In February a federal district court in Virginia issued this opinion on a motion to disqualify counsel for using inadvertently produced documents. Here’s what happened factually:
In an effort to share information electronically, Thomas Cesario, a Senior Investigator for Nationwide Insurance Company, (“Nationwide”), which owns Harleysville, uploaded video surveillance footage of the fire loss scene, (“Video”), onto an internet-based electronic file sharing service operated by Box, Inc. Cesario then sent an email containing a hyperlink to the Box, Inc., internet site, (“Box Site”), by which Wes Rowe of the National Insurance Crime Bureau, (“NICB”), could access the file containing the Video using the internet and download the Video. The Video was placed on the Box Site, and the hyperlink to the Box Site sent by email to Rowe on September 22, 2015. The email to Rowe stated: “Here is the link to access the video” and provided the hyperlink….
Harleysville concedes that any person who used the hyperlink to access the Box Site had access to the electronic information stored there. The information was not password protected. Harleysville also concedes that any person who had access to the internet could have accessed the Box Site by simply typing in the url address in a web browser….
Defense counsel issued a Subpoena Duces Tecum, dated May 24, 2016, to NICB requesting NICB’s entire file related to the fire. On or about June 23, 2016, NICB sent defense counsel electronic copies of all documents and information it had received from Harleysville, including a copy of the September 22, 2015, email from Cesario to Rowe containing the hyperlink to the Box Site. That same day, defense counsel, without the knowledge or permission of Harleysville or its counsel, used the hyperlink to gain access to the Box Site, which now contained the Claims File. Defense counsel downloaded the Claims File and reviewed it without ever notifying Harleysville’s counsel that they had accessed and reviewed potentially privileged information.
Harleysville’s counsel moved to disqualify defense counsel when they learned that defense counsel accessed the claims file and didn’t tell anyone.
The Court found that Harleysville waived any claim of attorney-client privilege with regard to the information on the Box Site. The court reasoned that the material was not password protected and that:
the information uploaded to this site was available for viewing by anyone, anywhere who was connected to the internet and happened upon the site by use of the hyperlink or otherwise. In essence, Harleysville has conceded that its actions were the cyber world equivalent of leaving its claims file on a bench in the public square and telling its counsel where they could find it. It is hard to image an act that would be more contrary to protecting the confidentiality of information than to post that information to the world wide web.
The Defendant’s victory was short lived. The Court ruled that defense counsel should have disclosed that they had the information and sanctioned defense counsel the cost of the parties in obtaining the court’s ruling.
The Court got it egregiously wrong on the finding that the privilege was waived. In the age of electronic discovery, production and communication, there will be instances when something is inadvertently sent to someone. Most of the time, it will be the fault of support staff–even though the supervising attorney bears ultimate responsibility.
There are a lot of ways this can happen. I’ve seen emails and faxes go to the wrong people, redacted pdfs become unredacted when produced and a few pages of privileged material in voluminous electronic production not pulled.
It happens. And I believe it occasionally happens to all of us who use modern technology in our practices.
There should be no waiver of privileges when the communication or production was not intentional. This profession is stressful enough without trick-bag ‘gotcha’ waivers when something was inadvertently communicated or produced. I believe that my opinion on this is supported by FRE 502 and Fed. R. Civ. P. 26. I believe that this judge got it wrong.
I also disagree with the Court’s characterization of using cloud storage like Box or Dropbox as making something available to anyone on the internet. That’s pretty close to the same as saying that anyone can access the judge’s bank accounts by typing in the log-in and password. I don’t think someone can surf the web into other people’s cloud storage.
The Court’s ruling on the sanctions was not a big surprise. Judges hate sneaky lawyering. The defense lawyers should have disclosed the inadvertent production.
Attorneys should think long and hard about doing something that could be interpreted as sneaky. People remember it. Forever. It’s not a reputation you want to build your career around.