Backers Expect Attorney-Client Privilege Bill to Pass


Zach Lowe

The American Lawyer



A bill that would protect attorney-client privilege during federal investigations of corporations gained another major supporter Tuesday when Sen. Jim Webb, D-Va., added his name to the sponsors list.


The bill, which passed the House of Representatives on voice vote, now has the backing of a dozen high-profile senators, 32 former federal prosecutors and a diverse coalition of organizations that includes the American Civil Liberties Union and the Chamber of Commerce, says Susan Hackett, senior vice president and general counsel for the Association of Corporate Counsel.


Hackett is one of several key people who helped draft the legislation last year, and those supporters say they expect the bill to pass easily if the Senate Judiciary Committee votes it out before the Senate’s summer recess.


That it has so much momentum is something of its surprise, even to its supporters, since it emerged from a climate of intense scrutiny of white-collar crime.


“There were a lot of detractors when we first came out with this bill,”

Hackett says. “But this is not a pro-company bill. This is about the fundamental premise upon which all legal counseling is based. We are very pleased with the progress we’ve made.”


The bill would make it illegal for federal prosecutors to order companies to turn over privileged documents as a condition of a cooperating agreement. That has been a popular tactic to get access to the juicy stuff, but it’s already happening less because of the disastrous KPMG tax shelter case, says William Sullivan, a Winston & Strawn partner and former federal prosecutor who spoke at a panel discussion during ALM’s Corporate Counsel Conference earlier this month [ALM is the parent company of The Am Law Daily and The American Lawyer].


In the KPMG case, a federal judge tossed out indictments against several individual defendants after learning that prosecutors banned KPMG from paying their legal fees — a condition the judge considered onerous.


Still, the concern is there. The bill, called the Attorney-Client Privilege Protection Act, would revise the so-called McNulty Memorandum, named for former deputy attorney general Paul McNulty, who wrote the memo. McNulty came up with guidelines purportedly limiting a prosecutor’s right to demand privileged information from companies seeking a plea deal or a deferred prosecution agreement.


The defense bar believed the guidelines did not go far enough; McNulty was actually softening earlier guidelines by former Deputy Attorney General Larry Thompson. The bill would replace those guidelines by simply making the practice illegal.


Sullivan, for one, would like to see the proposed bill go further by calling for penalties for prosecutors found to be in violation.


The bill’s authors thought about that clause but decided against it, says Stephanie Martz, director of the National Association of Criminal Defense Lawyer’s White Collar Crime Project and a major supporter of the bill.


Martz expects the bill to pass whether the Senate gets to it now or under the next president. “There’s no logical reason it shouldn’t pass,”

she says. “We haven’t run into any opposition except from U.S.

Department of Justice officials. It’s not going to matter who the president is.”


Subpoenas Seeking E-Mails Meet Resistance

By Tresa Baldas
The National Law Journal

Civil litigants are increasingly trying to get their hands on e-mails to prove their cases, but Internet service providers are starting to challenge their subpoenas — and courts are starting to rule in their favor.

The range of litigants seeking e-mail content include divorcing couples, defamation victims and those involved in trade secrets disputes, say Internet and data-protection attorneys.

But the subpoenas are costly and upsetting to customers of Internet service providers who want privacy.

“For years, courts just assumed that e-mail was discoverable and viewable, and it looks to me like courts are changing direction and questioning that position,” said Ted Claypoole of the Charlotte, N.C., office of Womble Carlyle Sandridge & Rice, who represents ISPs.

“Most ISPs obviously want to protect their customers if they can, because their customers are who keep them in business,” Claypoole said. “But more importantly, they need a clear-cut rule that tells them how they should behave.”

While not exactly a clear-cut rule, ISPs received a boost recently from the U.S. District Court for the Eastern District of Virginia, which denied a State Farm Mutual Automobile Insurance Co. subpoena asking AOL to disclose various e-mails tied to an insurance claim.

The court held that the Stored Communications Act prohibits ISPs from disclosing e-mail contents in response to a civil subpoena. In re Subpoena Duces Tecum to AOL, 2008 WL 1956266 (E.D. Va.).

For more see

E-Mail at Work: Tips to Keep You Out of Trouble

by Heidi Glenn

Ever wonder whether your boss is looking over your shoulder as you write e-mails from work? You’re not being paranoid. Companies large and small have turned to monitoring employee e-mail, looking for everything from proprietary data leaks to cyberslacking.

E-mail creates the electronic equivalent of DNA evidence, according to the ePolicy Institute, which conducted, along with the American Management Association, surveys of e-mail monitoring among U.S companies. That means your electronic paper trail can be restored and reviewed — and can also be retrieved as part of a future lawsuit’s discovery process.

Here are some suggestions on how to e-mail without worry.

Expect Zero Privacy. Employers are increasingly monitoring staff e-mails, instant messages and Internet usage. According to a 2007 American Management Association survey of 304 U.S. companies, 43 percent of employers store and review employees’ e-mail messages. Nearly 30 percent of them have fired workers for e-mail misuse — for violating company policy, for using inappropriate or offensive language, for excessive personal use, and for breach of confidentiality. So unless your company states otherwise, assume your employer is monitoring your workplace communications, including e-mails and IMs, according to Sharon Nelson, head of Sensei Enterprises, a computer forensics and data recovery company in Fairfax, Va. Nelson suggests that before you hit send, conduct this three-part test: imagine your e-mail in a major newspaper, imagine your mom reading it and imagine it winding up on a billboard along the highway. “If it passes these tests, then it’s fine,” Nelson says.

How Do They Do It? Computer monitoring takes several forms. Most employers use software to automatically monitor e-mail, but many hire staff to read and review chunks of random e-mail, the survey found. Time stamps allow employers to gauge time spent on personal e-mail. And if you’re afraid your boss may have it out for you, be careful: she could be monitoring your e-mail for when you slip up. So avoid using obscene, pornographic, sexual, harassing, discriminatory, defamatory, menacing or threatening language — anything that could make you a liability in your employer’s eyes.

Will I know? Not generally. Two states — Connecticut and Delaware — require that employers notify employees when they’re being monitored. And while an alert at log-in is a best practice for all companies, monitoring e-mail is generally unregulated. Besides, Nelson says, it’s a universal given that the computer you work on is your employer’s equipment. That has been “tested in the courts over and over again. It’s their equipment. It’s their right” to monitor. As head of Sensei, she says “I even assume I’m monitored” by Sensei’s vice president of technology.

G-Mail Is No Refuge. Employers can still recover and read Internet-based e-mail like Yahoo! Mail or Hotmail when it’s opened from a work-based computer. That’s because the e-mail is saved to your local, company-owned hard drive. For this reason, personal e-mail from your attorney opened on your company’s computer may result in waiving the attorney-client privilege.

But I Hit Delete! Computer forensics firms like Sensei can recover work e-mails that you thought you deleted. Over time, e-mail is overwritten from your work’s server, but don’t expect to know whether it’s an e-mail from five days ago or five years ago, Nelson says. She recalls a case involving three stockbrokers who claimed they did not leave with the company database when they separated from their employer.Their e-mail logs indeed said the information had been deleted just before they left, but there was also evidence that their Palm Pilots had been synced up to their computers and, sure enough, forensics discovered the database on their handheld devices.

Disclaimers Aren’t Worth a Darn. Most experts agree the sometimes ridiculously long disclaimers at the bottom of e-mails are worthless, Nelson says. “They’re rote. Nobody’s reading them.” However, she adds, a lawyer may tell you to include them on your e-mails anyway.

Avoid the AutoComplete. One of the most frequent e-mail blunders is the AutoComplete function featured in programs such as Microsoft Outlook. AutoComplete predicts the e-mail address as you type, and if you’re not careful, your message could wind up in a very different inbox than the one you intended. Case in point: the New York Times broke a story early this year that Eli Lilly and Co. was in settlement talks with the government after a lawyer associated with the company accidentally e-mailed confidential information to a Times reporter instead of to her colleague with a similar name. Either double-check that your e-mail’s recipient is who you intend, or try disabling your AutoComplete function.

Watch out for copyrighted material. You wouldn’t make photocopies of a chapter of a book and distribute them, would you? Same goes for electronic publications. So watch out before you send your co-workers and friends a magazine article that your company subscribes to. Say, for example, your company of a few hundred has only a handful of subscriptions to a magazine, but an article is distributed companywide. The publisher is losing out on all that subscription revenue, and your company could be liable. And if the publisher sued, your forwarded e-mails would be discoverable (and your company may be scanning your e-mail to head off potential copyright infringement lawsuits). Kim Jessum, an intellectual property attorney with Stradley Ronon in Philadelphia, suggests that before forwarding articles, find out what’s permissible under the contract with the publisher: Your contract may allow for printing rights, which means you can make a printout copy of the article available to staff.

The email age…

E-mail. It was supposed to make communication easier, maybe even make life more manageable. The benefits are obvious — speed, global reach, mobility. But many people feel burdened rather than liberated. NPR looks at the e-mail assault and how to fight back.

For a variety of excellent articles on this subject, please see

A New Breed of Attorney Enters the Fray

In an article entitled “E-Discovery Attorneys: Hot or Not?” published at, a recruiter named Seth Davis contended that the recent technology boom has produced great demand on the part of corporations and law firms for a new kind of attorney — the e-discovery counsel. This article attempts to define the concept of e-discovery counsel by explaining the type of positions held by e-discovery counsel, and the responsibilities and skills required of them.

E-discovery counsel are attorneys who possess the technical and legal knowledge to understand and manage e-discovery. E-discovery is certainly not new. Attorneys have been involved in it from the moment records were produced through a computer system. However, the volume of electronically stored information involved in litigation today, combined with the complexity and varieties of technology used to store and retrieve ESI, have created a need for attorneys who specialize in e-discovery rather than merely deal with it once in a while as an ancillary matter. E-discovery counsel are sought by law firms that find e-discovery issues increasingly taking center stage in litigation and need a “go-to” person to resolve these issues. E-discovery counsel are also sought by organizations to serve as outside, in-house or national counsel.

Many attorneys who hold themselves out as e-discovery counsel engage in e-discovery as part of a complex litigation practice. However, there is a trend among larger law firms toward creating interdisciplinary groups dedicated to addressing e-discovery issues. Such groups are typically comprised of e-discovery counsel, paralegals and information technology personnel. They are responsible for helping other litigators resolve e-discovery issues that arise in the latter’s cases. Because e-discovery has become a pervasive issue in litigation, attorneys who practice in such specialized groups are likely to concentrate solely on e-discovery-related matters.

For more see

Failure to take “reasonable precautions” before producing privileged communications in email leads to loss of attorney-client privilege

A federal judge in Maryland recently ruled that a company being sued for copyright infringement waived attorney-client privilege for 165 documents accidentally disclosed to opposing counsel during pre-trial discovery.

In a 43-page opinion, the court used language from the original text of proposed new Rule 502 of the Federal Rules of Evidence and held that defendant Creative Pipe Inc. failed to exercise “reasonable precautions” to ensure email communications did not contain sensitive communications before producing the email to plaintiff Victor Stanley Inc. 

Victor Stanley sued Creative Pipe for intellectual property infringement and unfair competition, claiming the company lost educational and government contracts because Creative Pipe inappropriately accessed images from its web site.  During discovery, Creative Pipe allowed an untested keyword search tool to be used to comb through its electronically stored information, uncovering 165 documents of privileged data, including e-mail between Creative Pipe and its legal team.  Creative Pipe produced privileged information commingled with non-privileged information in its email.

Unlike Victor Stanley, the text of proposed Rule 502 submitted to Congress for adoption in December 2008 relaxes the pre-production review standard and only requires parties to take “reasonable steps to prevent disclosure.”  In response to Lexakos testimony in New York in January 2007, the Committee Notes state:

Depending on the circumstances, a party that uses advanced analytical software applications and linguistic tools in screening for privilege and work product may be found to have taken “reasonable steps” to prevent inadvertent disclosure. The implementation of an efficient system of records management before litigation may also be relevant.

Victor Stanley v. Creative Pipe applies a more stringent test and does not adequately take into account the parties’ pre-litigation compliance efforts.  This case is one of the first and what should be many decisions involving the intersection between e-discovery and law of inadvertent disclosure, soon to be codified as Rule 502 of the Federal Rules of Evidence. With the explosion of information in business organizations, in order to have protection and be deemed to have taken “reasonable steps to prevent disclosure,” companies need to have processes to segregate privileged communications from other routine business matters contained in email.

Click here for a copy of the court’s opinion.



Comply Or Die: Data Disposition Must Be A Priority

IT groups rethinking the “save everything forever” approach find deletion and retention policies and tools must be razor sharp to cut through a morass of regulations.


While the oil and gas refined by CVR Energy will someday run out, the company generates a seemingly inexhaustible supply of data: 3 to 5 TB of information in 2008 alone, says CIO and senior VP Mike Brooks. He expects that load to double every year for the foreseeable future. 

Though disk may still be cheap, Brooks says, it just doesn’t make financial sense for CVR to store every bit of electronic information indefinitely. Besides raising hardware, software, and utilities costs, outsized data stores make backups and enterprise search less efficient, and legal e-discovery more burdensome. When you’re paying lawyers hundreds of dollars an hour to review e-mail and documents, a smaller pile means a smaller bill.


That’s why CVR, a $3 billion-a-year refinery based in Sugar Land, Texas, is undertaking a massive data disposition project, hammering out policies that will govern how long the company stores its information and when it can be disposed. Between deletions based on the new rules and other technology approaches, such as deduplication, Brooks hopes to cut CVR Energy’s disk use in half.


He isn’t alone. More organizations are evaluating–if not yet implementing–data disposition strategies. By 2013, half of all Global 2000 companies will have formal records management systems to shepherd data through its life cycle, Gartner estimates.


But this is one area CIOs must approach with caution. There are significant technological, regulatory, and organizational hurdles to clear before organizations can eliminate data with confidence. At the top of the list are compliance and legal. Every industry has government-mandated retention requirements. On the legal side, general counsel and human resources may worry that critical pieces of information that could support their positions–in case of employment discrimination or harassment claims, for example–may be destroyed. 

Technological and organizational challenges are just as daunting. Before you can dispose of information, you must identify it and know every place it resides–not a simple task. And users aren’t quick to give up the mail and documents they produce. As with NRA members, you may have to pry PST files and PowerPoint decks from their cold, dead hands.

For more see