Should The Supreme Court Write This?

(Photo by Staci Zaretsky)

PER CURIAM.

This case concerns whether a person or entity can be civilly liable for the improper storage of important government documents.

We hold that a person or entity can be held civilly liable if it takes inadequate precautions to guard sensitive documents.

In the case before us, Respondent knew the importance of many documents in his or its possession. Respondent announced that precautions would be taken to protect the documents. In a sense, articulating those precautions established the standard of care to be used by Respondent; having established those rules, Respondent should of course have followed them. If a person, for example, instructs his staff to cull important documents from unimportant ones, the person should ensure those rules are followed. And the standard of care obviously prohibits allowing sensitive documents to be stored in a way that allows them to be stolen. (Imagine, for example, if a former president or vice president stored classified documents in a storage room at a private club or in a locked garage. We would never condone such conduct.)

But that is not the case here.

In the case before us, a powerful and sophisticated entity possessed extremely sensitive documents.

Respondent instructed employees to use secure servers for email communications. Respondents’ employees frequently ignored these rules and used personal email to transmit sensitive documents.

Respondent purchased and used printers that did not produce logs or were able to print documents on off-site locations without tracking. These are self-evident failures in information security that any reasonable person would have corrected.

Respondent used “burn bags” to ensure that sensitive documents were secure before the documents were transmitted for shredding. But the burn bags were then often left open or unattended in hallways. The burn bags were occasionally secured only with staples.

These practices were apparently “going on for years.” Respondent had ample time to correct them.

Respondent insists that it was unable to instruct its employees to use secure servers or to protect burn bags because several of Respondent’s employees were elderly or perceived themselves to be very important people. Respondent insists that no one could tell these employees to be more responsible about securing information because of the employees’ age and status.

To write these words is to see how unpersuasive they are. All employees — old and young, important or unimportant — are equal under the law. All employees can (and should) be compelled to understand and obey rules that are necessary to secure information.

Accordingly, we hold that Respondent can be held liable for negligence in connection with its handling of sensitive documents, and this Court should be sanctioned for having permitted a draft opinion in Dobbs v. Jackson Women’s Health Organization to be leaked. We will determine the appropriate remedy to be imposed upon us at a later date. And we reserve for the moment the question whether we should have recused ourselves from hearing this matter because we are passing judgment upon ourselves.

(For a recent news report explaining the publicly available facts of this dispute, see Exclusive:  Supreme Court justices used personal emails for work and ‘burn bags’ were left open in hallways, sources say.)

So ordered.

Mark Herrmann spent 17 years as a partner at a leading international law firm and is now deputy general counsel at a large international company. He is the author of The Curmudgeon’s Guide to Practicing Law and Drug and Device Product Liability Litigation Strategy (affiliate links). You can reach him by email at inhouse@abovethelaw.com