Ediscovery ethics – use of clawback agreements – don’t forget to protect yourself when protecting your client’s information

The comments to Model Rule 1.6 explain that a lawyer “must act competently to safeguard” client information against the inadvertent or unauthorized disclosure by a lawyer or anyone who is subject to the lawyer’s supervision. The use of clawback agreements in electronic discovery has become commonplace given the exponentially greater volume of information typically involved and the heightened risk that privileged or protected information will be inadvertently disclosed. While the terms of clawback agreements can widely vary, under a typical clawback, the parties agree that if privileged or protected information is disclosed, it will be returned pursuant to that agreement.

The problem with clawback agreements is that they are not enforceable against third parties. If your client is involved in related litigation involving similar issues, should the parties involved in that litigation learn of the disclosure of privileged information in your case, they could seek its production, irrespective of your clawback, by arguing they were not parties to your agreement and that the privilege was waived by your disclosure. Indeed, that limitation is codified in Fed. R. Evid. 502(e) which provides: “[a]n agreement on the effect of disclosure in a federal proceeding is binding only on the parties to the agreement.” So while clawback agreements serve a worthwhile purpose, they are not risk free. Better protection against third-party waivers in a federal proceeding can be obtained if a federal court enters a nonwaiver order under Fed. R. Evid. 502(d). However, many states have not adopted the equivalent of Rule 502(d), and it remains an open question whether a non-waiver order entered in one state-court proceeding is enforceable in other state-court proceedings. See Hopson v. City of Baltimore, 232 F.R.D. 228 (D.Md. 2005).

Thus, there is a continuing need for clawback agreements, especially in state-court litigation. But before entering into a clawback agreement with your opponent, also consider protecting yourself against potential criticism over its use. In document intensive cases, or suits where a significant amount of ediscovery will be sought, discuss the use of a clawback agreement with your client, including its risks and benefits. Obtain your client’s consent before using a clawback. A best practices approach would involve written consent from the client to the use of a clawback agreement before it is entered into with opposing counsel. This can avoid any after-the-fact controversy over the nature of your discussions with the client or the decision to use a clawback to protect the confidentiality of your client’s information.

Privilege not waived where son of technologically unskilled parties opened email attachments

Green v. Beer, No. 06-4156, 2010 WL 3422723 (S.D.N.Y. August 24, 2010)

Plaintiffs were not computer savvy and did not know how to open email attachments. But their son was not so lacking in proficiency. So plaintiffs’ lawyers sent certain communications and documents to plaintiffs’ son, who then conveyed those materials to his parents.

In the course of litigation, defendants sought production of the information plaintiffs’ counsel had transmitted to them via their son. Plaintiffs objected by asserting the attorney-client privilege. But the magistrate granted the defendants’ motion to compel. Plaintiffs sought review of the magistrate’s order.

Finding the magistrate’s order on this point to be clearly erroneous, the district judge reversed as to the information transmitted through plaintiffs’ son. Because federal jurisdiction in this case was based on diversity, Fed. R. Evid. 501 was triggered, and the court looked to New York law as it related to attorney-client privilege. Under this analysis, although communications that include third-parties outside of the attorney-client relationship are generally not privileged, an exception to that waiver applies when:

• the client has a reasonable expectation of confidentiality with respect to the communication at issue, and
• disclosure to a third party is necessary for the client to obtain informed legal advice.

Adding to this second point, the attorney-client privilege is not waived where a confidential communication is disclosed to a party serving merely as an agent of either the attorney or the client.

New York also has a statute directed at this issue. N.Y. C.P.L.R. § 4548 says that:

No communication … shall lose its privileged character for the sole reason that it is communicated by electronic means or because persons necessary for the delivery or facilitation of such electronic communication may have access to the content of the communication.

In this case, the court found that the magistrate erred for two reasons. First, the magistrate judge erred when he failed to include Section 4548’s guidance in the analysis. Second, the magistrate erred by not finding that plaintiffs’ son served as an agent for plaintiffs, and that his involvement in the delivery of the otherwise confidential communications would not constitute a waiver of privilege.

Public policy also guided the court’s conclusion: “A client lacking proficiency in Internet technology should not be prevented from enjoying the advantages of email correspondence for fear that the necessary assistance of a third party — here, the [plaintiffs’] son — in sending or receiving such correspondence will lead to the forfeiture of the attorney-client privilege.”

Relationship Between the Work Product Doctrine and the Duty to Preserve

Siani v. State Univ. of New York, 2010 WL 3170664 (E.D.N.Y. Aug. 10, 2010)

The duty to preserve electronically stored information (ESI) can arise long before a lawsuit is ever filed. Several of our prior posts, such as the ones found here and here, chronicle the problem of determining whether a pre-suit duty to preserve is triggered by a letter from a putative plaintiff which contemplates the possibility of litigation. So, any decision which recognizes a landmark that can be readily followed when navigating the pre-suit preservation minefield bears highlighting. Sinai provides such a beacon to follow.

The work-product doctrine encompasses documents that are prepared “in anticipation of litigation.” Siani reached “the common sense conclusion” that if litigation was reasonably foreseeable for one purpose, “it was reasonably foreseeable for all purposes.” 2010 WL 3170664 at *5. Thus, Siani recognizes a direct relationship between the assertion of the work-product doctrine and a duty to preserve ESI in a pre-suit context.

Thus, before asserting the protection of the work-product doctrine, an attorney would be wise to also confirm that the client has instituted a litigation hold to preserve potentially relevant ESI in the context of that anticipated litigation. Claiming the protection of the work-product doctrine means that litigation was reasonably anticipated and that a duty to preserve potentially relevant ESI has been triggered.

Emails sent through Yahoo account using work computer protected under attorney-client privilege

The New Jersey supreme court has held that emails an employee sent to her lawyer using her company-issued computer and a personal Yahoo account are protected by the attorney-client privilege.

Stengart v. Loving Care Agency, Inc., — A.2d —, 2010 WL 1189458 (N.J. March 30, 2010)

The New Jersey courts have a reputation of being protective of “informational privacy.” See, e.g., State v. Reid. A recent decision concerning employee privacy in personal emails adds to that reputation.

Plaintiff-employee used a work-issued laptop to access her Yahoo email account, through which she communicated with her lawyer about her lawsuit against the employer. During the discovery phase of that employment discrimination lawsuit, the employer used computer forensics to recover those Yahoo emails that had been copied to the computer’s temporary internet files folder.

Counsel for plaintiff demanded that the employer turn over the recovered emails, arguing that the communications were protected by the attorney-client privilege. When the employer agreed to turn them over but not discontinue use of the information garnered from them, plaintiff sought relief from the court.

The trial court denied relief and plaintiff sought review with the appellate court. That court reversed, and the employer sought review with the state’s supreme court. You can read our prior blog post that discussed the appellate court’s decision here. The supreme court upheld the appellate court’s decision, holding that the employee had a reasonable expectation of privacy in the communications.

The employer relied on a broadly-written company policy through which the employer reserved the right to review and access “all matters on the company’s media systems and services at any time.” But the court rejected those arguments.

Framework for the analysis

The supreme court considered two aspects in its analysis: (1) the adequacy of the notice provided by the company policy, and (2) the important public policy concerns raised by the attorney-client privilege.

As for the adequacy of the notice provided by the policy, the court found that because the policy did not address the use of password-protected personal email accounts, the policy was “not entirely clear.” As for the importance of the attorney-client privilege, the court lavished it with almost-sacred verbal accoutrements, calling it a “venerable privilege . . . enshrined in history and practice.”

“Intrusion upon seclusion” as source for standard

The court noted that the analysis for a reasonable expectation of privacy in dealings between two private parties was a bit different than the analysis in a Fourth Amendment case. The common law source for the standard in this context is with the tort of “intrusion upon seclusion.” Under New Jersey law, that tort is committed when one intentionally intrudes, physically or otherwise, upon the solitude or seclusion of another or his private affairs or concerns, in a manner that would be highly offensive to a reasonable person. (This language comes from the Restatement (Second) of Torts § 652B.)

In this situation, the court found that plaintiff had both a subjective and objective expectation that the messages would be private. Supporting her subjective belief was the fact that she used a private email account that was password protected, instead of her work email account. And she did not store her password on the computer. Her belief was objectively reasonable given the absence of any discussion about private email accounts in the company policy.

Plaintiff’s expectation of privacy was also bolstered by the fact that the email messages were not illegal, nor would they impact the performance of the employer’s computer system. And they bore all the “hallmarks” of attorney-client communications.

For all these reasons, not the least of which the priority of the courts “to keep private the very type of conversations that took place here,” the court found that the conversations were protected by the attorney-client privilege.

Rule 502(d) nonwaiver orders need not be limited to the “inadvertent” production of privileged or protected information

Callan v. Christian Audigier, Inc., 2009 WL 4844422 (C.D.Cal. Oct. 27, 2009)

If you were looking for an ediscovery opinion to lift your spirits during this wintery holiday season, stop, Callan is not the decision for which you’ve been waiting. After reading the opinion, Santa reportedly decided to deliver coal to lawyers who fail to follow Fed. R. Evid 502. The court’s decision in Callan focused on the issue of inadvertent waiver of privilege, and Rule 502(b). However, as we originally explained in one of our blog posts several months ago, the time and effort expended in addressing the issue of inadvertent waiver in Callan could have been avoided had the protective order been drafted in accordance with Fed. R. Evid. 502(d).

The proper framework for analyzing the inadvertent waiver of attorney-client privilege under Fed. R. Evid. 502(b) was discussed in one of our recent blog posts. In that post, we warned that when a party seeks the return of inadvertently produced privileged material under Fed R. Civ. P. 26(b)(5)(B), the failure to explain what steps the party took to prevent the disclosure of privileged information from occurring could result in a finding of waiver under Rule 502(b), no matter how inadvertent the disclosure. Unfortunately, defense counsel made that same mistake in Callan. The court noted that defendants failed to establish the documents in question were privileged and even failed to identify “what privileges purportedly apply to the documents [that were] allegedly inadvertently produced.” As a result, the court awarded attorney’s fees to the plaintiff under Rule 37(a)(5)(B) for responding to the motion. Thus, the failure to meet Rule 502(b)’s elements not only can result in a finding of waiver, it can also result in having to pay your opponent’s attorney’s fees for responding to such a motion. Obviously, care must be taken when seeking the return of inadvertently produced information under Rule 502(b).

The district court in Callan had entered a protective order under Fed. R. Civ. P. 26(c) that included a clawback provision which provided: “The inadvertent production of any discovery material by any party shall be without prejudice to any subsequent claim by the producing party that such discovery material is privileged or attorney-work product and shall not be deemed a waiver of any such privilege or protection.” So, what went wrong? The protective order was limited to the “inadvertent” production of discovery materials and defendants failed to show the materials were inadvertently produced or were privileged. More importantly however, the first misstep occurred in drafting that protective order. As explained below, the real lesson to be learned is that nonwaiver orders under Fed. R. Evid. 502(d) need not be limited to the “inadvertent” production of privileged or protected materials as in Callan.

Read the rest of this entry »

Avoiding ethical pitfalls of communicating with clients via email

Leor Exploration & Production, LLC v. Aguiar, 2009 WL 3097207 (S.D. Fla. Sept. 23, 2009)

The twentieth century Spanish philosopher and poet George Santayana once wrote: “Those who cannot learn from history are doomed to repeat it.” The Leor decision proves that philosophy is especially true when it comes to the realm of ediscovery. Leor is another example of a growing body of caselaw addressing whether emails sent or received by an employee through his employer’s email server are protected by attorney-client privilege. In a prior blog post we discussed several decisions that have addressed this issue and attempted to reconcile their holdings.

Guma Aguiar was the CEO and Vice Chairman of Leor Exploration & Production LLC (“Leor”). He retained a “trusts and estates attorney” to document his interests in certain entities. Subsequently, that attorney sent an email to Aguiar’s personal advisor and agent, Garrett Smith, who also happened to be the Vice President and In-House General Counsel of Leor, which memorialized a conversation involving the three of them. The email was sent to Mr. Smith’s work email address at Leor. After a series of lawsuits erupted between Aguiar, his uncle and related entities involved in oil and gas exploration, the attorney’s email surfaced in discovery and the issue presented to the court was whether it was protected by the attorney-client privilege.

Leor held that the attorney’s email to his client’s personal advisor and agent was not privileged because the client lacked a reasonable expectation of privacy in emails transmitted through his employer’s (the company’s) email server. In reaching that conclusion, the court identified four factors that should be considered in determining whether an employee has an expectation of privacy in email communications:

• Does the corporation maintain a policy banning personal or objectionable use;
• Does the corporation monitor the use of the employee’s computer or e-mail;
• Do third parties have a right of access to the computer or e-mails; and
• Did the corporation notify the employee or was the employee aware of the use and monitoring policies?

Because each of the four factors were present, the court in Leor had little difficulty in concluding that plaintiff did not meet his burden of establishing the applicability of the attorney-client privilege. However, the privilege belongs to the client not the lawyer, and the decision fails to address how an attorney can waive the privilege belonging to the client without the client’s consent. When the client sends an email to his attorney with knowledge of the four factors noted above, one can argue the client impliedly waived any right to assert the privilege, but the converse is not necessarily true. However, the decision follows the approach taken in Scott v. Beth Israel, and lawyers must take care not to run afoul of the decision.

In our prior blog post addressing this issue, we discussed how some courts have ruled that email communications retained their privileged character when they were encrypted or involved password protected web-based email notwithstanding the fact that they were sent or received via a company issued computer. While that post focused on the duties and responsibilities of a company’s attorney who receives or reviews employee emails, Leor highlights the responsibilities of any attorney communicating with his client via email.

Reasonable communication between an attorney and his or her client is necessary under Rule 1.4 of the Model Rules of Professional Conduct. Rule 1.6 of the Model Rules further requires that an attorney act competently to safeguard confidential information relating to the representation of a client against its inadvertent or unauthorized disclosure. Under Rule 1.6, a lawyer is obligated to take reasonable precautions to prevent information from coming into the hands of unintended recipients. That does not necessarily require that a lawyer use special security measures, such as encrypting emails, where the mode of communication affords a reasonable expectation of privacy. However, special circumstances can require that special precautions be taken.

While the decisions are not uniform in their holding, given the growing body of caselaw addressing the waiver of attorney-client privilege involving workplace email communications, an attorney should consider whether special precautions may be warranted in this scenario, especially if you practice in a jurisdiction where you would have reason to believe a court may find a waiver occurred. An attorney should consider addressing this issue at the outset of any representation with his client. Lawyers would be wise to follow the age-old adage: an ounce of prevention is worth a pound of cure. If the risk of privilege loss is to be avoided, then neither the attorney nor the client should communicate with one another through any email server or by any means in which they lack a reasonable expectation of privacy. While that does not mean that an attorney cannot communicate via email with his client, the attorney should endeavor to avoid emailing the client at the client’s place of business and should consider advising the client to not communicate with him through a company-issued computer, Blackberry or other communication device. Consider alternative methods of communication. While a client may consent to the use of a mode of communication that would be prohibited by Rule 1.6, that consent must be “informed.”

So before you send that next email to a client, stop and assess whether there are any privilege issues implicated by your communication. Don’t let convenience trump confidentiality. Where appropriate, clients should be advised of the risks of communication via company-issued computers or Blackberries in order to avoid a waiver of privilege as in Leor.

Photo courtesy Flickr user Michael Licht under this Creative Commons license.

Failing to take prompt reasonable steps once notified of an inadvertent production results in privilege waiver – you’ve now entered the Twilight Zone

United States v. Sensient Colors, Inc., 2009 WL 2905474 (D.N.J. Sept. 9, 2009)

“You’re traveling through another dimension, a dimension not only of sight and sound, but of mind; a journey into a wondrous land whose boundaries are that of imagination – Next stop, the Twilight Zone.”

Any lawyer who inadvertently produces privileged information steps into a legal twilight zone. However, that legal twilight zone is not a “wondrous land,” but one filled with sleepless nights and many questions. How did it happen? When and how do I tell the client? How do I get the materials back? Will I lose the client, my job, my career? With ediscovery, the risk that privileged or confidential information will be inadvertently produced geometrically increases. While the use of clawback or nonwaiver agreements and FRE 502(b) lessen that risk, they do not eliminate it. Sensient Colors establishes that point.

Sensient Colors involved the electronic production of 45,000 documents totaling 135,000 pages or 450 boxes of records by the United States (“government”). Several months after that production was completed, the defendant initially returned a group of documents that were privileged. Over the ensuing months, the defendant continued to identify additional documents that the government had produced but were privileged. Ultimately, the defendant sought a ruling that the government had waived its right to assert privilege over the documents it had produced.

The court in Sensient Colors concluded the privileged documents were inadvertently produced by the government and that the requirements of FRE 502(b) were met as to the first group of documents the defendant returned. However, as to the subsequently identified privileged documents, the court ruled that the government waived its right to assert privilege under Rule 502(b) as to those documents because it had failed to promptly take reasonable steps to rectify its error after being notified of the initial inadvertent production.

The explanatory note to FRE 502 provides: “The Rule does not require the producing party to engage in a post-production review to determine whether any protected communication or information has been produced by mistake.” However, the court in Sensient Colors concluded that once a party has been put on notice that privileged information has been inadvertently produced, Rule 502(b)(3) requires the producing party take “prompt and reasonable steps to reassess its document production.” The court in Sensient Colors concluded the government failed to act reasonably and diligently to correct its error and waived its privilege and work-product protection as a result.

Read the rest of this entry »

Attorney-client privilege trumps an employer’s electronic communications and computer use policy

Stengart v. Loving Care Agency, Inc., 973 A.2d 390 (N.J. Super. A.D., 2009 WL 1811064 (N.J. Super. A.D.)

Introduction.

Stengart addressed whether the attorney-client privilege protected a former employee’s emails that were sent to her attorney using a company-issued laptop computer through a personal, password-protected, web-based (Yahoo) email account. The emails addressed a lawsuit the former employee contemplated bringing against her employer and were sent to the employee’s personal attorney prior to her resignation from the company. The company obtained the emails after suit was filed by making a forensic image of the computer’s hard drive and extracting them from the plaintiff’s internet browser history.

The court in Stengart concluded the emails were privileged, holding the policy considerations underlying the attorney-client privilege “substantially outweighed” the company’s interest in enforcing its computer use and electronic communications policy. The decision is also significant in that the court remanded for an evidentiary hearing to determine whether the company’s attorneys should be disqualified or if some other sanction should be imposed as a result of their failure to comply with Rule 4.4(b) of the New Jersey Rules of Professional Conduct. The New Jersey rule, like Rule 4.4(b) of the Model Rules, requires that whenever a lawyer has reasonable cause to believe that a document was inadvertently produced, the lawyer should not read it, and must promptly notify the sender.

The court’s decision in Stengart should be contrasted with Scott v. Beth Israel Medical Center, 17 Misc. 934, 847 N.Y.S.2d 436 (2007), which held the attorney-client privilege was lost when the plaintiff used the company’s email system to communicate with his attorney in view of the company’s no personal use and email monitoring policies coupled with the plaintiff’s awareness of those policies. The Stengart and Beth Israel decisions demonstrate that whether an employee’s communication with personal counsel retains its privileged nature when made via the company’s computer or email system involves a fact-specific inquiry. This post will address those decisions and will outline the factors that courts have examined when addressing the issue of attorney-client privilege in this context.

Read the rest of this entry »

The Secret’s out – if you want to lower your ediscovery and litigation costs – seek F.R.E. 502 non-waiver orders

Heriot v. Byrne, 2009 WL 742769 (N.D. Ill. March 20, 2009)

Heriot addresses the inadvertent production of privileged materials by an ediscovery vendor. Because the law firm that retained the vendor had taken reasonable steps to review the documents prior to their production, and took prompt steps to rectify the inadvertant disclosure once they learned of it, the court ruled the disclosure was inadvertent and did not result in a waiver attorney-client privilege under Fed. R. Evid. 502(b). The decision also serves as a stark reminder of the care which must be taken in selecting an ediscovery vendor, and the American Bar Association Ethics Opinion addressing a lawyer’s obligations when outsourcing legal and nonlegal services.

However, after reading the court’s analysis of the parties’ Rule 502(b) arguments, I was struck by how unnecessary it all was. I tried to imagine the number of hours the district court spent reviewing the documents which had been submitted for an in camera inspection, reviewing the parties’ briefs, and then drafting its opinion resolving the Rule 502(b) issues that were presented. I thought of the hours, and literally the thousands of dollars that were wasted litigating the inadvertent waiver issue. Much of that time, money and effort could have been avoided had the parties simply entered into a non-waiver order under Fed. R. Evid. 502(d).

So, before stepping off the soap box and getting back to Heriot, let us provide a practical suggestion to lower your ediscovery and litigation costs – enter into non-waiver orders under Fed. R. Evid. 502(d). The Note to Rule 502(d) explains that once a non-waiver order is entered in a federal proceeding, “its terms are enforceable against non-parties in any federal or state proceeding.” That Note further explains the agreement of the parties is not a condition to the entry of, or the enforceability of a non-waiver order. As indicated in one of our prior posts, Rule 502 non-waiver orders are the gold standard to follow when seeking protection against the inadvertent waiver of privilege.

Read the rest of this entry »

Clawback and quick peek agreements are no longer considered the Gold Standard for protecting against the inadvertent waiver of privilege.

On a recent flight, I read the February/April, 2009 edition of Litigation Support Today magazine. Under the banner of Best Practices, was an article: “Slashing Ediscovery Costs in a Digital Universe.” One of the author’s recommendations was to negotiate a “quick peek” agreement with opposing counsel. However, care must always be exercised with quick peek and clawback agreements.

Fed. R. Evid. 502(e) confirms that a clawback or quick peek agreement only binds the parties to the agreement “unless it is incorporated into a court order.” Clawback and quick peek agreements provide no protection as to third parties. Thus, while you may avoid a claim of waiver as to information inadvertently produced to a party who signed such an agreement, other parties in that litigation who are adverse to you, and who were not signatories to your agreement, as well as parties in other cases, can claim that your quick peek agreement is not enforceable against them. They will argue that allowing your opponent to potentially view privileged documents without taking any precautions to ensure that privileged information was not reviewed by opposing counsel (other than simply entering into the quick peek agreement) waived attorney-client privilege and the work-production protection as to them. For further insight into the use of quick peek and clawback agreements, see Hopson v. City of Baltimore, 232 F.R.D. 228, 244 (D.Md. 2005).

Read the rest of this entry »