How Private Are Your Documents?

The modern day law office relies substantially on the computer system and the network upon which it operates. Document creation, modification and retention is inextricably tied to the office computer system, and often left vulnerable to theft or piracy via that firm’s open internet connection. As the power and potential of the internet expands, the threats to personal and document privacy increase proportionally. Whether you run a corporate office, a law firm or a small business, the secure protection of your private documents will often represent the difference between victory and loss in a law suit.

A consistently open internet connection can act as an entryway through which various types of hackers or accidental searchers may access and leak confidential information. Failure to safely secure documents and implement efficient policies aimed at overall network and computer protection, can not only lead to the leaking of personal and confidential information, it may often times be used as evidence in a law suit. This reality is compounded by the recently passed amendments to the Federal Rules of Civil Procedure regarding electronic discovery of documents in legal actions. The electronic discovery rules establish a preference toward the discovery of electronic documentation, which will include the trail of metadata that each document modification leaves behind.

Due to the recently passed electronic discovery rules, discovery of electronic information is presumably valid and accepted. Due to this new development in the discovery patterns of adversaries, information and documentation which was once thought to be private and confidential may now be disclosed, often unintentionally through the disclosure of electronic information. A well trained IT department can find embedded information and evidence in disclosed information that was never meant to be disclosed. Such dangers not only subject the company or firm to unintentional disclosure of private information, but may also subject them to personal liability if the information inadvertently disclosed detrimentally impacts a third party whose information was supposedly confidential.

Ordinarily, edits made to a document, while not apparent on the computer screen, are embedded in the document itself and can easily be obtained by a trained IT professional. These changes are recorded as metadata. In respect to document edits, one step that can be taken while using Microsoft Word programs is to render a document as a ‘protected document.’ To do so, it is necessary to go to the Tools menu and select ‘protect document’ prior to sending it to anyone else for edits. When you choose to protect a document, the only modifications that can be made to it are Comments and Tracked Changes. These modifications do not become part of the document until you choose to ‘unprotect’ it and modify the document yourself. This method therefore allows you to ask your reviewers to make comments directly in the Microsoft Word document you send them. This tactic can not ensure against all metadata trails, it is but one method and system which can be employed to help reduce risks. In order to mitigate the risks inevitably faced with the continued expansion of internet use and electronic commerce, combined with the more lenient electronic discovery rules, all types of companies must institute protectionist documentation policy.

While risk of confidential disclosure can never be completely eliminated, the key to implementing the optimally effective system is to find a balance that allows for an efficient managing of the risk. Secure and safe document production, storage, and disposal systems should be used by all firms and companies to help reduce exposure and protect private and confidential information from both legal adversaries and malicious hackers. In addition, an effective legal review system should be used to help determine the status of certain forms of documentation, in order to categorize said documentation as privileged or non-privileged information. Obtaining the assistance of a law firm or attorney experienced in dealing with privacy, document retention and production issues can help ensure a company’s protection into the future, and is invaluable in the event of a pending law suit. An attorney with a clear understanding of relevant discovery rules and the emerging technology can serve as a key advisor in designing and determining the appropriate privacy protections contained within the ideal document protection system.

This article was drafted by Nicholas Delaunt for the Law Firm of Goldstein and Clegg, LLC. Goldstein and Clegg is a small business representation law firm in Beverly, Massachusett

Back to homepage for Law Information

%d bloggers like this: