calling for a settlement meeting with Waymo, given the content contained in the 34-page Stroz report. The trial is scheduled to begin later this month.

Christopher Burgess

Christopher Burgess

Christopher Burgess (@burgessct) is a writer, speaker and commentator on security issues. He is a former Senior Security Advisor to Cisco and served 30+ years within the CIA which awarded him the Distinguished Career Intelligence Medal upon his retirement. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century”. He also founded the non-profit: Senior Online Safety.

burgesschristopher has 186 posts and counting.See all posts by burgesschristopher

One thought on “Waymo, Uber Smokin’ Due Diligence Report is on Fire

Comments are closed.

Integrated Security Data PulseMeter

Step 1 of 7

What percentage of your organization’s security data is integrated into a SIEM or data repository you manage? (Select one)(Required)