Increasing Your Odds: When the Work-Product Doctrine Might Protect Data Breach Forensics Reports

Attorneys are generally mindful of placing too much faith in the work-product doctrine, especially in view of its uneven application in different jurisdictions across the country.

The risk of discoverability of third-party forensics reports following a data breach presents a prime example of this concern.

In January 2021, the District Court for the District of Columbia ordered the production of a post-breach forensics report that was prepared by a third-party investigator retained by outside counsel. [See Guo Wengui v. Clark Hill, PLC, Case No. 1:19-cv-03195, Docket No. 49, at *2 (D.D.C. Jan. 12, 2021)].

The law firm Clark Hill was hacked after it assisted a high-profile political dissident applying for asylum in the United States.

After the hack, the law firm terminated representation with the client, who sued Clark Hill for the data breach and alleged malpractice.