Law.com Subscribers SAVE 30%

Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.

Are Your Post-Breach Forensic Reports Privileged?

By Brian E. Ray
July 01, 2017

The Central District of California recently joined the small growing list of courts that have held forensic reports created by outside security companies following a data breach are protected from disclosure in civil litigation in certain circumstances. In the case In re Experian Data Breach Litigation, 15-01592 (C.D. Cal. May 18, 2017), Judge Andrew J. Guilford held that a forensic report created by the security firm Mandiant at the direction of Experian's outside counsel, Jones Day, qualified as trial preparation material (or “work product”) under Federal Rule of Civil Procedure (FRCP) 26(b)(3) and denied a motion to compel its production. Experian is only the third case to result in a ruling addressing these important questions. While all three rulings protected forensic reports from disclosure, the analysis in each case was highly fact-dependent. Judge Guilford's reasoning in Experian addresses several key issues not directly raised in those other cases and sheds light on several others.

The Experian Case

In September 2015, Experian discovered that an unauthorized third party had accessed one of its systems. Experian promptly retained an outside legal firm, Jones Day, to investigate and advise on the legal implications of the breach. Jones Day hired the security firm Mandiant to conduct a technical analysis of the incident.

This premium content is locked for Entertainment Law & Finance subscribers only

  • Stay current on the latest information, rulings, regulations, and trends
  • Includes practical, must-have information on copyrights, royalties, AI, and more
  • Tap into expert guidance from top entertainment lawyers and experts

For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473

Read These Next
Major Differences In UK, U.S. Copyright Laws Image

This article highlights how copyright law in the United Kingdom differs from U.S. copyright law, and points out differences that may be crucial to entertainment and media businesses familiar with U.S law that are interested in operating in the United Kingdom or under UK law. The article also briefly addresses contrasts in UK and U.S. trademark law.

Strategy vs. Tactics: Two Sides of a Difficult Coin Image

With each successive large-scale cyber attack, it is slowly becoming clear that ransomware attacks are targeting the critical infrastructure of the most powerful country on the planet. Understanding the strategy, and tactics of our opponents, as well as the strategy and the tactics we implement as a response are vital to victory.

The Article 8 Opt In Image

The Article 8 opt-in election adds an additional layer of complexity to the already labyrinthine rules governing perfection of security interests under the UCC. A lender that is unaware of the nuances created by the opt in (may find its security interest vulnerable to being primed by another party that has taken steps to perfect in a superior manner under the circumstances.

Removing Restrictive Covenants In New York Image

In Rockwell v. Despart, the New York Supreme Court, Third Department, recently revisited a recurring question: When may a landowner seek judicial removal of a covenant restricting use of her land?

Fresh Filings Image

Notable recent court filings in entertainment law.