Keeping Confidential Information Confidential

By Kurt Stitcher

(Back to article)

In the age of electronically stored information (ESI), the execution of a search warrant may lead to the seizure of extraordinary volumes of irrelevant, privileged, and/or protected data. Because the courts have shown little inclination to adapt their Fourth Amendment “search and seizure” jurisprudence to the realities of our digital culture, your company may have to engage in some “self-help” to ensure that its sensitive information, and that of its customers, remains protected.

The sheer volume of information that may be stored on a computer system renders any ESI search problematic, as federal agents must locate the proverbial “needle in the haystack” by sifting through gigabytes (or even terabytes) of data to find the information identified in the search warrant. Even more problematic is the structure and location of those data. Modern computer databases are “relational,” such that no matter how well specified the sought after data may be, they will be found among gigabytes of information that are unrelated and outside the scope of the warrant. Practically speaking, then, all ESI is “intermingled,” and specific data cannot be “seized” without some type of “search” to locate and retrieve it.

In light of the foregoing, it is inevitable that the execution of a computer search warrant at your company’s facilities will sweep up materials well beyond the scope of the warrant, including privileged and confidential information. And your company’s problems do not end when the seizure ends. Once the government has possession of your ESI, it will search the data for information responsive to the warrant. How? With the kind of methodical, detailed searches that are likely to uncover every imaginable type of sensitive information. "But doesn’t the law impose significant limitations on the government’s power to search," you ask?

Unfortunately, no. In fact, the courts have consistently upheld the government’s right to seize entire computer systems (including hardware, mirror images, digital media, etc.) and to search all aspects of the seized items in order to locate data described in the search warrant. For example, in the 2008 case, United States v. Comprehensive Drug Testing, Inc. (BALCO), that arose out of the steroid scandal that engulfed major league baseball, the Ninth Circuit Court of Appeals upheld the government’s a) employment of multiple, overlapping subpoenas and search warrants to seize ESI well beyond the bounds of “probable cause”; b) comprehensive search of the seized ESI; and c) use of those data against various innocent third parties.

Smelling the Coffee

The BALCO opinion is a wake-up call for corporate America. First, BALCO demonstrates how the government is willing to manipulate the means for compelling ESI to preclude the affected parties from challenging the scope of production or preventing the disclosure of private and privileged information.

Second, the case highlights a government practice of reviewing data outside the scope of probable cause, which, in this case, allowed the government to secure additional search warrants that it could not have obtained absent the sweeping seizure and search. In such circumstances, there is no practical constraint on the government’s ability to use narrow search warrants to obtain enormous quantities of unrelated data.

Third, BALCO effectively holds that any warrant that authorizes the seizure of hardware necessarily permits a search of all data on that hardware, such that no warrant can ever be deemed insufficiently “particular” to be ruled illegal.

Although there is no foolproof method for protecting your company against the possible ravages of an ESI search warrant, there may be ways proactively to ameliorate the pain.

Data Segregation - The less “aggressive” of the proactive steps and one that your company should consider taking simply as a matter of good document management policy and procedure is the electronic segregation of privileged data, as well as of data implicating significant privacy concerns. This may involve a number of coordinated actions including:

       Training - Group training, handbooks, human points of contact, and compliance mechanisms are all vital to ensuring that your company can avoid questions about its conduct in the event of a government investigation. Notably, the destruction of data, if conducted in compliance with company policy, can save you both money and logistical headaches and can help defeat charges of obstruction or spoliation.

       A crisis management team - Form one that includes management, legal, IT, and accounting personnel. When a crisis arises, the team should ensure immediate notice to those who know how and where the company is storing potentially relevant ESI. The team should also arrange the immediate suspension of automatic data destruction procedures and the circulation of preservation notices (a.k.a. “holds”).

       Data segregation - Segregate privileged and otherwise protected data from non-privileged and routine data. Internal IT and outside consultants can address the technical feasibility of various proposals. Even if the government winds up seizing ESI, the prior segregation will bolster the company’s position when it seeks return of the segregated data and will assist you in crafting a post-seizure review process that maximizes the company’s chances of preserving the sanctity of privileged and private ESI.

Data Encryption - The more radical approach to ESI self-help is the encryption of privileged and otherwise protected data within the company’s computer system. Data encryption comes in many forms but, at base, all encryption systems require encryption codes (typically from software) and encryption keys (e.g., symmetric, public, one-time pads). The goal of any encryption program is to prevent unauthorized persons from accessing your privileged and protected ESI.

Let us suppose the government has executed a search warrant at your place of business and has seized both encrypted and unencrypted files for off-site review. How does the government get access to your encrypted data? First, it can try to break the encryption, which, depending on the encryption method utilized, could be extraordinarily difficult and time-consuming.

Second, the government can serve a grand jury subpoena demanding production of the encryption key. Unfortunately, your company has no Fifth Amendment rights and cannot refuse to comply with the subpoena. But all is not lost—the company can still negotiate with the government regarding the withholding of privileged materials and/or move to quash the subpoena. Pre-search negotiations beat post-search negotiations any day.

Third, even if the government never serves a subpoena, it can still negotiate with the company over an appropriate protocol for a search of your ESI. Having gone through the dual processes of segregation and encryption, you will be in an excellent position to establish that the encrypted information is legally protected from disclosure.


Government search and seizure in the digital age can pose serious problems for your company. By taking appropriate proactive steps, however, you can help secure your company’s privileged and protected information—and that of your clients or customers—against unwarranted intrusion from potentially overreaching government investigators.

Kurt Stitcher is a partner in the Litigation Practice Group at Levenfeld Pearlstein LLC, where he represents clients in product liability and toxic/mass tort litigation, corporate internal investigations and white-collar criminal defense, and general commercial and class action litigation.