New technologies are being repurposed for Early Case Assessment (ECA) in this ever-changing global economy chockfull of intellectual property theft and cybertheft. These increasingly hot issues are now compelling lawyers to become savvier about how the technologies they use to identify IP theft and related issues in eDiscovery. One of the more useful, but often overlooked tools in this regard is Data Loss Prevention (DLP) technology. Traditionally a data breach and security tool, DLP has emerged as yet another tool in the Litigator’s Tool Belt™ that can be applied in eDiscovery.
DLP technology utilizes Vector Machine Learning (VML) to detect intellectual property, such as product designs, source code and trademarked language that are deemed proprietary and confidential. This technology eliminates the need for developing laborious keyword-based policies or fingerprinting documents. While a corporation can certainly customize these policies, there are off the shelf materials that make the technology easy to deploy.
An exemplary use case that spotlights how DLP could have been deployed in the eDiscovery context is the case of E.I. Du Pont de Nemours v. Kolon Industries. In DuPont, a jury issued a $919 million verdict after finding that the defendant manufacturer stole critical elements of the formula for Kevlar, a closely guarded and highly profitable DuPont trade secret. Despite the measures that were taken to protect the trade secret, a former DuPont consultant successfully copied key information relating to Kevlar on to a CD that was later disseminated to the manufacturer’s executives. All of this came to light in the recently unsealed criminal indictments the U.S. Department of Justice obtained against the manufacturer and several of its executives.
Perhaps all of this could have been avoided had a DLP tool been deployed. A properly implemented DLP solution in the DuPont case might have detected the misappropriation that occurred and perhaps prompted an internal investigation. At the very least, DLP could possibly have mitigated the harmful effects of the trade secret theft. DLP technology could potentially have detected the departure/copying of proprietary information and any other suspicious behavior regarding sensitive IP.
As the DuPont case teaches, DLP can be utilized to detect IP theft and data breaches. In addition, it can act as an early case assessment (ECA) tool for lawyers in both civil and criminal actions. With data breaches, where there is smoke (breach) there is generally fire (litigation). A DLP incident report can be used as a basis for an investigation, and essentially reverse engineer the ECA process with hard evidence underlying the data breach. Thus, instead of beginning an investigation with a hunch or tangential lead, DLP gives hard facts to lawyers, and ultimately serves as a roadmap for effective legal hold implementation for the communications of custodians. Instead of discovering data breaches during the discovery process, DLP allows lawyers to start with this information, making the entire matter more efficient and targeted.
From an information governance point of view, DLP also has a relationship with the left proactive side of the Electronic Discovery Reference Model. The DLP technology can also be repurposed as Data Classification Services for automated document retention. The policy and technology combination of DCS/DLP speak to each other in harmony to accomplish appropriate document retention as well as breach prevention and notification. It follows that there would be similar identifiers for both policy consoles in DCS/DLP, and that these indicators enable the technology to make intelligent decisions.
Given this backdrop, it behooves both firm lawyers and corporate counsel to consider getting up to speed on the capabilities of DLP tools. The benefits DLP offers in eDiscovery are too important to be ignored.