Magistrate Judge Sets Protocol for Plaintiff’s Forensic Examination of Former Employee’s Computer and Requests Affidavit from Expert Explaining Certain Issues
Equity Analytics, LLC v. Lundin, 248 F.R.D. 331 (D.D.C. 2008)
In this case, plaintiff Equity Analytics claimed that defendant, its former employee, gained illegal access to electronically stored information after he was fired. Defendant explained that another Equity employee had granted him permission to use the employee’s username and password to access a particular Equity computer system. Defendant admitted that he had accessed the system some 18 times over a 90-day period, and had used his Macintosh computer to do it.
In November 2007, the district court issued a TRO prohibiting defendant from “accessing or attempting to access Equity Analytics, LLC’s data on Salesforce.com for any purpose.” The judge initially struck from the TRO a requirement that defendant permit Equity to have a computer forensic expert examine his computer to ascertain: (1) whether defendant accessed Equity’s confidential customer data and/or trade secrets; (2) whether the data has been forwarded to defendant’s new employer an Equity competitor; and (3) whether the data was purged or overwritten. The parties subsequently agreed that a computer forensic specialist should be permitted to examine defendant’s Macintosh computer, but they could not reach agreement on the search protocol.