Monday, February 20, 2017

SHOCKER: When Lawyers Breach Confidentiality (for Profit)




"Akin Gump Lawyer Accused of Trying to Sell Lawsuit Under Seal" --
  • "A Washington lawyer at a prominent firm was arrested in a disguise while trying to sell a copy of a secret lawsuit involving a company that was under investigation by the U.S. Justice Department. Jeffrey Wertkin was picked up Jan. 31 in the lobby of a hotel in Cupertino, California, where he believed he was about to collect $310,000 for selling the lawsuit, according to the Federal Bureau of Investigation."
  • "Wertkin, who worked in Washington for Akin Gump Strauss Hauer & Feld LLP, believed he would hand a copy of a complaint to an employee of the company, which was accused in the complaint by a whistle-blower of falsely billing the government. Wertkin, who was wearing a wig and went by the name of Dan, was met instead by an FBI agent, according to arrest documents unsealed on Feb. 6. “My life is over,” Wertkin told the agent."
  • [The firm states]: "There is no indication that Mr. Wertkin misused any Akin Gump client information. It appears from the criminal complaint that the document he attempted to sell was filed under seal in January of 2016, when he was working at the Department of Justice and months before he joined the firm."
It's important to note the firm's position in this matter with regard to where and when access to the sensitive materials occurred.

But it's equally important to flag the broader risks raised when bad actors gain access to extremely sensitive information. (An individual acting improperly with data obtained months prior to joining a firm, might be equally or even more tempted to continue pursuing such activity.)

Consider that over the years we've covered multiple instances of insider trading and other unsavory (alleged) behavior by rogue actors, both lawyers and staff, working within several firms.

It's one reason why firms are increasingly taking a closer look at internal information governance and security practices, including "pessimistic" or "hybrid" models of access and confidentiality management.

Of course, no policy or approach can completely prevent a determined, trusted bad actor from doing (or attempting) bad things -- that's what makes this particular risk so concerning, and the need for continued vigilance so critical.

No comments:

Post a Comment