Improper handling of evidence can cost you more than your case.
So far, in this series of articles, we have concentrated on the acquisition and authentication of evidence. This article is largely based on a case we recently completed in a civil matter. Though the attorney did nothing wrong, had his client taken other steps to protect evidence in his possession, the outcome of the case may well have been different. It is my desire that information from this article may assist your clients and keep your firm safe from an accusation of mishandling of evidence.
There are challenges in evidence control – this is underscored by HIPAA guidelines. Almost all medical institutions have posted signs in their facilities cautioning what they can even discuss with one another in public areas. In most instances, that is not necessary in your firm’s elevators, but it may very well be applicable with other means to access.
So, what does this mean to you? It means that a well-defined, stipulated protective order is a necessary first step. It is unwise to assume that opposing counsel or other defined evidence custodian would have their evidence storage environment as secure as it needs to be. A security report from their technical expert would be reasonable to request. Chain of custody is imperative while transferring evidence from one location to another. This is especially true when you are not dealing with opposing counsel. If your expert needs to convey evidence to you and it is not a direct transfer from expert to expert, it should be specified that it is a point to point conveyance and the courier will get a chain of custody filed. Why? Because it could be argued that in transit evidence may have been tampered with. Now that you have the evidence, where will it be stored?
In 2015, there was a case with the Takata Airbag company where a stipulated order stated that anyone that had possession of the other party’s confidential information must have an information security protocol in place which would include encryption and password protection.
Uber and Wells Fargo have also implemented similar procedures in recent cases. We recently worked on a trade-secret case, and one of the court stipulations was that the information in question, despite being encrypted and password protected, must not be a trade secret since it was not secured behind locked doors. The interesting part was that the employee who took the information was a remote worker and had electronic access to the files.
What, then, do you do? Wherever the evidence is kept (even if electronically on your servers), you must take steps to physically secure it. You must also take steps to make certain that any electronic access is encrypted communication. This is performed with a secure virtual private network (VPN). Many, such as Cisco, Linksys and Sonicwall firewalls, use tunnels that have weak encryption and have been compromised. If your VPN does not encrypt traffic using an elliptic-curve algorithm, it is not secure enough.
Up to this point we have spoken about authorized access, however there is the distinct possibility that those who are not authorized to access evidence will attempt to do so. As security specialists, we see attempts on law firms all the time. It is negligent not to protect your firm’s data and especially the data of your clients.
In all instances, any evidence that is not under examination must be secured, both physically and electronically. Access must be limited only to counsel and examiners directly working with said evidence. A log should be kept in case it be called into question in court. There are additional considerations when dealing with state or federal regulatory rules regarding the safeguarding of protected information for which additional accommodations are required. Is this evidence physically accessible in an office? That office must be secured – ideally with a controlled access key. Is the evidence easily removable? If so, it must be secured in a locked environment such as an evidence safe and additionally secured in a locked room.
Is the evidence accessible electronically? You must specify the steps taken to secure access. We must also know specifically how the destination is secured to make certain that it complies with the same standards and protocols that you use to secure the evidence in question.
Finally, at the end of the proceedings, a certified letter of destruction is wise to obtain from any evidence-holding party. Opposing counsel may return physical evidence, however you need verification that any electronic evidence is removed from systems outside of your control. Randall William Zinn