Monday, October 17, 2016

InfoScary (Part 2) : Confidentiality Protection Matters

Information security is not just about preventing external breaches. It’s also about controlling and tracking internal access to and use of sensitive information (both client and firm data). Take protective orders.

Often coming into play during litigation, protective orders limit how sensitive information may be accessed with a firm or disclosed to external parties. In these instances, lawyers, internal staff and external expert witnesses may be required to read and sign the order and follow its guidelines. Such guidelines usually stipulate that only parties actively working on the matter may have access to designated materials in both physical and electronic form. Pleadings filed with the court referring to protected materials may need to be filed under seal. Firms must also control access to such work product during the creation process. This means restricting access to relevant work product stored in generally accessible information repositories such as document management libraries.
Here are a few recent related stories in the news

"Robins Kaplan Sued For $1M Over Disclosing Discovery Docs" --
  • "Robins Kaplan LLP was hit with a $1 million trade secrets suit in California federal court Thursday by two garment manufacturers that allege the firm publicly disclosed confidential discovery information the plaintiffs had filed in underlying copyright infringement suits."
  • "Garment manufacturers and distributors Ms. Bubbles Inc. and R&S Worldwide Inc. are accusing discount clothing retailer Rue 21 and its attorney, David Martinez — the co-chair of Robins Kaplan's retail industry practice groups — of publicly revealing the confidential company information in court filings, violating state and federal trade secrets laws, and causing them at least $1 million in damages."
  • "'Plaintiffs never would have produced the aforementioned information to Rue 21 or its counsel, even under an 'attorney's eyes only' designation, had they known that this information would be disseminated to the public at large through court filings,' the manufacturers contend."
  • "As part of those suits, both manufacturers provided Rue 21 with detailed information about their costs of goods, revenues and profits in response to interrogatories filed by Rue 21, with the expectation that the information would be kept for 'attorneys eyes only.'"
  • "The manufacturers also allege Rue 21 and Robins Kaplan are liable for breach of contract because they violated protective orders that were entered in both of the copyright suits specifically to keep the discovery responses at issue confidential."
  • "The U.S. International Trade Commission on Wednesday publicly reprimanded Quinn Emanuel Urquhart & Sullivan for 'pervasive problems at the firm' in safeguarding confidential business information from Apple Computers that it obtained while representing Samsung in patent litigation against the computer company. No monetary sanctions attached to the reprimand, which stemmed from the fact that the firm breached an administrative protective order issued by the ITC."
  • "The ITC summarized its reprimand: The Commission determined that the law firm of Quinn Emanuel Urquhart & Sullivan breached the Administrative Protective Order by failing to adequately control access to confidential business information ('CBI') in the investigation and litigation in [San Jose federal court]. As a result, Quinn Emanuel attorneys and [Samsung] employees … improperly disclosed CBI to more than 140 unauthorized persons over a 14-month period. Quinn Emanuel is being publicly reprimanded for pervasive problems at the firm in safeguarding CBI."
  • "The ITC also provided a more detailed version of events that related how a junior associate at Quinn Emanuel failed to redact confidential information in one document, which was then repeatedly shared with Samsung employees and at one point was disseminated in an Italian Court."
  • "Firm chair John Quinn issued the following statement: As stated in the ITC order, we had an associate who did not fully redact a small amount of information that had been designated as confidential from an expert report before sending it to our client. Although, as the Commission found, this was inadvertent, it was a serious matter.  Unfortunately, we missed opportunities to discover and remedy the problem, which was compounded when the report was later forwarded to many other lawyers and consultants working on related matters and some of the information was unknowingly included in other documents which were similarly distributed."

No comments:

Post a Comment