The comments to Model Rule 1.6 explain that a lawyer “must act competently to safeguard” client information against the inadvertent or unauthorized disclosure by a lawyer or anyone who is subject to the lawyer’s supervision. The use of clawback agreements in electronic discovery has become commonplace given the exponentially greater volume of information typically involved and the heightened risk that privileged or protected information will be inadvertently disclosed. While the terms of clawback agreements can widely vary, under a typical clawback, the parties agree that if privileged or protected information is disclosed, it will be returned pursuant to that agreement.

The problem with clawback agreements is that they are not enforceable against third parties. If your client is involved in related litigation involving similar issues, should the parties involved in that litigation learn of the disclosure of privileged information in your case, they could seek its production, irrespective of your clawback, by arguing they were not parties to your agreement and that the privilege was waived by your disclosure. Indeed, that limitation is codified in Fed. R. Evid. 502(e) which provides: “[a]n agreement on the effect of disclosure in a federal proceeding is binding only on the parties to the agreement.” So while clawback agreements serve a worthwhile purpose, they are not risk free. Better protection against third-party waivers in a federal proceeding can be obtained if a federal court enters a nonwaiver order under Fed. R. Evid. 502(d). However, many states have not adopted the equivalent of Rule 502(d), and it remains an open question whether a non-waiver order entered in one state-court proceeding is enforceable in other state-court proceedings. See Hopson v. City of Baltimore, 232 F.R.D. 228 (D.Md. 2005).

Thus, there is a continuing need for clawback agreements, especially in state-court litigation. But before entering into a clawback agreement with your opponent, also consider protecting yourself against potential criticism over its use. In document intensive cases, or suits where a significant amount of ediscovery will be sought, discuss the use of a clawback agreement with your client, including its risks and benefits. Obtain your client’s consent before using a clawback. A best practices approach would involve written consent from the client to the use of a clawback agreement before it is entered into with opposing counsel. This can avoid any after-the-fact controversy over the nature of your discussions with the client or the decision to use a clawback to protect the confidentiality of your client’s information.

Plaintiffs were not computer savvy and did not know how to open email attachments. But their son was not so lacking in proficiency. So plaintiffs’ lawyers sent certain communications and documents to plaintiffs’ son, who then conveyed those materials to his parents.

In the course of litigation, defendants sought production of the information plaintiffs’ counsel had transmitted to them via their son. Plaintiffs objected by asserting the attorney-client privilege. But the magistrate granted the defendants’ motion to compel. Plaintiffs sought review of the magistrate’s order.

Finding the magistrate’s order on this point to be clearly erroneous, the district judge reversed as to the information transmitted through plaintiffs’ son. Because federal jurisdiction in this case was based on diversity, Fed. R. Evid. 501 was triggered, and the court looked to New York law as it related to attorney-client privilege. Under this analysis, although communications that include third-parties outside of the attorney-client relationship are generally not privileged, an exception to that waiver applies when:

• the client has a reasonable expectation of confidentiality with respect to the communication at issue, and
• disclosure to a third party is necessary for the client to obtain informed legal advice.

Adding to this second point, the attorney-client privilege is not waived where a confidential communication is disclosed to a party serving merely as an agent of either the attorney or the client.

New York also has a statute directed at this issue. N.Y. C.P.L.R. § 4548 says that:

No communication … shall lose its privileged character for the sole reason that it is communicated by electronic means or because persons necessary for the delivery or facilitation of such electronic communication may have access to the content of the communication.

In this case, the court found that the magistrate erred for two reasons. First, the magistrate judge erred when he failed to include Section 4548’s guidance in the analysis. Second, the magistrate erred by not finding that plaintiffs’ son served as an agent for plaintiffs, and that his involvement in the delivery of the otherwise confidential communications would not constitute a waiver of privilege.

Public policy also guided the court’s conclusion: “A client lacking proficiency in Internet technology should not be prevented from enjoying the advantages of email correspondence for fear that the necessary assistance of a third party — here, the [plaintiffs’] son — in sending or receiving such correspondence will lead to the forfeiture of the attorney-client privilege.”

The duty to preserve electronically stored information (ESI) can arise long before a lawsuit is ever filed. Several of our prior posts, such as the ones found here and here, chronicle the problem of determining whether a pre-suit duty to preserve is triggered by a letter from a putative plaintiff which contemplates the possibility of litigation. So, any decision which recognizes a landmark that can be readily followed when navigating the pre-suit preservation minefield bears highlighting. Sinai provides such a beacon to follow.

The work-product doctrine encompasses documents that are prepared “in anticipation of litigation.” Siani reached “the common sense conclusion” that if litigation was reasonably foreseeable for one purpose, “it was reasonably foreseeable for all purposes.” 2010 WL 3170664 at *5. Thus, Siani recognizes a direct relationship between the assertion of the work-product doctrine and a duty to preserve ESI in a pre-suit context.

Thus, before asserting the protection of the work-product doctrine, an attorney would be wise to also confirm that the client has instituted a litigation hold to preserve potentially relevant ESI in the context of that anticipated litigation. Claiming the protection of the work-product doctrine means that litigation was reasonably anticipated and that a duty to preserve potentially relevant ESI has been triggered.

Stengart v. Loving Care Agency, Inc., — A.2d —, 2010 WL 1189458 (N.J. March 30, 2010)

The New Jersey courts have a reputation of being protective of “informational privacy.” See, e.g., State v. Reid. A recent decision concerning employee privacy in personal emails adds to that reputation.

Plaintiff-employee used a work-issued laptop to access her Yahoo email account, through which she communicated with her lawyer about her lawsuit against the employer. During the discovery phase of that employment discrimination lawsuit, the employer used computer forensics to recover those Yahoo emails that had been copied to the computer’s temporary internet files folder.

Counsel for plaintiff demanded that the employer turn over the recovered emails, arguing that the communications were protected by the attorney-client privilege. When the employer agreed to turn them over but not discontinue use of the information garnered from them, plaintiff sought relief from the court.

The trial court denied relief and plaintiff sought review with the appellate court. That court reversed, and the employer sought review with the state’s supreme court. You can read our prior blog post that discussed the appellate court’s decision here. The supreme court upheld the appellate court’s decision, holding that the employee had a reasonable expectation of privacy in the communications.

The employer relied on a broadly-written company policy through which the employer reserved the right to review and access “all matters on the company’s media systems and services at any time.” But the court rejected those arguments.

Framework for the analysis

The supreme court considered two aspects in its analysis: (1) the adequacy of the notice provided by the company policy, and (2) the important public policy concerns raised by the attorney-client privilege.

As for the adequacy of the notice provided by the policy, the court found that because the policy did not address the use of password-protected personal email accounts, the policy was “not entirely clear.” As for the importance of the attorney-client privilege, the court lavished it with almost-sacred verbal accoutrements, calling it a “venerable privilege . . . enshrined in history and practice.”

“Intrusion upon seclusion” as source for standard

The court noted that the analysis for a reasonable expectation of privacy in dealings between two private parties was a bit different than the analysis in a Fourth Amendment case. The common law source for the standard in this context is with the tort of “intrusion upon seclusion.” Under New Jersey law, that tort is committed when one intentionally intrudes, physically or otherwise, upon the solitude or seclusion of another or his private affairs or concerns, in a manner that would be highly offensive to a reasonable person. (This language comes from the Restatement (Second) of Torts § 652B.)

In this situation, the court found that plaintiff had both a subjective and objective expectation that the messages would be private. Supporting her subjective belief was the fact that she used a private email account that was password protected, instead of her work email account. And she did not store her password on the computer. Her belief was objectively reasonable given the absence of any discussion about private email accounts in the company policy.

Plaintiff’s expectation of privacy was also bolstered by the fact that the email messages were not illegal, nor would they impact the performance of the employer’s computer system. And they bore all the “hallmarks” of attorney-client communications.

For all these reasons, not the least of which the priority of the courts “to keep private the very type of conversations that took place here,” the court found that the conversations were protected by the attorney-client privilege.

If you were looking for an ediscovery opinion to lift your spirits during this wintery holiday season, stop, Callan is not the decision for which you’ve been waiting. After reading the opinion, Santa reportedly decided to deliver coal to lawyers who fail to follow Fed. R. Evid 502. The court’s decision in Callan focused on the issue of inadvertent waiver of privilege, and Rule 502(b). However, as we originally explained in one of our blog posts several months ago, the time and effort expended in addressing the issue of inadvertent waiver in Callan could have been avoided had the protective order been drafted in accordance with Fed. R. Evid. 502(d).

The proper framework for analyzing the inadvertent waiver of attorney-client privilege under Fed. R. Evid. 502(b) was discussed in one of our recent blog posts. In that post, we warned that when a party seeks the return of inadvertently produced privileged material under Fed R. Civ. P. 26(b)(5)(B), the failure to explain what steps the party took to prevent the disclosure of privileged information from occurring could result in a finding of waiver under Rule 502(b), no matter how inadvertent the disclosure. Unfortunately, defense counsel made that same mistake in Callan. The court noted that defendants failed to establish the documents in question were privileged and even failed to identify “what privileges purportedly apply to the documents [that were] allegedly inadvertently produced.” As a result, the court awarded attorney’s fees to the plaintiff under Rule 37(a)(5)(B) for responding to the motion. Thus, the failure to meet Rule 502(b)’s elements not only can result in a finding of waiver, it can also result in having to pay your opponent’s attorney’s fees for responding to such a motion. Obviously, care must be taken when seeking the return of inadvertently produced information under Rule 502(b).

The district court in Callan had entered a protective order under Fed. R. Civ. P. 26(c) that included a clawback provision which provided: “The inadvertent production of any discovery material by any party shall be without prejudice to any subsequent claim by the producing party that such discovery material is privileged or attorney-work product and shall not be deemed a waiver of any such privilege or protection.” So, what went wrong? The protective order was limited to the “inadvertent” production of discovery materials and defendants failed to show the materials were inadvertently produced or were privileged. More importantly however, the first misstep occurred in drafting that protective order. As explained below, the real lesson to be learned is that nonwaiver orders under Fed. R. Evid. 502(d) need not be limited to the “inadvertent” production of privileged or protected materials as in Callan.

Nonwaiver orders under Fed. R. Evid. 502(d) should not be limited to the “inadvertent” production of privileged information or attorney work product.

Before drafting your next protective or nonwaiver order, take another look at Subdivision (d) of Rule 502. It provides:

A Federal court may order that the privilege or protection is not waived by disclosure connected with the litigation pending before the court—in which event the disclosure is also not a waiver in any other Federal or State proceeding.

Note that unlike Subdivision (b) of the Rule, which is specifically restricted to the “inadvertent” disclosure of privileged information and requires a showing of reasonable care, Rule 502(d) is not so limited. The word “inadvertent” appears nowhere in the text of Rule 502(d). Also, Rule 502(d), unlike Rule 502(b), does not require that reasonable care be exercised when a production occurs pursuant to this part of the Rule.

The primary rule of statutory construction is to apply the plain language of a statute as written. See, e.g., United States v. Ron Pair Entrers. Inc., 489 U.S. 235, 242 (1989)(explaining the “plain meaning of legislation should [generally] be conclusive” on the issue of legislative intent). Rule 502(d) simply does not require that a court order mandate that reasonable care be taken before it can be entered. Another recognized rule of statutory construction is that the inclusion of a requirement in one section of a statute but not in another section of the same statute signals a different result was intended. Duncan v. Walker, 533 U.S. 167, 173 (2001) (observing “where Congress includes particular language in one section of a statue but omits it in another section of the same Act, it is generally presumed that Congress. acts intentionally and purposely in the disparate inclusion or exclusion”) (internal quotation omitted).

Had the drafters of Subdivision (d) intended to limit Rule 502(d) nonwaiver orders to only the inadvertent production of privileged material or to only those instances where reasonable care was taken, they could have easily mimicked the requirements found in Subdivision (b) of the Rule. Because they did not do so, Rule 502(d) orders are not limited by Rule 502(b)’s requirements. This conclusion is borne out by the Explanatory Note to Subdivision (d) of Rule 502 which explains “the court order may provide for return of documents without waiver irrespective of the care taken by the disclosing party” (emphasis added).

So, take advantage of Rule 502(d). When drafting a nonwaiver order, make it applicable to any production of any discovery material and do not limit it to merely an inadvertent production like the parties in Callan.

It is not uncommon, when drafting nonwaiver orders, to seek the approval of your opponent to the proposed language of the order. Some may even suggest such collaboration is required in light of various “cooperation proclamations.” However, the Explanatory Note to Subdivision (d) provides your opponent’s agreement is not a precondition to the entry of a Rule 502 nonwaiver order. The Note unequivocally states:

Under the rule, a confidentiality order is enforceable whether or not it memorializes the an agreement between the parties to the litigation. Party agreement should not be a condition of enforceability of a federal court’s order.

In theory, given a district court’s inherent authority to control its docket and the scope of discovery in matters pending before it, a court should be able to enter a Rule 502(d) nonwaiver order sua sponte without even requiring a motion from the parties. Nevertheless, it would be a wise to endeavor to gain your opponent’s agreement to the entry of such an order. Should your opponent object to the breadth of your proposed order, explain that it will ultimately benefit both parties and point to the quoted provisions from Rule 502(d)’s Explanatory Note.

Protective/nonwaiver orders are controlling.

The court in Callan made an important point that also merits your attention. The court noted that the defendants, as the moving party, bore the burden of proving they inadvertently disclosed privileged documents to the plaintiff within the meaning of the court’s protective order. The court observed that because the protective order did not address the parties’ burden of proof regarding the alleged inadvertent disclosure, it adopted the “standard practice” which is to place the burden on the party claiming inadvertent disclosure.

Implicit in that ruling is that if the protective order had not been limited to the inadvertent production of discovery materials, the party that bore the burden of proof would not be an issue. More importantly, Callan explains that the terms of the protective order are controlling as to which party bears the burden of proof and suggests that the parties are free to allocate that burden as they see fit. Accordingly, should a court in exercising its discretion limit the entry of a Rule 502(d) nonwaiver order to only the inadvertent production of privileged information, then you should endeavor to address the burden of proof issue in the order. Nothing prevents the parties from shifting the burden to the receiving party to demonstrate that reasonable precautions were not taken.

Accordingly, broadly draft your Rule 502(d) nonwaiver orders so that you can avoid the type of outcome that occurred in Callan and hopefully next year you can avoid Santa delivering coal to your stocking.

The twentieth century Spanish philosopher and poet George Santayana once wrote: “Those who cannot learn from history are doomed to repeat it.” The Leor decision proves that philosophy is especially true when it comes to the realm of ediscovery. Leor is another example of a growing body of caselaw addressing whether emails sent or received by an employee through his employer’s email server are protected by attorney-client privilege. In a prior blog post we discussed several decisions that have addressed this issue and attempted to reconcile their holdings.

Guma Aguiar was the CEO and Vice Chairman of Leor Exploration & Production LLC (“Leor”). He retained a “trusts and estates attorney” to document his interests in certain entities. Subsequently, that attorney sent an email to Aguiar’s personal advisor and agent, Garrett Smith, who also happened to be the Vice President and In-House General Counsel of Leor, which memorialized a conversation involving the three of them. The email was sent to Mr. Smith’s work email address at Leor. After a series of lawsuits erupted between Aguiar, his uncle and related entities involved in oil and gas exploration, the attorney’s email surfaced in discovery and the issue presented to the court was whether it was protected by the attorney-client privilege.

Leor held that the attorney’s email to his client’s personal advisor and agent was not privileged because the client lacked a reasonable expectation of privacy in emails transmitted through his employer’s (the company’s) email server. In reaching that conclusion, the court identified four factors that should be considered in determining whether an employee has an expectation of privacy in email communications:

• Does the corporation maintain a policy banning personal or objectionable use;
• Does the corporation monitor the use of the employee’s computer or e-mail;
• Do third parties have a right of access to the computer or e-mails; and
• Did the corporation notify the employee or was the employee aware of the use and monitoring policies?

Because each of the four factors were present, the court in Leor had little difficulty in concluding that plaintiff did not meet his burden of establishing the applicability of the attorney-client privilege. However, the privilege belongs to the client not the lawyer, and the decision fails to address how an attorney can waive the privilege belonging to the client without the client’s consent. When the client sends an email to his attorney with knowledge of the four factors noted above, one can argue the client impliedly waived any right to assert the privilege, but the converse is not necessarily true. However, the decision follows the approach taken in Scott v. Beth Israel, and lawyers must take care not to run afoul of the decision.

In our prior blog post addressing this issue, we discussed how some courts have ruled that email communications retained their privileged character when they were encrypted or involved password protected web-based email notwithstanding the fact that they were sent or received via a company issued computer. While that post focused on the duties and responsibilities of a company’s attorney who receives or reviews employee emails, Leor highlights the responsibilities of any attorney communicating with his client via email.

Reasonable communication between an attorney and his or her client is necessary under Rule 1.4 of the Model Rules of Professional Conduct. Rule 1.6 of the Model Rules further requires that an attorney act competently to safeguard confidential information relating to the representation of a client against its inadvertent or unauthorized disclosure. Under Rule 1.6, a lawyer is obligated to take reasonable precautions to prevent information from coming into the hands of unintended recipients. That does not necessarily require that a lawyer use special security measures, such as encrypting emails, where the mode of communication affords a reasonable expectation of privacy. However, special circumstances can require that special precautions be taken.

While the decisions are not uniform in their holding, given the growing body of caselaw addressing the waiver of attorney-client privilege involving workplace email communications, an attorney should consider whether special precautions may be warranted in this scenario, especially if you practice in a jurisdiction where you would have reason to believe a court may find a waiver occurred. An attorney should consider addressing this issue at the outset of any representation with his client. Lawyers would be wise to follow the age-old adage: an ounce of prevention is worth a pound of cure. If the risk of privilege loss is to be avoided, then neither the attorney nor the client should communicate with one another through any email server or by any means in which they lack a reasonable expectation of privacy. While that does not mean that an attorney cannot communicate via email with his client, the attorney should endeavor to avoid emailing the client at the client’s place of business and should consider advising the client to not communicate with him through a company-issued computer, Blackberry or other communication device. Consider alternative methods of communication. While a client may consent to the use of a mode of communication that would be prohibited by Rule 1.6, that consent must be “informed.”

So before you send that next email to a client, stop and assess whether there are any privilege issues implicated by your communication. Don’t let convenience trump confidentiality. Where appropriate, clients should be advised of the risks of communication via company-issued computers or Blackberries in order to avoid a waiver of privilege as in Leor.

Photo courtesy Flickr user Michael Licht under this Creative Commons license.

“You’re traveling through another dimension, a dimension not only of sight and sound, but of mind; a journey into a wondrous land whose boundaries are that of imagination – Next stop, the Twilight Zone.”

Any lawyer who inadvertently produces privileged information steps into a legal twilight zone. However, that legal twilight zone is not a “wondrous land,” but one filled with sleepless nights and many questions. How did it happen? When and how do I tell the client? How do I get the materials back? Will I lose the client, my job, my career? With ediscovery, the risk that privileged or confidential information will be inadvertently produced geometrically increases. While the use of clawback or nonwaiver agreements and FRE 502(b) lessen that risk, they do not eliminate it. Sensient Colors establishes that point.

Sensient Colors involved the electronic production of 45,000 documents totaling 135,000 pages or 450 boxes of records by the United States (“government”). Several months after that production was completed, the defendant initially returned a group of documents that were privileged. Over the ensuing months, the defendant continued to identify additional documents that the government had produced but were privileged. Ultimately, the defendant sought a ruling that the government had waived its right to assert privilege over the documents it had produced.

The court in Sensient Colors concluded the privileged documents were inadvertently produced by the government and that the requirements of FRE 502(b) were met as to the first group of documents the defendant returned. However, as to the subsequently identified privileged documents, the court ruled that the government waived its right to assert privilege under Rule 502(b) as to those documents because it had failed to promptly take reasonable steps to rectify its error after being notified of the initial inadvertent production.

The explanatory note to FRE 502 provides: “The Rule does not require the producing party to engage in a post-production review to determine whether any protected communication or information has been produced by mistake.” However, the court in Sensient Colors concluded that once a party has been put on notice that privileged information has been inadvertently produced, Rule 502(b)(3) requires the producing party take “prompt and reasonable steps to reassess its document production.” The court in Sensient Colors concluded the government failed to act reasonably and diligently to correct its error and waived its privilege and work-product protection as a result.

Carefully draft non-waiver orders and agreements

Sensient Colors demonstrates the importance of carefully drafting any non-waiver orders or agreements. The parties included two provisions in their joint discovery plan which ultimately failed to protect the government against a waiver of privilege. The first provision specifically addressed the issue of waiver and provided:

Non-waiver: By exchanging documents or information with each other, the Parties do not waive any privilege, confidentiality or other protection from production that otherwise applies to such documents or information.

The discovery plan also included a provision on inadvertent production:

The Parties agree that the inadvertent production of privileged documents or information (including ESI) shall not, in and of itself, waive any privilege that would otherwise attach to the document or information produced.

Addressing these provisions of the parties’ joint discovery plan, the court initially observed that if the non-waiver provision was applied as written, it would render the inadvertent production provision superfluous. The court did not address how the defendant could challenge the terms of the joint discovery plan or why it should be allowed to make such a challenge, once it had agreed to its terms. At one time, a lawyer’s word was his bond. Lawyers seem to have forgotten that in today’s digital era.

The court further observed that the parties discovery plan did not provide that they were excused from the requirements of Rule 502(b). Reconciling these provisions, the court ruled that by including the phrase “in and of itself” in the inadvertent production provision of their joint discovery plan, the parties were merely agreeing that the unintentional production of privileged information did not result in a waiver. The court ruled the parties intended to incorporate a “flexible” standard when determining if a waiver occurred. As support for that conclusion, the court in Sensient Colors quoted a passage from Koch Materials Co. v. Shore Slurry Seal, Inc., 208 F.R.D. 109, 118 (D.N. J. 2002), which explains that courts “generally frown upon ‘blanket’ disclosure provisions” because they essentially immunize “attorneys from negligent handling of documents, [and] could lead to sloppy attorney review and improper disclosure which could jeopardize clients’ cases.”

The court in Sensient Colors also noted the absence of any clawback provision in the discovery plan. It observed that if the parties had intended to implement a clawback procedure, they would have specifically mentioned a clawback provision in their discovery plan. However, Fed. R. Civ. P. 26(b)5(B), outlines the process parties are to follow when an inadvertent production occurs. The court did not clarify whether it was suggesting that the inclusion of a clawback agreement would trump Rule 26(b)5(B)’s procedures, but it never hurts to include a clawback in any FRE 502 non-waiver order.

The entry of a Rule 502 non-waiver order generally will not obviate the requirement that the producing party take reasonable steps to prevent an inadvertent disclosure from occurring. And, the court in Sensient Colors concluded that the parties joint discovery plan did not preclude a finding that attorney client privilege or work-product protection could be waived even though the parties agreed that by exchanging documents they did not waive privilege.

Sensient Colors is an example why many general counsel believe that the passage of Fed. R. Evid 502 will not materially lessen the costs of electronic discovery.

Re-review required once on notice that privileged documents were inadvertently produced

The court in Sensient Colors had little difficulty concluding that the first two prongs of Rule 502(b) were met. The court did not question that the government’s production was inadvertent in the sense that it was “not intended.” It explained, however, that subjective intent is not controlling. Whether a production inadvertently occurred within the meaning of rule 502(b) is determined by examining if the producing party took reasonable precautions to the prevent an error from occurring. The court found the government readily satisfied the requirements of Rule 502(b)(1) and (b)(2).

The court recognized that the document production was substantial and that the volume of inadvertently produced documents were relatively minor (214 documents). Additionally, the government did not erroneously produce the same document on multiple occasions. The court found that the government took reasonable steps prior to production by using twelve attorneys and paralegals from the Department of Justice to review its documents. The court further acknowledged that the government made “a commendable effort to employ a sophisticated computer program to conduct its privilege review.”

So what went wrong in Sensient Colors?

After being initially notified that it had inadvertently produced privileged information, eight days later the government confirmed its error and advised the defendant that the documents were indeed privileged. That was sufficient to meet Rule 502(b)(3)’s requirement as to the first group of documents returned by the defendant. The court noted that prior to that point in time, the government was not on notice of any problem with its document production.

Regarding the subsequently identified privileged documents, the court reached the opposite conclusion. Once the government was advised that it had produced privileged information, “it was on notice that something was amiss with its document production and privilege review.” Thus, the court held the government should have promptly re-assessed its procedures and re-checked its production in order to comply with Rule 502(b)(3)’s requirement that the producing party promptly take reasonable steps to rectify its error. The court in Sensient Colors relied upon Preferred Care Partners Holding Corp. v. Humana, Inc., 2009 WL 982449 *14 (S.D. Fla. April 9, 2009), for the proposition that once a party is aware that it inadvertently produced privilege information, it has an obligation “to ensure that no additional privileged documents were divulged.” Because the defendant continued to identify privileged documents it had received while the government took more than three months to confirm that it had inadvertently produc
ed additional privileged documents, the court ruled that the privilege had been waived.

The court in Sensient Colors also commented on a “glaring omission” in the government’s submissions to the defendant’s waiver arguments. The court noted that the government failed to provide any meaningful details regarding the steps it took immediately after being notified that it had inadvertently produced privileged information. All the government proffered was that it began to re-review the documents returned to it for privilege. The government’s declarations were silent as to what steps it took to assure the accuracy and completeness of its entire document production, not just the documents that the defendant had flagged as inadvertently produced.

So several practical points bear mentioning. First, once a party is notified that it has produced potentially privileged documents, do not delay in responding to your opponent’s notification. The third element of Rule 502(b) requires that a prompt response be made by the producing party. The producing party should promptly confirm whether the documents are in fact privileged, and if so, assert privilege over the inadvertently produced documents and demand their return.

Second, Rule 502(b) requires the producing party establish its reasonable care both before a production occurs and after receiving notice that it has inadvertently produced privileged information. So keep track of what steps were taken by you, the client and any ediscovery vendor both before the production occurred and afterwards so that you are in a position to adequately litigate the issue of privilege waiver. Don’t forget about Rule 502(b)(3)’s requirements, and be prepared to outline in detail what steps were taken and when they were taken to insure that no other privileged documents were produced.

Finally, once you have responded to opposing counsel and have confirmed the assertion of privilege over the inadvertently produced documents, you should also consider promptly reviewing all of the documents that had been originally produced to the opposing party to determine if any other privileged documents were inadvertently produced. After Sensient Colors, you can’t necessarily rely on a non-waiver agreement with your opponent to protect you and the client. If you discover additional documents that were inadvertently produced, immediately notify opposing counsel that you are asserting privilege as to those documents and demand their return. While your immediate focus should be the return of the privileged documents or data that you know are in the possession of your opponent, Sensient Colors teaches that you also need to promptly review the previously produced documents and how you screened them for privilege.

Conclusion

I wonder if Rod Serling were still alive how he would handle the attorney’s nightmare of inadvertently produced privileged information. One of my favorite Twilight Zone episodes was “Nightmare at 20,000 Feet.” In that episode, a gremlin appeared on the wing of an airplane that could only be seen by one passenger. That episode was ultimately remade into the Twilight Zone movie. Borrowing heavily from “Nightmare at 20,000 Feet” the attorney’s episode would pan to a tired and distraught attorney and the opening narration for the episode would begin:

“Portrait of a frightened attorney: thirty-seven, partner at a reputable law firm, husband, and father of three who until recently had been in charge of defending a major lawsuit where privileged information was inadvertently produced to his client’s top competitor. Tonight, beset by insomnia, and questioning how this could have happened, he returns to the office and turns on the computer used to create the database containing the privileged information in an attempt to determine why and how the mistake occurred. His ultimate destination is one of the darkest corners of the Twilight Zone.”

Perhaps Mr. Serling would have the gremlin take up residence in the computer system so that it could only be seen by that attorney when he looks at his computer screen.

When a party takes reasonable steps before a production occurs and after it has been notified of an inadvertent production, Rule 502(b) should prevent that gremlin from doing anymore dirty work. However, it is easier said than done.

Introduction.

Stengart addressed whether the attorney-client privilege protected a former employee’s emails that were sent to her attorney using a company-issued laptop computer through a personal, password-protected, web-based (Yahoo) email account. The emails addressed a lawsuit the former employee contemplated bringing against her employer and were sent to the employee’s personal attorney prior to her resignation from the company. The company obtained the emails after suit was filed by making a forensic image of the computer’s hard drive and extracting them from the plaintiff’s internet browser history.

The court in Stengart concluded the emails were privileged, holding the policy considerations underlying the attorney-client privilege “substantially outweighed” the company’s interest in enforcing its computer use and electronic communications policy. The decision is also significant in that the court remanded for an evidentiary hearing to determine whether the company’s attorneys should be disqualified or if some other sanction should be imposed as a result of their failure to comply with Rule 4.4(b) of the New Jersey Rules of Professional Conduct. The New Jersey rule, like Rule 4.4(b) of the Model Rules, requires that whenever a lawyer has reasonable cause to believe that a document was inadvertently produced, the lawyer should not read it, and must promptly notify the sender.

The court’s decision in Stengart should be contrasted with Scott v. Beth Israel Medical Center, 17 Misc. 934, 847 N.Y.S.2d 436 (2007), which held the attorney-client privilege was lost when the plaintiff used the company’s email system to communicate with his attorney in view of the company’s no personal use and email monitoring policies coupled with the plaintiff’s awareness of those policies. The Stengart and Beth Israel decisions demonstrate that whether an employee’s communication with personal counsel retains its privileged nature when made via the company’s computer or email system involves a fact-specific inquiry. This post will address those decisions and will outline the factors that courts have examined when addressing the issue of attorney-client privilege in this context.

Ambiguous Electronic Communications Policy.

In Stengart, the plaintiff disputed whether the company’s electronic communications policy was in effect or was merely in draft form at the time she sent the emails, and whether the policy applied to executives such as the plaintiff. While the appellate court noted that the privilege issue should not have been decided absent an evidentiary hearing addressing these points given the factual dispute in the record, that was not the basis of the court’s holding.

The court also noted several ambiguities in the company’s electronic communications policy. In its employee handbook, the company reserved “the right to review, audit, intercept and disclose all matters in the company’s media systems and services at any time, with or without notice.” However, the policy neither defined nor suggested what was encompassed by the phrase “media systems and services,” and the court concluded that those words alone did not convey “a clear and unambiguous understanding about their scope.”

The company policy clearly provided: “E-mail and voice mail messages, internet use and communication and computer files are considered part of the company’s business and are not to be considered private or personal to any individual employee.” It further stated, however, that “occasional personal use” of those systems was permitted. The court in Stengart observed the policy made no attempt to explain when such personal use was permitted and ruled “[a]n objective reader could reasonably conclude … that not all personal emails are necessarily company property because the policy expressly recognizes that occasional personal use is permitted.”

Stengart noted “[t]hese ambiguities cast doubt over the legitimacy of the company’s attempt to seize and retain personal emails sent through the company’s computer via the employee’s personal email account.” While the electronic communications policy was obviously relevant to whether the communication was confidentially made, the court again chose not to base its decision on the ambiguities in the company policy. Rather, the court explained:

Giving the company the benefit of all doubts about the threshold disputes mentioned in earlier sections of this opinion, as well as the broadest interpretation of its electronic communications policy permitted, despite the obvious ambiguities in the policy’s text, we nevertheless are compelled to conclude that the company policy is of insufficient weight when compared to the important societal considerations that undergird the attorney-client privilege. As a result, we conclude that the judge exhibited inadequate respect for the attorney-client privilege when she found that plaintiff “took a risk of disclosure of her communications and a risk of waiving the privacy she expected” when she communicated with her attorney through her work-issued computer, and that plaintiff’s action in the face of the policy “constitute[d] a waiver of the attorney client privilege.” Accordingly, we reverse the order under review and conclude that the emails exchanged by plaintiff and her attorney through her personal Yahoo email account remain protected by the attorney-client privilege.

The Issue as Framed in Stengart Balanced the Company’s Right to Create Workplace Rules Against the Public Policies Underlying the Attorney-Client Privilege.

In order to claim attorney-client privilege, the party asserting the privilege must demonstrate that the communication was confidential when made and expected that its confidential nature would be maintained. See, e.g., Edna S. Epstein, The Attorney-Client Privilege and Work Product Doctrine, at 235 (5th ed. 2007). Various courts have examined the circumstances surrounding an email communication, and have concluded that the privilege is waived when “the holder of the privilege voluntarily discloses or consents to the disclosure of any significant part of the communication to a third party or stranger to the attorney-client relationship.” Power Boot Camp, Inc. v. Warrior Fitness Camp, 587 F.Supp. 2d 548, 563 (S.D.N.Y. 2008).

In Beth Israel, the appellate court outlined four factors relevant to the issue of confidentiality, which is a prerequisite to attorney-client privilege in this context. Those factors address whether:

(a) the company maintains an electronic communication policy banning personal or other objectionable use;

(b) the company monitors the use of its employees’ computers or email;

(c) third-parties have a right of access to its computers or emails; and

(d) the company notifies its employee or whether the particular employee was aware of the company’s use and monitoring policies.

The court in Beth Israel recognized that when an employee sends an email to his personal counsel via the company’s computer system knowing the company has a policy of monitoring and examining those emails, the employee could not legitimately claim he sent the email expecting it would remain confidential. However, another appellate court in People v. Jiang, 131 Cal. App. 4th 1027, 33 Cal. Rptr. 184, 205 (2005), held that an employee’s emails to his attorney were privileged notwithstanding the fact that they were sent via his employer’s computer. In Jiang, the court determined that the privilege was not lost in view of the employee’s “substantial efforts to protect the documents from disclosure by password-protecting them and segregating them in a clearly marked and designed folder.” Additionally, the policy on electronic communications in Jiang did not specifically prohibit the employee’s personal use of the company’s computer system.

Accordingly, the scenario presented in Stengart was factually analogous to Jiang. However, the appellate court in Stengart did not approach the privilege issue from the perspective outlined above. Instead, the court noted that “an employer’s rules and policies must be reasonable to be enforced,” and framed the issue as one which required the court’s “balancing of the company’s right to create and obtain enforcement of reasonable rules for conduct in the work-place against public policies underlying attorney-client privilege.”

With the issue framed in this fashion, the appellate court in Stengart concluded that while a company may monitor its employees’ computer use and take appropriate disciplinary action when the employee engages in personal matters during work hours, “that right to discipline or terminate, however, does not extend to the confiscation of the employee’s personal communications.” The court ultimately concluded that an employer’s policy which transformed all private communications into company property merely because the company owned the computer used to make the private communication or to access the private information during work hours “further[ed] no legitimate business interest.” The court in Stengart added:

Certainly, the electronic age – and the speed and ease with which many communications may now be made – has created numerous difficulties in segregating personal business from company business. Today, many highly personal and confidential transactions are commonly conducted via the Internet, and may be performed in a moment’s time. With the touch of the keyboard or click of the mouse, individuals may access their medical records, examine activities in their bank accounts and phone records, file income tax returns, and engage in a host of other private activities, including, as here, emailing an attorney regarding confidential matters. Regardless of where or how these communications occurred, individuals possess a reasonable expectation that those communications will remain private.

Stengart Should be Read in Light of New Jersey’s Recognition of a Broad Right to Informational Privacy Under the State Constitution.

Because the existence of a privilege results in the withdrawal of potentially relevant information from the judicial process, many courts have strictly construed the attorney-client privilege. See, e.g., Fisher v. United States, 425 U.S. 391, 403 (1976) (observing “since the privilege has the effect of withholding relevant information from the fact finder, it applies only when necessary to achieve its purpose”). Foster v. Hill, 188 F.3d 1259, 1264 (11th Cir. 1999) (holding the party invoking the attorney-client privilege has the burden of establishing its applicability which is “narrowly construed”).

Stengart’s approach to the privilege issue should be read in light of the broad right to privacy recognized by New Jersey courts under the New Jersey State Constitution. See, e.g., State v. Reid, 389 N.J. Super. 563, 914 A.2d 310, 317 (2007) (noting a line of decisions which are “highly protective” of an individual’s right to privacy even when the information sought is in the hands of a third party). For example, while federal courts have routinely held that internet subscribers have no right of privacy with respect to identifying information on file with their internet service providers, the appellate court in Reid reached the opposite conclusion based upon the right of privacy afforded by the New Jersey State Constitution. Id. The court in Reid noted that of those States that have an explicit right of privacy in their State Constitutions, only New Jersey has recognized a right to “informational privacy.” Id. at 313-14. Stengart suggests that the issue of privilege waiver in this context involves not only a fact-bound inquiry, but also one that may be jurisdictionally specific, making broad generalizations or bright-line approaches to the issue problematic.

Do Not Ignore Applicable Ethical Rules.

In Stengart, company’s attorneys did not notify the plaintiff or her counsel that the company had extracted the emails from the computer she had used before producing them in discovery. The appellate court in Stengart concluded that counsel’s actions were inconsistent with the obligations imposed by Rule 4.4(b) of the New Jersey Rules of Professional Conduct. The court criticized counsel’s approach in the case, noting that counsel had “appointed itself the sole judge of the issue and made use of the attorney-client emails without giving plaintiff an opportunity to advocate a contrary position.”

Thus, a lesson to be learned from Stengart is that whenever an attorney receives potentially privileged or confidential information relating to the opposing party, that attorney should carefully consider how that information was obtained. Was its production intentional or inadvertent? Counsel should then review the applicable rules of professional conduct and consider whether to consult with a knowledgeable attorney concerning your ethical duties under the circumstances presented. The safest course of action is to promptly notify opposing counsel about your receipt of any confidential or privileged information. When the issue cannot be informally resolved with opposing counsel, bring the matter to the court’s attention and allow the court to resolve the issue before using or further disclosing the information in discovery.

Factors To Consider Involving Privilege And Email Communications.

Courts generally view the use of email as simply another form of communication and apply privilege rules that have developed in the context of written and oral communications between the attorney and client. There are unique technological aspects to the use of email – they can reside in a “sent file,” on a computer’s hard drive, an email server or on backup tapes. Internet service providers will also possess email communications for short periods of time. We have previously posted one of our PowerPoint slides which depicts the potential routes that a single email can take and where it can be found which can be seen here. However, no court has ever held that the technologically unique features of email communication defeats the attorney-client privilege.

The mere fact that a company computer is used by an employee should not result in a loss of the privilege. See Curto v. Medical World Communications Inc., 2006 WL 1318387 (E.D.N.Y. 2006) (holding privilege applied to emails sent from an employee’s home office on a company issued laptop that was not connected to the company’s email server). No one would argue that an employee who uses a company phone to call an attorney from the privacy of his or her own office thereby loses the right to claim their conversation was privileged. The mere use of a company computer does not necessarily change the privilege equation.

Similarly, a company prohibition on the personal use of communication equipment does not necessarily vitiate the privilege. While an employee may be disciplined for violating a company policy by making a personal phone call from the privacy of his or her office, the mere violation of a company policy would not defeat the claim of privilege. However, where a company prohibits personal use of company equipment, advises its employees that it reserves the right to monitor and review their electronic communications and does so, then the employee will have difficulty claiming that the communications made in confidence to the attorney.

As Jiang demonstrates, an employee’s use of password protected web-based email account will bolster the employee’s claim of privilege as would the use of encryption software. On the other hand, the use of a shared computer and/or the existence of shared passwords on a company computer will lessen the strength of any privilege argument. Copying others on emails between the attorney and the client can result in the privilege being lost as one of our prior posts explains. A company’s failure to explicitly prohibit the personal use of its email and computer systems, or ambiguities in such a policy are additional factors that several courts have noted when addressing the issue.

Beware of the Stored Communications Act When Accessing an Employee’s Web-based Email.

The Stored Communications Act, 18 U.S.C. §2701, prohibits the access of an “electronic communication service” without proper authorization. The Act is violated when a person accesses an electronic communication service or obtains an electronic communication while in electronic storage without authorization. Several courts have concluded that emails stored on an electronic communication service provider’s system constitute “stored communications” under the Act. See Power Boot Camp, 587 F.Supp. 2d at 555 (collecting cases). The district court in Power Boot Camp concluded that when a company accessed, without proper authorization, its former employee’s Hotmail account emails from the company computer he had purportedly used to view those emails, the Act was violated.

While the district court in Power Boot Camp recognized that an employee’s implied consent may provide sufficient authorization under the Act to permit an employer’s access to an personal email account, statements in an employee handbook must provide clear notice of that fact. While the former employee in Power Boot Camp may have been on notice that the company’s computers could be searched for evidence of his personal use, he was not aware that such a search could include his Hotmail, Gmail or any other web-based mail accounts. Thus, the company policy was not sufficiently specific to dodge a violation of the Act.

Privilege and privacy issues involving an employee’s personal email communications is an evolving area of law that will continue to develop with technological advancements. As these decisions demonstrate, attorneys and their clients must take care when reviewing potentially privileged or confidential information communicated by an employee via a company-issued computer over the internet.

Heriot addresses the inadvertent production of privileged materials by an ediscovery vendor. Because the law firm that retained the vendor had taken reasonable steps to review the documents prior to their production, and took prompt steps to rectify the inadvertant disclosure once they learned of it, the court ruled the disclosure was inadvertent and did not result in a waiver attorney-client privilege under Fed. R. Evid. 502(b). The decision also serves as a stark reminder of the care which must be taken in selecting an ediscovery vendor, and the American Bar Association Ethics Opinion addressing a lawyer’s obligations when outsourcing legal and nonlegal services.

However, after reading the court’s analysis of the parties’ Rule 502(b) arguments, I was struck by how unnecessary it all was. I tried to imagine the number of hours the district court spent reviewing the documents which had been submitted for an in camera inspection, reviewing the parties’ briefs, and then drafting its opinion resolving the Rule 502(b) issues that were presented. I thought of the hours, and literally the thousands of dollars that were wasted litigating the inadvertent waiver issue. Much of that time, money and effort could have been avoided had the parties simply entered into a non-waiver order under Fed. R. Evid. 502(d).

So, before stepping off the soap box and getting back to Heriot, let us provide a practical suggestion to lower your ediscovery and litigation costs – enter into non-waiver orders under Fed. R. Evid. 502(d). The Note to Rule 502(d) explains that once a non-waiver order is entered in a federal proceeding, “its terms are enforceable against non-parties in any federal or state proceeding.” That Note further explains the agreement of the parties is not a condition to the entry of, or the enforceability of a non-waiver order. As indicated in one of our prior posts, Rule 502 non-waiver orders are the gold standard to follow when seeking protection against the inadvertent waiver of privilege.

The Heriot lawsuit involves competing claims over the ownership of the copyright to a television documentary called “The Secret.” A web site for The Secret found at http://www.thesecret.tv claims that it reveals:

[T]he most powerful law in the universe. The knowledge of this law has run like a golden thread through the lives and the teachings of all the prophets, seers, sages and saviors in the world’s history, and through the lives of all truly great men and women.”

The web site further claims: “By knowledge of this law, you can change every aspect of your life.” It will unlock “the secret to prosperity, health, relationships and happiness.” I know what you are thinking … if I had only learned the secret before I played last week’s Lotto.

The plaintiffs were Drew Heriot, an Australian director of The Secret, and Drew Pictures, an Australian production company, which employed him to direct the documentary. The defendants were various individuals who were involved in The Secret’s development, who counterclaimed seeking a declaratory judgment that they were the sole owners of the copyright.

The plaintiffs retained an ediscovery vendor to provide electronic scanning, the addition of optical character recognition (OCR) to their documents, and other discovery related services. The vendor created a database of the documents provided by the plaintiffs. Plaintiffs employed paralegals and other non-lawyers to conduct a preliminary review of documents, and assign them general pretrial discovery codes, including one code addressing Mr. Heriot’s immigration status. Additionally, documents would be marked either “Confidential” or “Highly Confidential” pursuant to a stipulated protective order. After the documents were reviewed and coded, they were copied and loaded by the vendor into a “production database.”

Defendants sought in discovery all documents relating to Mr. Heriot’s visa applications. Unfortunately, a number of the documents produced by the vendor to the defendants were obtained from Mr. Heriot’s immigration lawyer. Less than one month after their production, plaintiffs’ counsel learned of their inadvertent disclosure. Counsel immediately sent a letter to the defendants explaining that privileged documents had been inadvertently produced, and requested their destruction. Defendants directed their ediscovery vendor to seal off all access to the documents identified in that letter, and destroyed all but one set of the documents which they submitted to the court for an in camera inspection, arguing that plaintiffs’ production had waived any claim of privilege.

Application of Rule 502(b)

The court initially concluded that FRE 502 was applicable, even though the lawsuit was filed before its effective date. The court noted that in Judson Atkinson Candies, Inc. v. Latini-Hohberger Dhimantec, 529 F.3d 371, 388 (7th Cir. 2008), the Seventh Circuit adopted a balancing approach to claims involving the inadvertent waiver of privilege which among other things considers: “(1) the reasonableness of the precautions taken to prevent disclosure; (2) the time taken to rectify the error; (3) the scope of the discovery; (4) the extent of the disclosure; and (5) the overriding issue of fairness.” These same factors are mentioned in the Explanatory Note to Rule 502(b). The court in Heriot concluded that the factors outlined in Judson “have been folded into the entire FRE 502(b) inquiry.” The court also observed the Note to Rule 502(b) explains that while the rule is flexible enough to accommodate these factors, it did not explicitly codify them because they are considered “a set of non-determinative guidelines that vary from case to case.”

Thus, the court in Heriot fashioned the following test in applying FRE 502(b). First, a court should determine whether the disclosed material is privileged. If the material is not privileged for any reason, the inquiry ends. If a court finds that the material is privileged, it should then address Rule 502(b)’s requirements. If the court concludes that the disclosing party satisfied all of FRE 502(b)’s elements, privilege has not been waived. If, however, the disclosing party fails to satisfy any of Rule 502(b)’s three requirements, the privilege is deemed to have been waived. The court Heriot concluded that a court is free is to consider any or all of Judson’s five factors, provided they are relevant in evaluating whether any of Rule 502(b)’s elements have been satisfied.

Information Required to Determine Whether Documents are Privileged

Defendants initially challenged the plaintiff’s claim of privilege by arguing that plaintiffs had merely provided a conclusory assertion that the documents constituted privileged communications between Mr. Heriot, and his immigration lawyer. The court observed that while that may be true; asking for more specificity could force a party to disclose privileged information which is not required under the rules. Rule 26(b)(5)(A)(ii) expressly contemplates a description of the protected documents or communications “in a manner that, without revealing information itself privileged or protected, will enable the other parties to assess the claim.”

The Crime-Fraud Exception Conundrum

Defendants also raised the crime-fraud exception, which places communications made in furtherance of a crime or fraud outside the realm of the attorney-client privilege. The court in Heriot recognized that following United States v. Zolin, 491 U.S. 554, 573 (1989), an in camera inspection is only warranted when a party provides an adequate factual basis to support a good faith belief by a reasonable person that an in camera review of the materials may reveal evidence establishing the applicability of the crime-fraud exception.

The purpose of the Zolin rule is to prevent district courts from having to engage in lengthy document reviews. Heriot, however, noted a conundrum raised by Zolin’s framework. In most instances, a district court will have already conducted a document-by-document review to determine whether they are privileged, rendering the purpose of the rule illusory.

The court in Heriot found that none of the defendants’ arguments established a sufficient basis to support a good faith belief that an in camera review would reveal evidence establishing the applicability of the crime-fraud exception. Moreover, based upon its actual review of the documents for privilege, the court ruled that none of the communications between Mr. Heriot, and his lawyer demonstrated that he was attempting to perpetrate a fraud by soliciting fake deals to convince the government to issue him a visa for entry into the United States.

Inadvertence Under FRE 502(b)

The court initially addressed the defendants’ argument that the production of a significant number of privileged documents established the production was not inadvertent. Depending upon whether the number of pages or documents involved in the production was used as the benchmark, the amount of material that was inadvertently produced ranged between 5% and 13% of the entire production. The court in Heriot observed that under either calculation, the extent of the disclosure was broad, and could not be characterized as insignificant.

However, in the court’s view, the producing party’s actions after discovering the inadvertent disclosure carries more weight in determining whether its production was in fact inadvertent. The court noted that within 24 hours of learning about the inadvertent production, plaintiffs sent a letter to the defendants identifying the privileged documents, and requesting they be destroyed. Moreover, the fact that the plaintiffs used reasonable procedures to review the documents before they were sent to the ediscovery vendor also weighed in favor of a finding of inadvertence. The fact that “paralegals and other non-lawyers” were employed to screen the documents, rather than lawyers, was not a determinative factor because no problems had occurred in the initial document review. The error occurred after the documents were provided to the ediscovery vendor.

Prior to production, counsel for the defendants inquired if plaintiffs were intending to withhold any privileged documents, and plaintiffs’ counsel indicated they were not. Defendants argued that had a reasonable inquiry been made before responding, plaintiffs’ counsel would have discovered the inadvertent production. Rejecting the argument that counsel’s statement established plaintiffs knowingly disclosed privileged documents, the court in Heriot observed that Rule 502(b) “does not require the producing party to engage in a post-production review to determine whether any protected communication or information has been produced by mistake.” Accordingly, plaintiffs had no duty to make a second review of their documents after they were provided to their ediscovery vendor. In the court’s view, requiring such a second review would chill the use of ediscovery vendors, and introduce a level of costs that the rule was intended to avoid.

Finally, the court noted that there were no obvious warning signs or indications which should have put plaintiffs’ counsel on notice that protected communications or information had been inadvertently produced.

Thus, in evaluating whether the production had been inadvertent, the fact that a significant number of privileged documents had been produced was outweighed by the other factors considered by the court. Therefore, the court concluded that the production had been inadvertent, and the first element of Rule 502(b) was met.

Reasonable Steps to Prevent the Inadvertent Disclosure

The second element of FRE 502(b) requires that reasonable steps be taken in an attempt to prevent an inadvertent disclosure from occurring. The court in Heriot noted that Laethem Equip. Co. v. Deere & Co., 2008 WL 4997932 (E.D. Mich. Nov. 21, 2008), held that an inspection procedure after a discovery vendor had copied documents, but before they were disclosed to opposing party, was a reasonable approach to prevent the inadvertent production of privileged documents. The court in Heriot concluded that whether the review procedure occurs before or after the documents are provided to an ediscovery vendor should not change the outcome. So long as the review procedures in place prior to turning documents over to a vendor are reasonable, the second element of Rule 502(b) was met.

The court also observed that the Note to Rule 502(b) explains that a party’s use of “advanced analytical software applications and linguistic tools in screening for privilege,” and the “implementation of an efficient system of records management before litigation” are relevant factors that can be considered in determining whether reasonable steps were taken to prevent an inadvertent disclosure. However, the plaintiffs in Heriot did not use any analytical software tools to screen for privilege, and no information was presented to the court concerning the records management system that was in place prior to the litigation, so the court had no occasion to address those factors in its opinion.

Steps Taken to Rectify the Inadvertent Disclosure

The court in Heriot had little difficulty in concluding that once plaintiffs’ counsel learned of the inadvertent disclosure, prompt steps were taken to rectify the situation. Defendants argued that it took the plaintiffs approximately a month to learn of its inadvertent disclosure which suggested that reasonably prompt steps were not taken. The court rejected that suggestion, and observed “how the disclosing party discovers and rectifies the disclosure is more important than when after the inadvertent disclosure the discovery occurs.” In Heriot, plaintiffs’ counsel learned of the inadvertent disclosure while preparing for a deposition, and immediately wrote to opposing counsel. Consequently, the third element of Rule 502(b) was met.

ABA Ethics Opinion 08-451

Last August, the American Bar Association promulgated a formal Ethics Opinion addressing a lawyer’s obligations when outsourcing legal and non-legal services. [Download PDF of that opinion.] It should be read by any lawyer who is involved in ediscovery. Please recognize that the ABA’s Ethics Opinion is based on the Model Rules of Professional Conduct, and not all states have updated their respective Rules of Professional Conduct to conform to the Model Rules. The Rules of Professional Conduct adopted in each individual state are controlling. However, the ABA’s Ethics Opinion provides a respected view of these issues which simply shouldn’t be ignored.

In that Ethics Opinion, the ABA readily concluded there was nothing unethical about a lawyer outsourcing legal or non-legal services, “provided the outsourcing lawyer renders legal services to the client with the ‘legal knowledge, skill, thoroughness and preparation reasonably necessary for the representation,’ as required by Rule 1.1.” Rules 5.1 and 5.3(b) impose supervisory responsibilities on the outsourcing lawyer. Rule 5.3(b) specifically requires that when outsourcing services to a nonlawyer, “reasonable efforts” be made to ensure the nonlawyer’s conduct “is compatible with the professional obligations of the lawyer.” Accordingly, the challenge for an outsourcing lawyer is “to ensure that tasks are delegated to individuals who are competent to perform them, and to oversee the execution of the project adequately and appropriately.”

That Ethics Opinion goes on to note “[a]t a minimum, a lawyer outsourcing services . . . should consider conducting reference checks and investigating the background of the lawyer or nonlawyer providing the services as well as any nonlawyer intermediary involved.” The opinion further observes that when the relationship with “the individuals performing the services is attenuated, as in a typical outsourcing relationship, no information provided by Rule 1.6 may be revealed without the client’s consent.” The Opinion explains that the implied authorization of Rule 1.6 which permits the sharing of “confidential information within a firm does not extend to outside entities or to individuals over whom the firm lacks supervision and control.”

Particularly relevant to Heriot is one aspect of the Ethics Opinion which “requires the lawyer to recognize and minimize the risk that any outside service provider may inadvertently – or perhaps even advertently – reveal client confidential information to adverse parties or to others who are not entitled to access. Written confidentiality agreements are, therefore, strongly advisable in outsourcing relationships.” Additionally, the Ethics Opinion strongly suggests that the outsourcing lawyer should verify that its service provider “does not also do work for the adversaries of their clients on the same or substantially related matters,” in which case the lawyer should choose another vendor.

Many of these statements reflect common-sense practices. For example, it is always wise to discuss with a client the use and selection of an ediscovery vendor, even when privileged documents will not be handled or reviewed by the vendor. A good resource to consult when selecting an ediscovery vendor is The Sedona Conference’s Best Practices for the Selection of Electronic Discovery Vendors which you can download from Sedona’s website.

So The Secret’s out – Heriot teaches that we all should use non-waiver orders at every opportunity. They provide the best available protection for both the lawyer and the client against the inadvertent waiver of privilege in litigation.

Fed. R. Evid. 502(e) confirms that a clawback or quick peek agreement only binds the parties to the agreement “unless it is incorporated into a court order.” Clawback and quick peek agreements provide no protection as to third parties. Thus, while you may avoid a claim of waiver as to information inadvertently produced to a party who signed such an agreement, other parties in that litigation who are adverse to you, and who were not signatories to your agreement, as well as parties in other cases, can claim that your quick peek agreement is not enforceable against them. They will argue that allowing your opponent to potentially view privileged documents without taking any precautions to ensure that privileged information was not reviewed by opposing counsel (other than simply entering into the quick peek agreement) waived attorney-client privilege and the work-production protection as to them. For further insight into the use of quick peek and clawback agreements, see Hopson v. City of Baltimore, 232 F.R.D. 228, 244 (D.Md. 2005).

At one time, quick peek and clawback agreements were the best available option when seeking protection against the inadvertent waiver of privilege. However, they are no longer the only game in town. Non-waiver orders under Fed. R. Evid. 502(d) have supplanted the use of clawback and quick peek agreements as the gold standard to follow.

Rule 502(d) authorizes a federal court to enter a non-waiver order, and once entered, a disclosure of privileged information in that proceeding does not constitute a waiver of attorney-client privilege in any other state or federal proceeding. Moreover, the agreement of the parties is not a prerequisite to the entry of a non-waiver order under Rule 502(d), nor to the enforceability of such an order. Fed. R. Evid. 502 requires no particular showing be made before a non-waiver order is entered, and seemingly, a district court should be able to enter such an order in a given case sua sponte under its inherent authority to supervise the course of discovery and to control its documents.

Where a state court order provides that the disclosure of privileged information or work product does not constitute a waiver of those protections, that order should be enforceable in a federal proceeding by virtue of 28 U.S.C. §1738. However, Rule 502 does not address the impact which the inadvertent disclosure of privileged information in one state court proceeding has on subsequent state court proceedings. That still is exclusively governed by state law.

So what’s the bottom line? While they are not fool proof, use non-waiver orders in your cases whenever possible. Clawback and quick peek agreements should be relegated to state court litigation where the judge is unwilling to enter a non waiver order.