SEC and CFTC Continue Crackdown on Financial Firms Over Off-Channel Communications

By John J. Carney, Edward J. Jacobs, Michelle Tanney, David Choi, Lauren Lyster and Alex Karambelas on May 23, 2023 Posted in Alert

Key Takeaways

HSBC Securities (USA) Inc. (HSBC) and Scotia Capital (USA) Inc. (Scotia Capital) paid a combined $37.5 million in fines to settle actions with the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) for violations arising from the firms’ failure to maintain and preserve employees’ business-related communications on personal devices.
These enforcement actions follow years of increased regulator focus on employee use of personal devices as well as recent policy revisions by the Department of Justice (DOJ) concerning employees’ use of third-party messaging apps on personal devices.
Employers should ensure that they maintain and consistently update policies and compliance procedures regarding record retention and the use of personal devices as regulators and prosecutors continue to focus on off-channel communications.

Background

The SEC and CFTC settlements with HSBC and Scotia Capital come after years of federal regulators’ and prosecutors’ steadily increasing scrutiny of off-channel communications. Anchoring these settlements are long-standing books and records requirements of the SEC and the CFTC regulating the maintenance and preservation of documents. Specifically, Section 17(a)(1) of the Securities Exchange Act of 1934 (the Exchange Act) authorizes the SEC to issue rules requiring broker-dealers to maintain and preserve records as necessary or appropriate in the public interest. The SEC adopted Rule 17a-4 pursuant to this authority, which, among other things, requires that broker-dealers preserve all communications received and all communications sent relating to the firm’s business.[1] Similarly, the Commodity Exchange Act (the CEA) requires registrants to “keep books and records of all activities related to its business as a swap dealer.”[2] Registrants are also required to “keep full, complete, and systemic records” of all swap activities, including “[r]ecords of each transaction.”[3]

[1] Exchange Act Rule 17a-4(b)(4), 17 C.F.R. § 240.17a-4(b)(4).

[2] CEA Section 4s(f)(1)(C), 7 U.S.C. 6s(f)(1)(C).

[3] Regulation 23.201(a).

Google Sanctioned for Failure to Preserve Internal Chat Messages

By Edward J. Jacobs and David Choi on March 31, 2023 Posted in Case Summaries, Trends and Emerging Issues

In re Google Play Store Antitrust Litig., — F. Supp. 3d —-, 2023 WL 2673109, No. 21-MD-02981 (JD) (N.D. Cal. Mar. 28, 2023)

Practical Insight

This decision illustrates three trends in e-discovery: (1) employees are increasingly using chat platforms and other means of instant messaging to engage in substantive conversations about work; (2) courts are increasingly penalizing litigants for not actively supervising compliance with litigation holds; and (3) the failure to address more challenging sources of potentially relevant information at the initial preservation stage — such as with text and instant messages — comes with increasing risk to litigants in terms of reputational harm and significant discovery-related sanctions.

Client and Counsel Sanctioned More Than $2.5 million for ‘Amateur Hour’ Discovery Ineptitude

By Edward J. Jacobs and David Choi on March 14, 2023 Posted in Case Summaries

Network Security,Security,Security System,Technology,Internet,Safety,BIG Data,Encryption,Digitally Generated Image,Protection,Privacy, Blockchain, Computer,Connection,Lock,Coding,Network Security,Technology,Security,Security System,

Practical Insight

This case is a cautionary tale for the attorney who may know to say all of the right things when it comes to modern discovery practice but, in fact, lacks the expertise and competence to oversee a defensible discovery effort. This counsel instead subjected the court to a self-described “inner circle of judicial hell” in dealing with discovery ineptitude. As complex discovery has become a specialized field, courts have also grown more sophisticated in their understanding of the hallmarks of competent e-discovery counsel versus those who are merely winging it. Discovery practitioners should have a thorough understanding of their clients’ information systems in order to properly defend or prosecute their cases; otherwise they risk severe consequences.

DOJ Corporate Criminal Enforcement Updates Shine a Spotlight on Texts and Instant Messaging Applications as Potential Evidence

By Edward J. Jacobs, David Choi and Csilla Boga-Lofaro on March 6, 2023 Posted in Alert

Teens in circle holding smart mobile phones - Multicultural young people using cellphones outside - Teenagers addicted to new technology concept

In September 2022, the U.S. Department of Justice (DOJ) issued a memo announcing revisions to the DOJ’s corporate criminal enforcement policies and practices. The memo made clear that the DOJ expects “all corporations with robust compliance programs [to] have effective policies governing the use of personal devices and third-party messaging platforms for corporate communications . . . provide clear training to employees about such policies and . . . enforce such policies when violations are identified.” This policy effectively applies to every business that could conceivably face DOJ inquiry and evidences the DOJ’s growing frustration with its inability to obtain relevant texts and instant messages from target subjects, especially when these communications are occurring outside employer-provided communication platforms.

Read full alert.

The Supreme Court Dodges—for Now—the Circuit Split on the ‘Dual Purpose’ Test for Privilege

By Edward J. Jacobs, David Choi, Csilla Boga-Lofaro and Jennifer Negron on February 21, 2023 Posted in Supreme Court

In re Grand Jury, 23 F.4th 1088 (9th Cir. 2022), appeal dismissed as improvidently granted, In re Grand Jury, 598 U.S. ____ (2023) (No. 21-1397).

Summary of the Case: The Supreme Court, which had initially agreed to consider a circuit split on a privilege issue that commonly arises in discovery, reversed course and dismissed the writ of certiorari as “improvidently granted”—meaning the Supreme Court will not resolve the circuit split this term. The appeal arose from a recent Ninth Circuit decision ordering a law firm to produce documents that reflected “dual purpose” legal and business advice. The firm had provided legal advice about certain tax avoidance measures to a client and also prepared the client’s tax filings. Later served with a grand jury subpoena in connection with a criminal investigation of this client, the firm withheld some communications containing both legal and business tax advice.

Key COVID-19 Considerations for U.S. Discovery and Information Governance

By Gilbert S. Keteltas and James A. Sherer on May 21, 2020 Posted in Information Governance

Many businesses have remote work and bring-your-own-device policies that cover access to company systems and information from personal devices. These policies may also state expectations or requirements for the management and security of company information. But these policies likely do not account for the rapid transition to virtual offices and remote work hastened by the COVID-19 pandemic. Among other challenges:

Segments of the workforce may be teleworking for the first time.
Those engaged in remote work may not be aware of or understand applicable policies and practices, and advance training may be (or might have been) impractical.
The rapid move to remote work may rely on a greater variety of devices, including home devices, that might not otherwise be favored. And in many cases, employee-owned, or even company-issued, devices may be shared with multiple users in the home (for example, students taking classes online).
Furloughs and workforce reductions in times of quarantine may complicate onboarding and off-boarding where legal holds are in place or are triggered during the pandemic.

COVID-19 and U.S. Statutes of Limitation

By Gilbert S. Keteltas and Justin Donoho on May 21, 2020 Posted in Statutes of Limitation

At the federal and state levels, there have been calls to suspend statutes of limitations during the COVID-19 outbreak. A number of states have already acted, but state approaches vary and are open to future changes as the challenges of the pandemic play out at the national, state and local levels. This uncertainty affects businesses considering when they must file actions and those assessing whether a risk of anticipated litigation has been extinguished. It also affects companies facing potential civil or criminal enforcement actions including, for example, those for whom the clock is running on antitrust merger reviews.

Although the global response to COVID-19 is unprecedented, suspensions of limitations periods in times of great business interruptions are not. Legislation was issued to toll limitations periods, for example, during the Civil War and the subsequent world wars. In more recent times, limitations periods have been extended to account for the aftermaths of hurricanes and Sept. 11, 2001. Continue Reading

Adapting E-Discovery Workflows to a Remote Work Environment

By Edward J. Jacobs, May Tal Gongolevsky, Victoria Rutherfurd and Joshua Satter on May 21, 2020 Posted in E-Discovery

As courts and litigants adapt to the new normal by instituting social distancing measures through remote hearings and depositions, how we preserve, collect and produce documents should not be an afterthought. While the practice of e-discovery may already be well suited to remote work given the advanced evolution of technologies available to address challenges, below are five key areas to address in the current COVID-19 environment.

1. Litigation Holds: How Are Your Custodians Communicating and Saving Documents?

Now may be a good time to check in to determine whether any additional guidance should be given to custodians and system owners, given the fact that the majority of Americans are now working from home due to COVID-19 social distancing measures. Do your current Bring Your Own Device and Employee Document policies address the different ways your employees may be communicating and saving work? They may be using platforms, such as text messaging or instant messaging services, that are not employer-provided as a matter of practicality and convenience, or saving data locally to their personal devices. Have legal hold recipients been reminded of where they should or should not be saving data? A written reminder may help protect the employer and save the cost and time required to conduct a messy collection from personal devices or platforms. Out of an abundance of caution, legal holds may need to be supplemented to include personal devices.

2. Custodial Interviews: Then v. Now

Custodial interviews can be easily conducted over the phone or by videoconference. Factor into your questions the custodian’s work-from-home environment and how that may have changed their relevant practices. Best practices still weigh against custodial self-collections; use technology to collect and narrow data for review.

3. Remote Collections: Some Challenges Remain

Technology affords us the ability to remotely access an enormous array of electronic data on servers, in cloud environments and even on personal devices without leaving the comfort of our homes. However, there are still some sources that may require physical, on-site collection (think back to the olden days of paper files). If you have media or papers that cannot be physically accessed at this time, identify them as soon as possible and consider negotiating phased discovery with your adversaries and/or the court. Make sure that those sources are adequately preserved in the meanwhile. Postpone that discovery until such a time it is safe and permissible to collect the potentially relevant data. Diligence, transparency and cooperation performed now may avert a crisis down the road.

4. Off-Site Review: Find Alternative Means of Feedback and Supervision

Vendors who are hired to collect/review discoverable materials will likely have to do this job remotely given travel bans and social distancing measures, which may last well into the future. Most vendors and review platforms are well equipped for remote work, but valuable real-time feedback from project managers given to groups of reviewers all located in a designated review center may be lost as the team learns the case, particularized privilege issues and relevant universe. Utilize calls and videoconferencing to compensate for any potential loss of communication as reviewers work individually at home. Make sure that reviewers sign remote work policies that factor in security. Some vendors offer unique security add-ons—be sure to ask your vendors about their remote review offering.

5. Data Confidentiality and Security: Protect Your Client’s Information

With attorneys, vendors and reviewers now working remotely, don’t neglect ensuring that all the ways in which you are communicating, sending, reviewing and producing discovery are secure and adequately protect your potentially privileged and confidential information from accidental or malicious loss or disclosure. It has been widely reported that data security risks have increased in the age of COVID-19. Consult competent counsel to vet vendor contracts for appropriate security and liability provisions and protect your data.