It may be all very well hiring a big name law firm to protect your company secrets. But what sort of risks do the law firms take in supervising that sort of intellectual property, particularly when the internet permits information to be accessed so easily by employees?
The risks received highlighted exposure this week with the insider trading scheme involving an employee of Simpson Thacher & Bartlett providing tips to the traders.
As the WSJ reported, “Your employees are your highest risk,” said Linn Freedman, a partner at Nixon Peabody LLP and head of the firm’s privacy and data protection group, who isn’t involved in the latest case. “If someone is going to commit a criminal act, there is only so much you can do to prevent it.”
Prosecutors allege that Steven Metro, a former managing clerk with Simpson Thacher, leaked confidential information on a number of transactions by accessing material on the firm’s computer system. The law firm is known for its work in private equity and mergers and acquisitions. “Metro told the Middleman that he did so in a way that he believed would leave no evidence that he had accessed the documents, which would possibly expose the scheme,” according to a civil complaint by the Securities and Exchange Commission.
A lawyer for Mr. Metro couldn’t be reached for comment on Thursday. Earlier this week the lawyer said his client intended to plead not guilty.
Thirty years ago, confidential files would have been kept in locked cabinets or conference rooms. Now they are stored electronically, often on firmwide networks where lawyers can access documents from offices around the globe. Much of the work on big mergers and acquisitions deals happens in what’s called a data room—a virtual platform where due diligence materials are placed so that bankers, consultants and other attorneys can access the information without logging onto a law firm’s server.
Some firms have strict procedures in place intended to keep word from leaking out about potential deals involving public companies.