• Home
• Jobs
• Research
• Forums
• Events
• Sections
• Magazine
• Newsletters

InsideCounsel » July 2008

Smoking Guns

Companies deploy monitoring software to limit e-mail risks.

• Print this article
• Email this article
• Reprints
• RSS feeds
• Most viewed
• Most eMailed

By Keith Ecker, published in the July 2008 issue of InsideCounsel

In early February, while the government was breathing down Eli Lilly’s neck over questionable marketing tactics used to peddle its schizophrenia drug Zyprexa, an Eli Lilly in-house attorney was working on a way to settle the matter.

The lawyer was writing an e-mail full of sensitive information pertaining to the settlement, which included a fine that would be the largest ever paid by a drug company for breaking federal laws regulating how drug makers can promote their medicines. She meant to address the message to Brad Berenson, a partner at Sidley Austin, and outside counsel on the case.

However, thanks to the autofill function on her e-mail, the message went to Alex Berenson, a reporter for the New York Times. Needless to say, the issues surrounding Zyprexa literally became front-page news the next day.

E-mail blunders such as Eli Lilly’s can happen to any company. Whether it’s an employee writing blatantly harassing e-mails to a co-worker or an engineer transmitting trade secrets outside of an organization, no company is safe from the risks that e-mail creates.

However, new technology may help combat these liabilities. A number of companies are producing software that automatically enforces acceptable use policies. These customizable systems execute a number of actions in the event that a policy is broken, going so far as to sequester the damaging message before it ever reaches the recipient.

“People treat e-mail like chatting, often thinking of it as private, short-lived and unofficial,” says David Cohen, co-chair of K&L Gates’ e-discovery analysis and technology group. “What lawyers quickly learn is that it lasts forever, multiple copies of a message exist, and it’s easily misinterpreted and misdirected.”

Publicized Policies
E-mail dangers come in many forms. The most notorious risk that e-mail poses, and possibly the most costly, is the “smoking gun.” This is the term used for e-mails that contain blatantly damaging information that can sink a case for a company defending itself in investigations and litigation.

Other e-mail dangers include misguided messages that can compromise privilege or trade secret information, the transmission of pornographic material and the accidental disclosure of private information such as Social Security numbers and health records. Any of these can result in litigation, regulatory investigations or financial loss to a company.

“The first step for any company is to have an acceptable use policy, which should state, among other things, that company resources are for business purposes and that employees have no privacy rights,” Cohen says.

The company should publicize the policy and ensure all employees sign a document stating they have read and understand it.