From: Subpoena BYOD Mobile Law – Attorney-Client Confidentiality | Data Security Breach

Posted on 2013/04/02


a quick re-post from Subpoena BYOD Mobile Law http://hack-igations.blogspot.com/2013/04/secrecy.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SpiesSnoopsSnitchesPrivacyLaw+%28Spies%2C+Snoops%2C+Snitches+%26amp%3B+Privacy+Law%29

Attorney-Client Confidentiality | Data Security Breach by Benjamin Wright

As an enterprise comes to suspect that it may have suffered an infosec incident, it may be wise immediately to involve an attorney.

Attorney Work Product Doctrine

The “attorney work product” doctrine provides that the content and results of an investigation — which is led by an attorney — are kept confidential from future legal proceedings.   The legal proceedings that might follow an infosec incident include lawsuits, as well as investigations by government authorities such as industry regulators (e.g., state healthcare department), state attorneys general and the Federal Trade Commission.

After an attorney has been engaged to lead an infosec incident investigation, the attorney might direct technical investigators to gather evidence, analyze it and report back to the attorney.  Often, owning to the attorney’s leadership of the investigation, the evidence gathering, analysis and reporting would be

Lips are Sealed

confidential under the “attorney work product” doctrine.  See, “Law Firms Tout Cybersecurity Cred,” Wall Street Journal, April 1, 2013.

Reduce Exposure to Potential Liability

If the “attorney work product” doctrine does apply to an investigation, then adversaries, like plaintiffs or government, cannot force the enterprise to reveal to them the results of the investigation.

For an enterprise that wishes to minimize its exposure to litigation or liability, the “attorney work product” doctrine can be invaluable.

For example, an enterprise may conclude after thorough investigation that it did not suffer a data breach requiring it to give notice.  However, the enterprise may prefer that the content of the investigation not be provided to adversaries who might try to second-guess that conclusion.

See explanation of attorney-client privilege and attorney work product doctrine.

–Benjamin Wright

Posted in: reading