Summary of Commission Practice Relating to Administrative Protective Orders

AGENCY:

International Trade Commission.

ACTION:

Summary of Commission practice relating to administrative protective orders.

SUMMARY:

Since February 1991, the U.S. International Trade Commission (“Commission”) has issued an annual report on the status of its practice with respect to violations of its administrative protective orders (“APOs”) in investigations under Title VII of the Tariff Act of 1930 in response to a direction contained in the Conference Report to the Customs and Trade Act of 1990. Over time, the Commission has added to its report discussions of APO breaches in Commission proceedings other than Title VII and violations of the Commission's rule on bracketing business proprietary information (“BPI”) (the “24-hour rule”), 19 CFR 207.3(c). This notice provides a summary of investigations of breaches in Title VII, sections 202 and 204 of the Trade Act of 1974, as amended, and section 337 of the Tariff Act of 1930, as amended, completed during calendar year 2002. There were no completed investigations of 24-hour rule violations during that period. The Commission intends that this report educate representatives of parties to Commission proceedings as to some specific types of APO breaches encountered by the Commission and the corresponding types of actions the Commission has taken.

FOR FURTHER INFORMATION CONTACT:

Carol McCue Verratti, Esq., Office of the General Counsel, U.S. International Trade Commission, telephone (202) 205-3088. Hearing impaired individuals are advised that information on this matter can be obtained by contacting the Commission's TDD terminal at (202) 205-1810. General information concerning the Commission can also be obtained by accessing its Internet server ( http://www.usitc.gov ).

SUPPLEMENTARY INFORMATION:

Representatives of parties to investigations conducted under Title VII of the Tariff Act of 1930, sections 202 and 204 of the Trade Act of 1974, and section 337 of the Tariff Act of 1930, as amended, may enter into APOs that permit them, under strict conditions, to obtain access to BPI (Title VII) or confidential business information (“CBI”) (sections 201-204 and section 337) of other parties. See 19 U.S.C. 1677f; 19 CFR 207.7; 19 U.S.C. 2252(i); 19 CFR 206.17; 19 U.S.C. 1337(n); 19 CFR 210.5, 210.34. The discussion below describes APO breach investigations that the Commission has completed, including a description of actions taken in response to breaches. The discussion covers breach investigations completed during calendar year 2002.

Since 1991, the Commission has published annually a summary of its actions in response to violations of Commission APOs and the 24-hour rule. See 56 FR 4846 (Feb. 6, 1991); 57 FR 12,335 (Apr. 9, 1992); 58 FR 21,991 (Apr. 26, 1993); 59 FR 16,834 (Apr. 8, 1994); 60 FR 24,880 (May 10, 1995); 61 FR 21,203 (May 9, 1996); 62 FR 13,164 (March 19, 1997); 63 FR 25064 (May 6, 1998); 64 FR 23355 (April 30, 1999); 65 FR 30434 (May 11, 2000); 66 FR 27685 (May 18, 2001); 67 FR 39425 (June 7, 2002). This report does not provide an exhaustive list of conduct that will be deemed to be a breach of the Commission's APOs. APO breach inquiries are considered on a case-by-case basis.

As part of the effort to educate practitioners about the Commission's current APO practice, the Commission Secretary issued in March 2001 a third edition of An Introduction to Administrative Protective Order Practice in Import Injury Investigations (Pub. L. 3403). This document is available upon request from the Office of the Secretary, U.S. International Trade Commission, 500 E Street, SW., Washington, DC 20436, tel. (202) 205-2000.

I. In General

The current APO form for antidumping and countervailing duty investigations, which the Commission has used since March 2001, requires the applicant to swear that he or she will:

(1) Not divulge any of the BPI obtained under the APO and not otherwise available to him, to any person other than—

(i) Personnel of the Commission concerned with the investigation,

(ii) The person or agency from whom the BPI was obtained,

(iii) A person whose application for disclosure of BPI under this APO has been granted by the Secretary, and

(iv) Other persons, such as paralegals and clerical staff, who (a) are employed or supervised by and under the direction and control of the authorized applicant or another authorized applicant in the same firm whose application has been granted; (b) have a need thereof in connection with the investigation; (c) are not involved in competitive decisionmaking for an interested party which is a party to the investigation; and (d) have submitted to the Secretary a signed Acknowledgment for Clerical Personnel in the form attached hereto (the authorized applicant shall also sign such acknowledgment and will be deemed responsible for such persons' compliance with the APO);

(2) Use such BPI solely for the purposes of the Commission investigation or for judicial or binational panel review of such Commission investigation;

(3) Not consult with any person not described in paragraph (1) concerning BPI disclosed under this APO without first having received the written consent of the Secretary and the party or the representative of the party from whom such BPI was obtained;

(4) Whenever materials (e.g., documents, computer disks, etc.) containing such BPI are not being used, store such material in a locked file cabinet, vault, safe, or other suitable container (N.B.: storage of BPI on so-called hard disk computer media is to be avoided, because mere erasure of data from such media may not irrecoverably destroy the BPI and may result in violation of paragraph C of the APO);

(5) Serve all materials containing BPI disclosed under this APO as directed by the Secretary and pursuant to section 207.7(f) of the Commission's rules;

(6) Transmit each document containing BPI disclosed under this APO:

(i) With a cover sheet identifying the document as containing BPI,

(ii) With all BPI enclosed in brackets and each page warning that the document contains BPI,

(iii) If the document is to be filed by a deadline, with each page marked “Bracketing of BPI not final for one business day after date of filing,” and

(iv) If by mail, within two envelopes, the inner one sealed and marked “Business Proprietary Information—To be opened only by [name of recipient]”, and the outer one sealed and not marked as containing BPI;

(7) Comply with the provision of this APO and section 207.7 of the Commission's rules;

(8) Make true and accurate representations in the authorized applicant's application and promptly notify the Secretary of any changes that occur after the submission of the application and that affect the representations made in the application (e.g., change in personnel assigned to the investigation);

(9) Report promptly and confirm in writing to the Secretary any possible breach of the APO; and

(10) Acknowledge that breach of the APO may subject the authorized applicant and other persons to such sanctions or other actions as the Commission deems appropriate including the administrative sanctions and actions set out in this APO.

The APO further provides that breach of an APO may subject an applicant to:

(1) Disbarment from practice in any capacity before the Commission along with such person's partners, associates, employer, and employees, for up to seven years following publication of a determination that the order has been breached;

(2) Referral to the United States Attorney;

(3) In the case of an attorney, accountant, or other professional, referral to the ethics panel of the appropriate professional association;

(4) Such other administrative sanctions as the Commission determines to be appropriate, including public release of or striking from the record any information or briefs submitted by, or on behalf of, such person or the party he represents; denial of further access to BPI in the current or any future investigations before the Commission; and issuance of a public or private letter of reprimand; and

(5) Such other actions, including but not limited to, a warning letter, as the Commission determines to be appropriate.

Commission employees are not signatories to the Commission's APOs and do not obtain access to BPI through APO procedures. Consequently, they are not subject to the requirements of the APO with respect to the handling of BPI. However, Commission employees are subject to strict statutory and regulatory constraints concerning BPI, and face potentially severe penalties for noncompliance. See 18 U.S.C. 1905; Title 5, U.S. Code; and Commission personnel policies implementing the statutes. Although the Privacy Act (5 U.S.C. 552a) limits the Commission's authority to disclose any personnel action against agency employees, this should not lead the public to conclude that no such actions have been taken.

An important provision of the Commission's rules relating to BPI is the “24-hour” rule. This rule provides that parties have one business day after the deadline for filing documents containing BPI to file a public version of the document. The rule also permits changes to the bracketing of information in the proprietary version within this one-day period. No changes—other than changes in bracketing—may be made to the proprietary version. The rule was intended to reduce the incidence of APO breaches caused by inadequate bracketing and improper placement of BPI. The Commission urges parties to make use of the rule. If a party wishes to make changes to a document other than bracketing, such as typographical changes or other corrections, the party must ask for an extension of time to file an amended document pursuant to section 201.14(b)(2) of the Commission's rules.

II. Investigations of Alleged APO Breaches

Upon finding evidence of an APO breach or receiving information that there is a reason to believe one has occurred, the Commission Secretary notifies relevant offices in the agency that an APO breach investigation file has been opened. Upon receiving notification from the Secretary, the Office of General Counsel (OGC) begins to investigate the matter. The OGC prepares a letter of inquiry to be sent to the possible breacher over the Secretary's signature to ascertain the possible breacher's views on whether a breach has occurred. If, after reviewing the response and other relevant information, the Commission determines that a breach has occurred, the Commission often issues a second letter asking the breacher to address the questions of mitigating circumstances and possible sanctions or other actions. The Commission then determines what action to take in response to the breach. In some cases, the Commission determines that although a breach has occurred, sanctions are not warranted, and therefore has found it unnecessary to issue a second letter concerning what sanctions might be appropriate. Instead, it issues a warning letter to the individual. A warning letter is not considered to be a sanction.

Sanctions for APO violations serve two basic interests:

(a) Preserving the confidence of submitters of BPI that the Commission is a reliable protector of BPI; and (b) disciplining breachers and deterring future violations. As the Conference Report to the Omnibus Trade and Competitiveness Act of 1988 observed, “[T]he effective enforcement of limited disclosure under administrative protective order depends in part on the extent to which private parties have confidence that there are effective sanctions against violation.” H.R. Conf. Rep. No. 576, 100th Cong., 1st Sess. 623 (1988).

The Commission has worked to develop consistent jurisprudence, not only in determining whether a breach has occurred, but also in selecting an appropriate response. In determining the appropriate response, the Commission generally considers mitigating factors such as the unintentional nature of the breach, the lack of prior breaches committed by the breaching party, the corrective measures taken by the breaching party, and the promptness with which the breaching party reported the violation to the Commission. The Commission also considers aggravating circumstances, especially whether persons not under the APO actually read the BPI. The Commission considers whether there are prior breaches by the same person or persons in other investigations and multiple breaches by the same person or persons in the same investigation.

The Commission's rules permit economists or consultants to obtain access to BPI under the APO if the economist or consultant is under the direction and control of an attorney under the APO, or if the economist or consultant appears regularly before the Commission and represents an interested party who is a party to the investigation. 19 CFR 207.7(a)(3)(B) and (C). Economists and consultants who obtain access to BPI under the APO under the direction and control of an attorney nonetheless remain individually responsible for complying with the APO. In appropriate circumstances, for example, an economist under the direction and control of an attorney may be held responsible for a breach of the APO by failing to redact APO information from a document that is subsequently filed with the Commission and served as a public document. This is so even though the attorney exercising direction or control over the economist or consultant may also be held responsible for the breach of the APO.

The records of Commission investigations of alleged APO breaches in antidumping and countervailing duty cases are not publicly available and are exempt from disclosure under the Freedom of Information Act, 5 U.S.C. 552, section 135(b) of the Customs and Trade Act of 1990, and 19 U.S.C. 1677f(g).

The breach most frequently investigated by the Commission involves the APO's prohibition on the dissemination of BPI to unauthorized persons. Such dissemination usually occurs as the result of failure to delete BPI from public versions of documents filed with the Commission or transmission of proprietary versions of documents to unauthorized recipients. Other breaches have included: the failure to bracket properly BPI in proprietary documents filed with the Commission; the failure to report immediately known violations of an APO; and the failure to supervise adequately non-legal personnel in the handling of BPI.

Counsel participating in Title VII investigations have reported to the Commission potential breaches involving the electronic transmission of public versions of documents. In these cases, the document transmitted appears to be a public document with BPI omitted from brackets. However, the BPI is actually retrievable by manipulating codes in software. The Commission has found that the electronic transmission of a public document containing BPI in a recoverable form was a breach of the APO.

The Commission advised in the preamble to the notice of proposed rulemaking in 1990 that it will permit authorized applicants a certain amount of discretion in choosing the most appropriate method of safeguarding the confidentiality of the BPI. However, the Commission cautioned authorized applicants that they would be held responsible for safeguarding the confidentiality of all BPI to which they are granted access and warned applicants about the potential hazards of storage on hard disk. The caution in that preamble is restated here:

[T]he Commission suggests that certain safeguards would seem to be particularly useful. When storing business proprietary information on computer disks, for example, storage on floppy disks rather than hard disks is recommended, because deletion of information from a hard disk does not necessarily erase the information, which can often be retrieved using a utilities program. Further, use of business proprietary information on a computer with the capability to communicate with users outside the authorized applicant's office incurs the risk of unauthorized access to the information through such communication. If a computer malfunctions, all business proprietary information should be erased from the machine before it is removed from the authorized applicant's office for repair. While no safeguard program will insulate an authorized applicant from sanctions in the event of a breach of the administrative protective order, such a program may be a mitigating factor. Preamble to notice of proposed rulemaking, 55 FR 24100, 24103 (June 14, 1990).

In 2002, the Commission completed two investigations of instances in which members of a law firm or consultants working with a firm were granted access to APO materials by the firm although they were not APO signatories (Cases 1 and 5). In these cases and four others in 2001, the firm and the person using the BPI mistakenly believed an APO application had been filed for that person. The Commission determined in all these cases that the person who was a non-signatory, and therefore did not agree to be bound by the APO, could not be found to have breached the APO. Action could be taken against these persons, however, under Commission rule 201.15 (19 CFR 201.15) for good cause shown. In all cases, the Commission decided that the non-signatory was a person who appeared regularly before the Commission and was aware of the requirements and limitations related to APO access and should have verified his or her APO status before obtaining access to and using the BPI. In all but one case, the Commission issued warning letters because it was the first time the persons in question were subject to possible sanctions under section 201.15.

Also in 2002, the Commission found the lead attorney to be responsible for breaches in at least four cases where he or she failed to provide adequate supervision over the handling of BPI. (Cases 1, 3, 9, and 10). Lead attorneys should be aware that their responsibilities for overall supervision of an investigation, when a breach has been caused by the actions of someone else in the investigation, may lead to a finding that the lead attorney has also violated the APO. The Commission has found that a lead attorney did not violate the APO in cases where his delegation of authority was reasonable.

III. Specific Investigations in Which Breaches Were Found

The Commission presents the following case studies to educate users about the types of APO breaches found by the Commission. The studies provide the factual background, the actions taken by the Commission, and the factors considered by the Commission in determining the appropriate actions. The Commission has not included some of the specific facts in the descriptions of investigations where disclosure of such facts could reveal the identity of a particular breacher. Thus, in some cases, apparent inconsistencies in the facts set forth in this notice result from the Commission's inability to disclose particular facts more fully.

Case 1: Four attorneys were investigated for a breach involving the release of BPI to an attorney in the firm who was not a signatory to the APO. The attorneys who were involved in the Commission investigation assumed that they all had been included on the APO and shared the APO materials with each other. However, one of these attorneys, an associate, had not been included on the APO. The lead attorney was found to have breached the APO because he failed to provide adequate supervision over the handling of BPI and permitted the release of BPI to an associate in his firm who was not a signatory to the APO. The other attorneys were found to have breached because they provided the non-signatory with BPI to use in a Commission investigation. The fourth attorney did not breach the APO because he was a non-signatory, but the Commission determined that his actions were sufficient to demonstrate good cause for the imposition of sanctions under 19 CFR 201.15. He was not a signatory to the APO when he reviewed BPI contained in documents received under the APO and utilized the BPI in the preparation of a brief in the Commission investigation.

The three attorneys who breached the APO were issued warning letters. This was their first breach of an APO involving a section 201.15 violation. The attorney who was a non-signatory was issued a private letter of reprimand. Although this was his first violation under section 201.15, he had helped to cause a breach of the APO in a previous matter by failing to redact BPI from the public version of a brief filed in the Commission investigation. This breach had been previously investigated and reported. In that APOB investigation, the Commission found that there was sufficient information to suggest that a non-signatory outside the firm viewed the BPI.

Case 2: The Commission determined that an attorney, an APO coordinator, and a legal secretary breached the APO. The APO coordinator, who was a senior legal secretary, gave another legal secretary an attorney's edits to a draft brief and provided instructions regarding redaction of the CBI from brackets and the subsequent faxing of the draft brief to clients. The legal secretary did not remove all the CBI from the brackets because she believed it was the clients' information. She also did not have an attorney review the document, as required by the firm's procedures, after she made the edits and before she faxed the document to the clients. In the affidavits provided by the firm in this APOB investigation, there was a dispute between the legal secretary and the rest of the firm as to whether the legal secretary had received adequate instructions from the APO coordinator regarding the handling of the CBI. One of the attorneys working on the brief also recalled instructing the legal secretary to remove all the CBI from the brackets because the information had been generated by multiple clients.

In defending against the breach allegations, the firm raised issues about whether the information was CBI. The Commission considered each of the arguments and determined that CBI had been released.

In spite of the dispute over instructions given to the legal secretary, the Commission determined that she had breached the APO. In addition, the Commission determined that the APO coordinator and the attorney who made the edits to the brief, and who was also the lead attorney and managing partner in the firm, breached the APO for failure to provide adequate supervision over the legal secretary.

The Commission issued private letters of reprimand to all three persons, after considering that persons who were non-signatories to the APO actually read the CBI. The Commission considered the mitigating circumstances that the firm had reported the breach promptly, took immediate steps to minimize the effect of the breach, and strengthened procedures to prevent future breaches. In addition, none of the persons found to have breached had a record of prior breaches.

Case 3: The Commission determined that two attorneys breached the APO when one of them sent copies of the Commission's confidential views to executives of the law firm's clients with an attached cover memorandum that had been drafted by one attorney and signed by the firm's lead attorney. In determining that the lead attorney breached the APO, the Commission considered the fact that the lead attorney had overall responsibility for APO matters. The Commission issued private letters of reprimand to both attorneys, even though it was both attorneys' first breach, because of the serious nature of the breach. The Commission noted that the confidential brief had been in the possession of the clients for seven days before the breach was discovered and that two of the clients read the BPI.

Case 4: The Commission investigated whether two attorneys had breached the APO. The lead attorney had asked at the Commission hearing if the confidential record from a prior investigation could be incorporated into the confidential record of the subject investigation. The Commission had not yet determined whether to allow the prior record to be used when the attorney used the BPI from the previous investigation by referencing it to support arguments in his post-hearing brief. The Commission determined that the lead attorney breached the APO by including arguments in his post-hearing brief that referenced and compared BPI in the previous investigation with BPI in the subject investigation. The Commission found a breach even though the BPI was not actually disclosed to non-signatories to the APO.

The Commission noted that it had not found that the attorney breached the APO by making arguments using public information, by asking the Commission to include BPI from one investigation in the confidential record of another investigation, or by asking the Commission in the subject investigation to consider issues already discussed in the confidential prehearing staff report of the subject investigation.

The Commission decided to issue a warning letter after considering that this was the only breach in which the attorney had been involved within the two year period prior to the breach, his prompt action to remedy the breach, and the fact there had been no disclosure of BPI to persons not already under the APO. The Commission also noted that the attorney might not have realized that comparing BPI from two different investigations, and referencing without disclosing BPI from a separate investigation, could trigger an APO violation.

The Commission decided the second attorney did not breach the APO because the lead attorney had clearly stated that the decision to put the arguments in the post-hearing brief was his alone.

Case 5: The Commission investigated a breach involving the use of CBI by one attorney in a firm who was not a signatory to the APO. The lead attorney for the firm in the Commission investigation assigned an associate to the investigation and gave him access to CBI. Both attorneys thought the associate was a signatory to the APO. The Commission found that the lead attorney breached the APO by assigning the associate to handle CBI when he was not a signatory to the APO. The Commission also found that the lead attorney failed adequately to supervise the handling of CBI. The Commission found that the associate did not breach the APO because he was not a signatory. However, the Commission found there was good cause to caution the associate pursuant to 19 CFR 201.15(a).

The Commission issued warning letters to both attorneys. The mitigating circumstances considered by the Commission that led to warning letters included the facts that the breach was unintentional, that there were no prior breaches or allegations of violations under section 201.15 for either attorney within the prior two year period, that the attorneys immediately notified the Commission of the breach once they discovered it, that they took action to prevent further breaches, that the associate protected the CBI as if he had been a signatory, and that the firm immediately sought APO access to the CBI for the associate as soon as the breach was discovered.

Case 6: The Commission determined that two attorneys and a records administrator in a law firm breached the APO for failing to return or destroy a document containing BPI within the time required by the APO and for falsely certifying that it had been destroyed. When searching in an archives file to retrieve documents for litigation purposes, one of the attorneys discovered a copy of a post-hearing brief that had not been returned or destroyed with the rest of the APO material obtained in a Commission investigation. The Commission found that both during and after the Commission investigation, that attorney and the records administrator failed to assure that the document in question was filed and stored in a manner and place that was inaccessible to persons unauthorized to review APO material, as required by 19 CFR 207.7(b)(1) and (4).

The Commission found that the senior attorney in the firm committed a breach because a document containing BPI was not filed properly or destroyed at the conclusion of the Commission investigation. The Commission noted that as head of his firm the senior attorney was responsible for establishing adequate procedures to assure that documents containing BPI are handled, maintained, and destroyed in a manner consistent with the Commission's APO regulations.

The Commission issued warning letters to the two attorneys and the records administrator. It considered the mitigating factors that the breach was unintentional, that prompt action was taken to report and remedy the breach, that no unauthorized person accessed the document, and, with regard to the first attorney and the records administrator, that this was their first breach. The senior attorney was found to have breached under similar circumstances in the previous year, but the Commission declined to issue a sanction because the current breach occurred prior to the one for which he had already received a warning letter and he had instituted new procedures at the firm to avoid future breaches as a result of the previous year's APOB investigation.

Case 7: The Commission determined that three attorneys breached an APO by failing to redact BPI from one page of the public version of their prehearing brief. The three attorneys were mid-level associates and were solely responsible for preparing the public version of the brief. The brief was filed with the Commission and served on the parties on the public service list including a non-signatory. The brief was also sent to several clients who were not signatories.

The Commission determined that three other attorneys whose names were on the brief did not breach. None of these attorneys participated in the preparation of the public version of the brief. In addition, the Commission found that the lead attorney did not breach because he had reasonably delegated the task of preparing the public version of the brief to three experienced associates. None of these associates had previously breached an APO.

The Commission issued private letters of reprimand to the three associates after considering the aggravating circumstances that the Secretary's Office and not the law firm discovered the breach; that the breach was not discovered until 19 days after the brief had been filed and served; and that the BPI may have been read by one or more non-signatories to the APO. The Commission noted that, although the attorneys stated that no recipients of the brief informed their firm that they had read, copied, or transmitted the public version of the brief, it was not clear that non-signatories did not review the BPI.

In reaching its decision to issue private letters of reprimand, the Commission also considered the mitigating circumstances that the breach was unintentional, that corrective measures were taken immediately after the breach was discovered, that there were internal APO procedures before the breach that were followed, and that these procedures were strengthened after the breach.

Case 8: The Commission determined that two attorneys breached the APO by e-mailing an electronic version of a public prehearing brief, which contained electronically masked but recoverable CBI, to their clients and to parties that had agreed to that type of service. Although the brief appeared to be a public document with CBI omitted from within the brackets, the deleted CBI was retrievable electronically. Both attorneys believed that they were e-mailing a document from which CBI was deleted and not retrievable.

The Commission, deciding not to sanction the attorneys, sent them warning letters. The Commission reached that decision after giving consideration to the facts that this was the only breach in which either attorney had been involved within the prior two year period considered by the Commission in determining sanctions, that the breach was unintentional, that the breach was discovered by the attorneys, that there was no indication that anyone not on the APO viewed the CBI, that prompt action was taken to remedy the breach, and that new procedures had been established by the firm to avoid a similar APO violation in the future.

Case 9: The Commission determined that a lead attorney breached the APO by failing to provide adequate supervision over his firm's personnel regarding the care of CBI. Another law firm had been added to the public service list late in an investigation. The clerical personnel in charge of serving documents manually created mailing labels for the firm rather than creating computer generated labels that were segregated between public and APO lists. The secretary who typed the labels mistakenly typed them for service of APO materials. The newly added firm received APO materials for two days. The outer envelopes were opened but the inner envelopes remained sealed and were returned to the original law firm.

Upon inquiry, the law firm was unable to provide the Commission with the name of the person responsible for the mislabeling. However, the Commission did determine that the lead attorney was responsible for the breach. He had signed the APO application for the clerical personnel indicating he was responsible for their compliance with APO requirements.

The Commission issued a warning letter to the lead attorney after considering that the breach was unintentional, that his firm took immediate steps to reeducate its personnel regarding the proper handling of CBI, that non-signatories had not reviewed the BPI, and that the lead attorney had not breached an APO within a prior two year period considered by the Commission in determining an appropriate sanction.

Case 10: The Commission considered whether two attorneys and one clerical employee breached the APO. The breach occurred when a clerical employee served a law firm with the BPI version of a post-conference brief although the firm was not a signatory to the Commission's APO. The recipient firm notified the law firm that the package was opened, but the brief was viewed only to the extent of determining that it was a document containing BPI covered by the Commission's APO, not Commerce's APO, to which the firm was a signatory. The Commission determined that, in addition to the clerical employee, the attorney supervising the clerical employees and the lead attorney in the investigation were both responsible for the breach.

In a previous APOB investigation concerning the same Commission investigation, the Commission had found that five clerical employees, including the one responsible for this breach, and the same attorney who supervised the clerical employees in the investigations had breached the APO. Warning letters were issued at that time. The Commission did not find that the lead attorney had breached because he had reasonably delegated the responsibility of supervising the clerical employees to an experienced attorney who had no prior violations.

In the current APOB investigation, the Commission determined that the lead attorney was responsible for the breach because he was aware that both the supervising attorney and the clerical employee had previously breached the APO. Since the lead attorney had recently received a private letter of reprimand in a different breach investigation, the Commission issued a private letter of reprimand to the lead attorney with a requirement that he update the firm's APO procedures and conduct a training session for attorneys and staff involved in APO practice in his firm. The supervising attorney and the clerical employee both received private letters of reprimand. The Commission considered the unintentional nature of the breach, the fact that corrective measures were immediately taken to retrieve the document from the non-signatory law firm and to remove the project assistant from the APO, the immediate reporting of the incident to the Commission, and that no non-signatory viewed the BPI as mitigating circumstances and the prior breaches of both attorneys and the clerical employee as an aggravating circumstance.

Case 11: The Commission determined that two attorneys and a legal secretary breached the APO. An associate attorney and the secretary worked together to prepare the public version of a draft post-conference brief. The attorney e-mailed the brief in an electronic form that masked the BPI. However, one footnote contained unredacted BPI. The Microsoft Word macro that was used to mask BPI in the brief did not mask BPI in the footnotes. The secretary missed the BPI in one of the footnotes when she did a manual review of the brief before the attorney e-mailed it to eight clients. The attorney did not check the brief to be sure all BPI was masked before he e-mailed the document. The information provided in the APOB investigation indicated that the persons involved in the breach did not know that the BPI was recoverable by the recipients of the e-mail.

When the lead attorney who had been out of the office while the public brief was prepared and transmitted to the client returned, he reviewed the brief and discovered that one of the footnotes contained unmasked BPI. The associate attorney was directed to take immediate action to contact the Commission, to inform the recipients of the draft brief to destroy all paper and electronic versions of it, and to prepare a revised electronic brief with masked BPI and e-mail that to the same clients.

The Commission found that the lead secretary breached the APO by failing to redact BPI from the draft public brief which resulted in possession of the BPI by several non-signatories, including one who actually viewed the BPI. The Commission issued a warning letter to the secretary rather than a private letter of reprimand largely because she, as a clerical employee, was under the direct supervision of an attorney at the time of the breach. In addition, this was her first breach, the breach was unintentional, prompt action was taken to remedy the breach, and actions were taken by the firm to improve APO compliance procedures.

The Commission found that the lead attorney breached the APO because the associate attorney had e-mailed two versions of the public draft brief with masked but recoverable BPI. The Commission noted that the information provided in this APOB investigation indicated that it was the law firm's practice to e-mail public versions of documents containing masked but recoverable BPI to its clients. Further, although the first electronic brief had been retrieved or destroyed, there was no indication in the record that anyone had attempted to retrieve or destroy the electronic copies of the revised draft brief sent to the eight non-signatory clients. Consequently, the masked BPI in those electronic copies had evidently remained unprotected for at least nine months, and at risk of disclosure to APO non-signatories. The Commission determined that the lead attorney was not responsible for the breach involving BPI remaining visible in the one footnote as his delegation of the preparation of the public version of a brief to a mid-level associate was reasonable. However, the Commission issued the lead attorney a private letter of reprimand because of the serious problem raised by e-mailing electronic documents containing masked but retrievable BPI. The lead attorney had no prior breaches.

The associate attorney was also given a private letter of reprimand. The Commission reached its decision to sanction the associate after giving consideration to the existence of several mitigating factors with respect to the unredacted BPI, including the unintentional nature of the breach, the fact that corrective measures were immediately taken, the breach was reported to the Secretary's Office the following day, and certain procedures at the law firm were strengthened to prevent future breaches. The Commission noted that, with respect to the breach involving masked but recoverable BPI in both versions of the electronic brief, the breach was inadvertent. The Commission also considered the fact this was the associate's first breach. A sanction was warranted, however, because a non-signatory viewed the unredacted BPI in the footnote in the first draft brief. Moreover, the Commission and not the law firm identified the breach involving the masked but recoverable BPI. Finally, there was no information on the record suggesting that anyone in the law firm had attempted to prevent disclosure to unauthorized persons of recoverable BPI contained in the revised draft brief.

Case 12: The Commission determined that three attorneys breached the APO. All three attorneys, who were from two different firms, had been responsible for preparing the public version of a joint brief in which not all BPI received under the APO had been redacted. After the public brief was completed, one of the firms sent copies to two of its clients where one office at each of the companies viewed the brief with the unredacted BPI. The Commission issued two of the attorneys private letters of reprimand and the third attorney received a private letter of reprimand with the additional requirement that he conduct an APO compliance seminar at his firm. This was the first breach for the first two attorneys, but the third attorney had breached another APO within two years of the occurrence of this breach. In issuing these sanctions, the Commission considered that BPI was viewed by non-signatories to the APO, and also considered the mitigating circumstances that the breach was unintentional; that corrective measures were taken immediately; that internal APO procedures existed before the breach and they had been followed; and that these procedures were strengthened.

A fourth attorney initially was found by the Commission to have breached the APO. His involvement with the preparation of the public brief had been solely to check the adequacy of the bracketing in the confidential version. He had delegated preparation of the public version to an attorney in his firm who was an experienced trade lawyer. The fourth attorney had sent the public brief to his clients not knowing that it contained unredacted BPI. During the sanctions phase of the APOB investigation, the fourth attorney cited a Commission summary of an APOB investigation completed in 2001 which had not been published during the breach phase of the current APOB investigation. The attorney argued that, since the facts contained in the summary were very similar to his circumstances and, in that case, the supervising attorney was found not to have breached, the Commission should reconsider and reverse its decision that he had breached the APO. Based on these new arguments that had not been available to the attorney earlier, the Commission reconsidered and reversed its previous decision that he had breached.

Case 13: The Commission determined that a lead economic consultant breached the APO by failing to return or destroy confidential documents and certify that the documents were returned or destroyed within 60 days after the Commission's publication of its final remedy determination in the Federal Register. The Commission issued a warning letter to the lead consultant, while determining that other consultants in his firm were not responsible for the breach of the APO. The Commission, in reaching its determination, considered that this was the only breach in which the consultant had been involved within a two year period examined by the Commission for purposes of determining sanctions; that the consultant and other employees who were signatories to the APO executed and filed certificates of return or destruction of CBI materials less than one month after the deadline; that there was no indication in the record that any non-signatory had access to the CBI in question; and that the consultant's firm had implemented, pursuant to requirements imposed by litigation in which it was involved, a strict document retention policy which required various approvals before documents could be destroyed.

Case 14: The Commission determined that one attorney breached the APO when he filed a public version of a prehearing brief containing BPI. The BPI, the name of a business that was the source of a lost revenue allegation, had been contained in the confidential staff report at an earlier phase of the investigation. That report bracketed the name of a business in all but one place. The name of the business was deleted from the public version of the report in all locations. The attorney argued that he didn't breach the APO because the information was publicly available, since it was not consistently bracketed in the staff report. In response, the Commission noted that the confidential staff report was distributed only to parties who were signatories to the APO and was not distributed to the public. The public version of the staff report was distributed to the public, but it did not reveal the identify of the source of the lost revenue allegation. The attorney also argued that the information in question theoretically could have been obtained from public sources, i.e., from information contained in public files for litigation to which his client was a party. The Commission determined that the “theoretical” availability of information through public sources cannot justify the use of BPI obtained through the APO. Finally, the attorney argued that counsel for the person who previously owned the company from which the information had been received did not object to disclosures of “historical information” about the firm. Nevertheless, the Commission noted that the company had not waived confidential treatment for the questionnaires it submitted to the Commission which contained the information in question.

There were several aggravating factors in the investigation. The breach was discovered by the Commission, the attorney did not act promptly to cure the breach, and the brief had been distributed to a non-signatory who retained the document for almost three weeks. Nonetheless, the Commission issued a warning letter to the attorney. In deciding not to issue sanctions, the Commission considered the fact that this was the attorney's first breach and that he failed to redact the BPI is good faith after relying on the incomplete bracketing in the confidential staff report.

Case 15: The Commission investigated whether two attorneys breached the APO in an investigation by serving on other counsel a document that indicated on its face it did not contain CBI but did in fact contain CBI. The Commission determined that the attorneys breached the APO and issued a warning letter to them. The Commission considered the mitigating factors that the release was inadvertent, that there was no actual dissemination of CBI to non-signatories to the APO, and that immediate steps were taken to remedy the situation once counsel became aware of the breach. In addition, the attorneys implemented new procedures regarding preparation of non-proprietary submissions in order to prevent future breaches.

IV. Investigations in Which No Breach Was Found

During 2002, four additional APO breach investigations were initiated. In one investigation the Commission determined that no breach had occurred. In the other three, the investigations were closed administratively. The reasons that the investigations were closed or that there was a “no breach” determination included that: (1) The breach concerned a judicial protective order, not a Commission APO; (2) the information at issue that ordinarily would be entitled to treatment as BPI was not consistently treated as such in the public record including by persons entitled to claim it was BPI; (3) testimony at a hearing did not reveal BPI because the information in question had been previously revealed on the public record; and (4) while information that was revealed in an attachment to a document filed with the Commission might have been proprietary under the terms of an agreement connected with outside litigation, the information was not obtained under the APO and, therefore, its disclosure could not constitute a breach of the APO.