Wal-Mart's snooping case exposes its James Bond side
By: Anne D’Innocenzio (AP)
Wal-Mart Stores fired the employee, Bruce Gabbard, maintaining he acted alone and didn’t receive authorization to eavesdrop. Federal authorities are investigating.
In an interview with The Wall Street Journal, Gabbard said he worked in an amply staffed unit whose mission was to shore up the walls around Wal-Mart’s internal data and communications, protecting them not just from Internet hackers but from leaks to company critics. He declined further comment when contacted this week by The Associated Press.
Corporations are increasingly using James Bond tactics and employing security specialists with FBI, CIA or private eye backgrounds in an effort to safeguard proprietary information and any internal dealings that, if made public, could hurt a company’s image and stock price, said Ken Springer, a former FBI agent and president and founder of Corporate Resolutions, which conducts character and integrity checks.
In the past, Springer said, the biggest fear in corporate America was theft, but now the concern is anything that poses a threat to a company’s reputation — including having information leaked to outsiders such as the media and, in the Internet era, bloggers. Wal-Mart said Gabbard, a systems technician, had monitored phone calls and text messages of employees and non-employees, including a New York Times reporter.
The growth of the corporate intelligence business is no secret. Last month, Cofer Black, vice chairman of the security company Blackwater USA and a former CIA counterterrorism expert, announced he had formed a new company called Total Intelligence Solutions, which focuses on providing intelligence gathering to companies. Its services will include rooting out insiders who are causing harm.
“With all this new technology, there are new challenges. Companies need to take proactive steps to protect trade secrets,” Springer said. “Reputation is everything. Companies have to use technology to stay ahead of employees’ hurting the company or outsiders who gain access to proprietary information.”
Russell Corn, senior managing director of intelligence broker Diligence LLC, whose advisory board member includes former CIA and FBI Director William Webster, agreed, saying the corporate intelligence business is fast expanding. He estimated that it’s about a $500 million industry now; it was about one-fifth that amount back in 2000.
Diligence’s business, meanwhile, has tripled to $20 million over that time. “It used to be a hard sell,” Corn said, adding that Diligence’s focus is on intelligence gathering for companies seeking to do business in emerging markets like Khazakstan.
Diligence has been caught doing its own spying: The accounting and consulting firm KPMG sued the company in 2005 for allegedly sending people posing as government spies into KPMG’s Bermuda office to coax an employee into giving up proprietary data about an ongoing probe. The suit was settled in 2006.
At Wal-Mart, the head of corporate security is Kenneth Senser, a former FBI and CIA agent. In the interview with The Wall Street Journal, Gabbard said he was a member of Wal-Mart’s Threat Research and Analysis team, and that Senser instructed him and another team member to find the source of the leaks of internal memos. Gabbard said Senser told him he was tired of telling Wal-Mart Chief Executive Lee Scott Jr. that he didn’t know the source.
It’s not known yet whether Gabbard’s orders ultimately came from the upper levels of Wal-Mart management. But if snooping did involve top management, Wal-Mart conceivably could find itself in a position like that of Hewlett-Packard, whose ill-fated effort last year to find the source of boardroom leaks to the news media led to the indictments of Patricia Dunn, the company’s former chairwoman, another executive and two private investigators. A California judge dismissed charges against Dunn Wednesday and the other defendants pleaded no contest, but the episode remains an embarrassment for H-P.
Wal-Mart, which has been under pressure to change its employee and other policies by union-backed groups like WakeUpWalmart.com, is perhaps more anxious about leaks than other companies these days. Over the last year and a half, internal memos have been leaked to the media about a range of issues from health care benefits and wages to attendance policies. Negative headlines have depressed its stock — which three years ago traded at $60 but is now in the $45 range — and harmed the retailer’s reputation.
Patricia Edwards, a portfolio manager and retail analyst at Wentworth, Hauser & Violich in Seattle, said she doesn’t know whether Gabbard acted alone, but she said: “I am getting the feeling that Wal-Mart is becoming more sensitive and more paranoid. I understand their paranoia.”
Wal-Mart has declined to comment further on the eavesdropping case after it announced on March 5 that Gabbard recorded phone messages between a Times reporter and members of the retailer’s public relations team. He also intercepted pages and text messages from other employees and non-employees, using his own personal equipment.
The company fired Gabbard last week as well as his direct supervisor, Jason Hamilton. A third person was put on disciplinary action.
Gabbard declined to comment in a text message sent Monday to an AP reporter. Hamilton said at his home in Springdale, Ark., on Tuesday that he hadn’t been contacted by any federal investigators. He declined to comment further.
Wal-Mart’s uneasiness about security also follows years of being shrouded in secrecy in the backwoods of Arkansas. This is a company that has a reputation for gathering sophisticated information about its consumers — and lets employees know it is monitoring their computer and Internet usage.
Senser, whom Wal-Mart hired in 2003, had helped create a new unit at the FBI focusing on security. The Threat Research and Analysis team, where Gabbard worked, is relatively new, and focuses on overseeing security of Wal-Mart’s information systems; it’s still unclear whether it was also charged with finding the source of leaks, as Gabbard said. Dave Tovar, a Wal-Mart spokesman, declined to give out any information about the team.
Wal-Mart said it believes the unauthorized recording of telephone conversations by Gabbard did not violate any applicable federal or state laws because Wal-Mart policies subject all employees’ communications to possible monitoring or recording. Still, the company said that Gabbard’s recording of the calls was against company policy; Wal-Mart has maintained that it only records associate phone calls in compelling circumstances and with written permission from the company’s legal department.
Federal law prohibits intercepting wireless communications without a court order, according to Jim Dempsey, policy director of the Center for Democracy and Technology.
Bruce Schneier, a computer security expert with Counterpane Internet Security, said the situation is complicated, adding that “we don’t know a lot of the details of the (Gabbard’s) motivation.”
The real reporting relationship between Senser and Gabbard and whether Senser knew of Gabbard’s activities aren’t clear.
Schneier said it may be difficult to prove that Gabbard had pressure from superiors — if in fact he did. In the HP case, board member Thomas Perkins and his attorney demanded information from HP about the methods used to identify another board member as a leaker.