Celebrating 10 years! 2007-2017

Lawyer doesn't know how to use Relativity (I assume) releases tons of private info for Wells Fargo

Too funny: http://www.nationallawjournal.com/l egaltimes/id=1 wolfman07/27/17
LOL at these stories. about 10 years ago an NYC biglaw part williamdrayton07/27/17
She should have hired doc reviewers, so she could blame it o tedandlisa12307/27/17
She should have farmed that work out to a doc review agency isthisit07/27/17
This shouldn't be a big deal. Rule 26 and evidence rule 502 onehell07/28/17
onehell - good analysis but I think you are missing the plai williamdrayton07/28/17
Slew = slough??? sanka07/28/17
Nothing to add. Just here to say: Doc Review / docreview. bittersweet08/01/17
And my life as a doc reviewer gets more and more secure the denpaonna08/08/17
technology assisted review. There's far less doc review thes notreallyalawyer08/21/17
wolfman (Jul 27, 2017 - 4:24 pm)

Too funny: http://www.nationallawjournal.com/legaltimes/id=1202794117489/Lawyers-Inadvertent-EDiscovery-Failures-Led-to-Wells-Fargo-Data-Breach?kw=Lawyer%27s%20%27Inadvertent%27%20E-Discovery%20Failures%20Led%20to%20Wells%20Fargo%20Data%20Breach&et=editorial&bu=National%20Law%20Journal&cn=20170727&src=EMC-Email&pt=Legal%20Times%20Afternoon%20Update

(for those without access):

Lawyer's 'Inadvertent' E-Discovery Failures Led to Wells Fargo Data Breach
CHRISTINE SIMMONS, Law.com
July 27, 2017 | 0 Comments

A massive Wells Fargo customer data breach was not the work of a hacker, but of the bank’s own lawyer who failed to review the bank’s entire set of discovery documents, including information about the bank’s wealthy customers, before it was shipped to a litigation adversary.

The event highlights the increasing risks of relying on unfamiliar e-discovery technology—and the potential liability exposure to lawyers.

“Unbeknownst to me, the view I was using to conduct the review has a set limit of documents that it showed at one time,” said Wells Fargo’s attorney, Angela Turiano, a New York-based principal at Bressler, Amery & Ross, in an affidavit. “I thought I was reviewing a complete set, when in fact, I only reviewed the first thousand documents.”

Turiano’s affidavit explains in detail how she inadvertently provided Wells Fargo customer information, including personally identifiable information about wealthy customers and their assets, in discovery.

The information was turned over without confidentiality protection or redaction, appearing to violate various privacy protection laws, Financial Industry Regulatory Authority Inc. guidance and U.S. Securities and Exchange Commission regulations, according to opposing counsel in court documents.

Turiano blames her court adversary for revealing the information to The New York Times, which published a report on the error. The newspaper said it was shown large portions of data that included what appeared to be client names and assets under management.

The escalating incident underlines the high-stakes of e-discovery, now common to commercial litigation.

“E-discovery is a minefield,” said Howard Elman, a lawyer who frequently defends large firms in malpractice cases, adding the chance of wrongly producing documents increases with each gigabyte. “It also increases the lawyer’s potential exposure to liability, if they [lawyers] don’t make sure there are sufficient safeguards in place,” Elman said.

Potential damages from malpractice claims arising from e-discovery errors could include the amount of legal fees needed to remedy any data releases, regulatory actions and, if the data was released to the public, potential claims by the public.

“Errors through e-discovery are becoming more pronounced because the volume of document production is multiplying every year,” said Elman, a partner at Matalon Shweky Elman.

‘Slew of Documents’
The discovery error arose in litigation involving two brothers, Gary and Steven Sinderbrand, who have served as Wells Fargo financial advisers. Gary Sinderbrand brought a defamation suit in New Jersey state court against his brother.

Gary and his company, Mill Lane Management, also sued his brother and Wells Fargo in New York state court over a breach of consulting and settlement agreements.

In the New Jersey action, he sought third-party discovery from Wells Fargo, including emails between Steven and the bank.

Wells Fargo retained the Bressler Amery firm to help with the subpoena request, Turiano said in court documents. “I am the lawyer in charge of this matter,” she wrote.

The bank agreed to conduct a search of four custodians’ email accounts using designated search terms, using an outside e-discovery service to conduct the searches.

Turiano said using the vendor’s e-discovery software, she reviewed “what I thought was the complete search results” and marked some documents as privileged and confidential. She then coordinated with the vendor to withhold from production anything she tagged as privileged and confidential.

“What I did not realize was that there were documents that I had not reviewed,” she said, adding she was using “a view” that showed a set limit of documents at one time. “I thus inadvertently provided documents that had not been reviewed by me for confidentiality and privilege.”

Turiano also said the documents she flagged as needing redactions “were not redacted” before production. “I realize now that I misunderstood the role of the vendor,” she said. “Finally, I now understand that I may have miscoded some documents during my review.”

Gary Sinderbrand’s attorney in New York, Aaron Zeisler of Zeisler PLLC, informed Turiano about the disclosure last week.

“Your firm produced a slew of documents revealing billions of dollars of client account information, from residents of numerous states and possibly Europe,” he said in a letter to Turiano that is now a court exhibit.

Turiano’s firm has scrambled since then to have the documents returned.

Manhattan Supreme Court Justice Charles Ramos on Tuesday signed an order restraining the plaintiffs from any further review or use of the confidential documents, pending a Aug. 10 hearing.

And on Wednesday, a New Jersey court required Gary Sinderbrand and his lawyers to delete any digital file copies they made from the information disclosed in the subpoena, and to give the court the encrypted CD and any copies, Reuters reported. The court will “safeguard the CD” until a court hearing.

Zeisler said in a July 22 letter to Ramos that Sinderbrand and his lawyers in the New York case had not refused to return the documents. “Neither I nor anyone at this firm ever stated that we would not return documents containing sensitive financial and personally identifying information at the appropriate time,” Zeisler wrote.

Zeisler declined to comment. Turiano did not return messages seeking comment.

In a statement, a Wells Fargo spokeswoman said, “The security of our clients’ accounts and information is a priority at Wells Fargo and we are dedicated to protecting our client data.”

The spokeswoman said the court rulings “are a positive result of our ongoing efforts to make things right” and “we’ll continue to thoroughly investigate this matter.”

Christine Simmons writes about the New York legal community and the business of law. Contact her at csimmons@alm.com and on Twitter @chlsimmons

Reply Like (0)
williamdrayton (Jul 27, 2017 - 5:12 pm)

LOL at these stories. about 10 years ago an NYC biglaw partner went ballistic when he went in to defend a deposition and opposing counsel started waving around some docs that were supposed to be withheld for privilege.

of course the firm instinctively goes on the warpath against the doc reviewers, who the firm deems to be idiots anyway.

turns out that the docs had been produced much earlier by one of their prized Associates, BEFORE the doc reviewers had started the assignment.

don't ask why the Partner didn't QC the production before it went out the door - I guess that grunt work was relegated to the Associates.

Reply Like (0)
tedandlisa123 (Jul 27, 2017 - 7:42 pm)

She should have hired doc reviewers, so she could blame it on them. No she looks like a partner fool who charges $500 an hour, but can't even code monkey properly.

Reply Like (0)
isthisit (Jul 27, 2017 - 11:26 pm)

She should have farmed that work out to a doc review agency instead of doing it herself.

Soo early in the game.

Reply Like (0)
onehell (Jul 28, 2017 - 2:28 pm)

This shouldn't be a big deal. Rule 26 and evidence rule 502 have all those provisions about dealing with inadvertent disclosures. And indeed it sounds like the parties are taking the appropriate steps:

"Manhattan Supreme Court Justice Charles Ramos on Tuesday signed an order restraining the plaintiffs from any further review or use of the confidential documents, pending a Aug. 10 hearing."

What's reprehensible is not the mistake, but the receiving lawyer's decision to go public about it. We're human. We make mistakes. The rules of civil procedure recognize this reality and have procedures in place to deal with it. When opposing counsel gaffs in this sort of way, be a professional and handle it in a dignified way, in the manner the rules already contemplate. I don't see how it helps his client to try and destroy his opposing counsel's reputation by going public about a subpoena mistake where Wells wasn't even a party to the case, and it's that sort of behavior that contributes to the toxic culture of this profession.

Reply Like (0)
williamdrayton (Jul 28, 2017 - 2:48 pm)

onehell - good analysis but I think you are missing the plaintiff lawyer's tactics in litigating through the media. the docs in and of themselves may not have much value to Plaintiff, but his possession of them certainly gives him leverage in any settlement negotiations. "give us what we want, and we will shut up about Wells Fargo".

yes, we know that Wells Fargo is not a party to the suit and we know it's just Wells Fargo Advisors and not the retail bank that got in tons of trouble last year - but perception is more important than reality - Wells Fargo has to be in the defense team's ear about the bad publicity -

the only thing most people glean from the headlines is "Wells Fargo data breach"

Reply Like (0)
sanka (Jul 28, 2017 - 3:39 pm)

Slew = slough???

Reply Like (0)
bittersweet (Aug 1, 2017 - 10:52 am)

Nothing to add. Just here to say: Doc Review / docreview. This way it should show up in that list since whatever criteria wasn't putting it in there before.

Reply Like (0)
denpaonna (Aug 8, 2017 - 4:40 pm)

And my life as a doc reviewer gets more and more secure the more nervous old lawyers and judges get.

Reply Like (0)
notreallyalawyer (Aug 21, 2017 - 5:23 pm)

technology assisted review. There's far less doc review these days. especially in major cities.. It's too risky to move to say charlotte and then wait around for them to get a project.

Reply Like (0)
Post a message in this thread