The 2014 Sony hack is again in the news, this time highlighting the threat that data breaches pose to the attorney-client privilege. On April 16, 2015, WikiLeaks announced that it had posted and indexed hacked Sony emails. Sony is now urging media outlets to be careful with the hacked emails that contain Sony’s attorney-client privilege and work product communications.
On April 17, 2015, the day after the WikiLeaks announcement, Sony’s attorney, David Boies, wrote in a letter to media outlets that “the stolen data includes, but is not limited to, documents and information protected under U.S. and international legal doctrines protecting attorney-client privileged communications, attorney work product, and related privileges and protections . . ..”
Boies attempted to prevent further dissemination of the privileged communications. Citing the federal Computer Fraud and Abuse Act, Copyright Act, and other state statutes concerning trade secrets and unfair competition, Boies asked for the recipients to “take all reasonable actions to prevent” their companies from “examining, copying, [or] disseminating” privileged material.
The Boies letter, however, did not stop some publications from reviewing and writing about Sony’s communications with its lawyers.
This latest chapter in the Sony saga reminds us that data breaches threaten the privacy of not only a company’s confidential financial and client information but also the company’s confidential communications with its attorneys.