Protecting Electronic Data From Search and Seizure
October 9, 2008
Law360, New York (October 09, 2008) — We live in a digital age, one in which companies store vast quantities of data in servers, CPUs, laptops, and other digital media. While the advent of electronically stored information (ESI) has undeniably facilitated commerce, it has also dramatically increased the risks to companies whenever the Government seeks access to their ESI through the mechanism of a search warrant.
As a practical matter, not only will the execution of an ESI search warrant sweep up extraordinary volumes of irrelevant, privileged, and/or protected data, but the law offers virtually no protection for such data, even if the company is an innocent third party or the data relate not to the company itself, but to the company’s customers.
Because the courts have shown little inclination to adapt their Fourth Amendment “search and seizure” jurisprudence to the realities of our digital culture, companies may need to engage in some self-help” to ensure that their sensitive information, and that of their customers, remains protected in the face of a Government demand for ESI.
Practical Problems In Computer “Seizures And Searches”
The sheer volume of information that may be stored on a computer system renders any ESI search problematic, as federal agents must locate the proverbial “needle in the haystack” by sifting through tens (or hundreds or thousands) of millions of pages of data in order to find the information specifically identified in the search warrant.
Even more problematic is the structure and location of those data. Modern computer databases are “relational,” such that no matter how well specified the sought-after information may be, it will be found among gigabytes of data that are unrelated and outside the scope of the warrant. Practically speaking, then, all ESI is “intermingled,” and specific data cannot be “seized” without some type of “search” to locate and retrieve it.
Because the execution of an ESI search warrant almost invariably entails the wholesale seizure (or imaging) of digital media (such as servers and hard drives), it is inevitable that the seizure will sweep up materials well beyond the scope of the warrant, including privileged and confidential information stored on the company’s computer system. And the company’s problems do not end when the seizure ends.
Once the Government has possession of ESI, it will search the seized data for information responsive to the warrant. How? With the kind of methodical, detailed searches that are likely to uncover every imaginable type of sensitive information stored on the seized media. And if the Government comes across information outside the scope of the warrant, but located in “plain view” during the search, it can “seize” and use that information, as well.
But, you may ask, don’t the Constitution and case law impose significant limitations on the Government’s power to search? Unfortunately, no. In fact, the courts have consistently upheld the Government’s right to seize entire computer systems (including hardware, mirror images, digital media, etc.) and to search all aspects of the seized items in order to locate data described in the search warrant.
For example, in United States v. Comprehensive Drug Testing, Inc., 513 F.3d 1085 (9th Cir. 2008) (BALCO), a case that arose out of the steroid scandal that engulfed Major League Baseball, the Ninth Circuit Court of Appeals upheld the Government’s employment of multiple, overlapping subpoenas and search warrants to seize ESI well beyond the bounds of “probable cause,” despite objections that the Government had employed this stratagem to avoid any judicial oversight of its conduct.
The Ninth Circuit also permitted the Government to undertake a comprehensive search of all seized ESI – including sensitive medical information about numerous individuals – and to use the seized information against various third parties who were not even targets of the warrant.
The BALCO opinion – which is by no means an outlier in Fourth Amendment jurisprudence – is a wake-up call for corporate America. First, BALCO demonstrates how the Government is willing to manipulate the means for compelling ESI to preclude the affected parties from challenging the scope of production or preventing the disclosure of private and privileged information.
Second, the case highlights a Government practice of reviewing data outside the scope of probable cause, which, in this case, allowed the Government to secure additional search warrants that it could not have obtained absent the sweeping “seizure and search.” In such circumstances, there is no practical constraint on the Government’s ability to use narrow search warrants to obtain enormous quantities of unrelated, protected data.
Third, BALCO effectively holds that any warrant authorizing the seizure of hardware necessarily permits a search of all data on that hardware, such that the courts are unlikely ever to deem any ESI warrant insufficiently “particular” to survive a Fourth Amendment challenge.
Possible Solutions To Overly Broad Seizures And Searches
Although there is no foolproof method for protecting a company against the possible ravages of an ESI search warrant, legal counsel (both outside and in-house) can work proactively with company executives (including CIOs) to minimize the likelihood of a damaging disclosure of privileged and confidential company information.
The less “aggressive” of the proactive steps – and one that companies should consider taking simply as a matter of good document management policy and procedure – is the electronic segregation of privileged data and of data implicating significant privacy concerns. This may involve a number of coordinated actions:
- Written Document Retention Policy: Draft or update one, and be sure to address the management of ESI. A company must know (a) what types of information it generates; (b) where that information is stored; (c) how it is stored; and (d) who has knowledge of the foregoing facts.
- Training: Employ it. Group training, handbooks, human points of contact, and compliance mechanisms are all vital to ensuring that companies can avoid questions about their conduct in the event of a Government investigation. Notably, the destruction of data, if conducted in compliance with company policy, can save both money and logistical headaches and can help defeat charges of obstruction or spoliation.
- Crisis Management Team: Form one, including management, legal, IT, and accounting personnel. When a crisis arises, the team should ensure immediate notice to those who know how and where the company is storing potentially relevant ESI. The team should also arrange the immediate suspension of automatic data destruction procedures and the circulation of preservation notices (a/k/a “holds”).
- Data Segregation: Segregate privileged and otherwise protected data from non-privileged and routine data. Internal IT and outside consultants can address the technical feasibility of various proposals. Even if the Government winds up seizing ESI, the prior segregation will bolster the company’s position when it seeks return of the segregated data and will assist the company in crafting a post-seizure review process that maximizes the
company’s chances of preserving the sanctity of privileged and private ESI.
The more “radical” approach to ESI “self-help” is the encryption of privileged and otherwise protected data within the company’s computer system. Data encryption comes in many forms, but, at base, all encryption systems require encryption codes (typically from software) and encryption keys (e.g., symmetric, public, one-time pads). The goal of any encryption program is to prevent unauthorized persons from accessing privileged and protected ESI.
Let us suppose that the Government has executed a search warrant at a place of business and has seized both encrypted and unencrypted files for off-site review. How does the Government get access to the encrypted data? First, it can try to break the encryption, which, depending on the encryption method utilized, could be extraordinarily difficult and time-consuming.
Second, the Government can serve a grand jury subpoena demanding production of the encryption key. Unfortunately, a company has no Fifth Amendment rights and cannot refuse to comply with the subpoena. But all is not lost, because the company can still negotiate with the Government regarding the withholding of privileged materials and/or move to quash the subpoena. And pre-search negotiations beat post-search negotiations any day.
Third, even if the Government never serves a subpoena, it can still negotiate with the company over an appropriate protocol for a search of its ESI. Having gone through the dual processes of segregation and encryption, the company will be in an excellent position to establish that the encrypted information is legally protected from disclosure.
Government search and seizure in the digital age can pose serious problems for a company. Taking appropriate proactive steps, however, can help secure a company’s privileged and protected information – and that of its clients or customers – against unwarranted intrusion from potentially overreaching Government investigators.