How to Protect Your Personal Device (and Personal Information) from Discovery

Once a lawsuit over trade secrets or a noncompete begins, “discovery” is usually the next step in the case.  This is the phase of a lawsuit where each party asks for documents and conducts depositions to obtain relevant information from the other side.  As any employment litigator can tell you, discovery usually involves tricky issues regarding what information is relevant to the lawsuit (and thus should be disclosed) and what is the personal information of an employee or other person that has little to do with the case.

To help employers, employees, and lawyers understand this problem as it affects personal devices (e.g., iPhones, home computers, etc.), David Garrett and Ronald J. Hedges have written an excellent article on the examination of these devices in discovery.  They write that courts will sometimes permit experts retained by one party to examine a forensic image of the personal device of another party to determine what is relevant and should be disclosed from what is personal, with both parties negotiating a protocol to govern the examination.  A court will usually permit an examination if (1) relevant documents will likely only be found on that device; or (2) the other party cannot be trusted for some reason to produce relevant documents in the normal course of discovery.  In fact, “[t]he most common scenario resulting in compelled forensic imaging appears to involve alleged employee theft of trade secrets.”  A party can establish prong (1) when a deposition reveals that a litigant has used personal devices to create or edit documents, copies of which cannot be found elsewhere.  And prong (2) can be satisfied when one side has destroyed relevant documents or that party’s first discovery response is inadequate.

But how can a party avoid having his or her personal device examined in the first place?  As I’ve already written, sometimes an employer will require employees to return personal devices under certain circumstances if the employer supports the device and it is used for work.  But if there is “strict segregation of content”–that is, the employee has a device for work and a seperate device for personal use–then the device used for personal matters will likely not be inspected.  An employee who uses the same device for work and personal matters can even use a separate drive for work or set-up a separate login account.  This might at least limit any inspection to the work-related drive or account.  Another way of protecting personal information is to ensure that all work-related information on a personal device is backed up on a work device.  This way, any relevant information that could be obtained from a personal device would also be obtained from a work device, so an examination of the work device alone would be sufficient to get all relevant information.

Leave a Reply

Your email address will not be published.