AGENCY:

International Trade Commission.

ACTION:

Summary of Commission practice relating to administrative protective orders.

SUMMARY:

Since February 1991, the U.S. International Trade Commission (“Commission”) has published in the Federal Register reports on the status of its practice with respect to breaches of its administrative protective orders (“APOs”) under title VII of the Tariff Act of 1930 in response to a direction contained in the Conference Report to the Customs and Trade Act of 1990. Over time, the Commission has added to its report discussions of APO breaches in Commission proceedings other than under title VII and violations of the Commission's rules, including the rule on bracketing business proprietary information (the “24-hour rule”) under title 19 of the Code of Federal Regulations. This notice provides a summary of APO breach investigations completed during fiscal year 2023. This summary addresses APO breach investigations related to proceedings under both title VII and section 337 of the Tariff Act of 1930. The Commission intends for this summary to inform representatives of parties to Commission proceedings of the specific types of APO breaches before the Commission and the corresponding types of actions that the Commission has taken.

FOR FURTHER INFORMATION CONTACT:

David Goldfine, Office of the General Start Printed Page 85304 Counsel, U.S. International Trade Commission, telephone (202) 708–5452. Hearing-impaired individuals may obtain information on this matter by contacting the Commission's TDD terminal at (202) 205–1810. General information concerning the Commission is available on its website at https://www.usitc.gov.

SUPPLEMENTARY INFORMATION:

Statutory authorities for Commission investigations provide for the release of business proprietary information (“BPI”) or confidential business information (“CBI”) to certain authorized representatives in accordance with requirements set forth in the Commission's Rules of Practice and Procedure. Such statutory and regulatory authorities include: 19 U.S.C. 1677f; 19 CFR 207.7; 19 U.S.C. 1337(n); 19 CFR 210.5, 210.34; 19 U.S.C. 2252(i); 19 CFR 206.17; 19 U.S.C. 4572(f); 19 CFR 208.22; 19 U.S.C. 1516a(g)(7)(A); and 19 CFR 207.100–207.120. The discussion below describes APO breach investigations that the Commission completed during fiscal year 2023, including descriptions of actions taken in response to any breaches.

Since 1991, the Commission has published annually a summary of its actions in response to violations of Commission APOs and rule violations. See87 FR 69331 (Nov. 18, 2022); 86 FR 71916 (Dec. 20, 2021); 85 FR 7589 (Feb. 10, 2020); 83 FR 42140 (Aug. 20, 2018); 83 FR 17843 (Apr. 24, 2018); 82 FR 29322 (June 28, 2017); 81 FR 17200 (Mar. 28, 2016); 80 FR 1664 (Jan. 13, 2015); 78 FR 79481 (Dec. 30, 2013); 77 FR 76518 (Dec. 28, 2012); 76 FR 78945 (Dec. 20, 2011); 75 FR 66127 (Oct. 27, 2010); 74 FR 54071 (Oct. 21, 2009); 73 FR 51843 (Sept. 5, 2008); 72 FR 50119 (Aug. 30, 2007); 71 FR 39355 (July 12, 2006); 70 FR 42382 (July 22, 2005); 69 FR 29972 (May 26, 2004); 68 FR 28256 (May 23, 2003); 67 FR 39425 (June 7, 2002); 66 FR 27685 (May 18, 2001); 65 FR 30434 (May 11, 2000); 64 FR 23355 (Apr. 30, 1999); 63 FR 25064 (May 6, 1998); 62 FR 13164 (Mar. 19, 1997); 61 FR 21203 (May 9, 1996); 60 FR 24880 (May 10, 1995); 59 FR 16834 (Apr. 8, 1994); 58 FR 21991 (Apr. 26, 1993); 57 FR 12335 (Apr. 9, 1992); and 56 FR 4846 (Feb. 6, 1991). This report does not provide an exhaustive list of conduct that will be deemed to be a breach of the Commission's APOs. The Commission considers APO breach investigations on a case-by-case basis.

As part of the Commission's efforts to educate practitioners about the Commission's current APO practice, the Secretary to the Commission (“Secretary”) issued in January 2022 a sixth edition of An Introduction to Administrative Protective Order Practice in Import Injury Investigations (Pub. No. 5280). This document is available on the Commission's website at http://www.usitc.gov.

I. In General

A. Antidumping and Countervailing Duty Investigations

The current APO application form for antidumping and countervailing duty investigations, which the Commission revised in May 2020, requires an APO applicant to agree to:

(1) Not divulge any of the BPI disclosed under this APO or otherwise obtained in this investigation and not otherwise available to him or her, to any person other than—

(i) Personnel of the Commission concerned with the investigation,

(ii) The person or agency from whom the BPI was obtained,

(iii) A person whose application for disclosure of BPI under this APO has been granted by the Secretary, and

(iv) Other persons, such as paralegals and clerical staff, who (a) are employed or supervised by and under the direction and control of the authorized applicant or another authorized applicant in the same firm whose application has been granted; (b) have a need thereof in connection with the investigation; (c) are not involved in competitive decision making for an interested party which is a party to the investigation; and (d) have signed the acknowledgment for clerical personnel in the form attached hereto (the authorized applicant shall also sign such acknowledgment and will be deemed responsible for such persons' compliance with this APO);

(2) Use such BPI solely for the purposes of the above-captioned Commission investigation or for U.S. judicial or review pursuant to the North American Free Trade Agreement the determination resulting from such investigation of such Commission investigation;

(3) Not consult with any person not described in paragraph (1) concerning BPI disclosed under this APO or otherwise obtained in this investigation without first having received the written consent of the Secretary and the party or the representative of the party from whom such BPI was obtained;

(4) Whenever materials ( e.g., documents, computer disks or similar media) containing such BPI are not being used, store such material in a locked file cabinet, vault, safe, or other suitable container (N.B.: [S]torage of BPI on so-called hard disk computer media or similar media is to be avoided, because mere erasure of data from such media may not irrecoverably destroy the BPI and may result in violation of paragraph C of this APO);

(5) Serve all materials containing BPI disclosed under this APO as directed by the Secretary and pursuant to section 207.7(f) of the Commission's rules;

(6) Transmit each document containing BPI disclosed under this APO:

(i) With a cover sheet identifying the document as containing BPI,

(ii) With all BPI enclosed in brackets and each page warning that the document contains BPI,

(iii) If the document is to be filed by a deadline, with each page marked “Bracketing of BPI not final for one business day after date of filing,” and

(iv) Within two envelopes, the inner one sealed and marked “Business Proprietary Information—To be opened only by [name of recipient]”, and the outer one sealed and not marked as containing BPI;

(7) Comply with the provision of this APO and section 207.7 of the Commission's rules

(i) Make true and accurate representations in the authorized applicant's application and promptly notify the Secretary of any changes that occur after the submission of the application and that affect the representations made in the application ( e.g. [,] change in personnel assigned to the investigation),

(ii) Report promptly and confirm in writing to the Secretary any possible breach of this APO, and

(iii) Acknowledge that breach of this APO may subject the authorized applicant and other persons to such sanctions or other actions as the Commission deems appropriate, including the administrative sanctions and actions set out in this APO.

The APO form for antidumping and countervailing duty investigations also provides for the return or destruction of the BPI obtained under the APO on the order of the Secretary, at the conclusion of the investigation, or at the completion of judicial review. The BPI disclosed to an authorized applicant under an APO during the preliminary phase of the investigation generally may remain in the applicant's possession during the final phase of the investigation.

The APO further provides that breach of an APO may subject an applicant to:

(1) Disbarment from practice in any capacity before the Commission along with such person's partners, associates, employer, and employees, for up to seven years following publication of a Start Printed Page 85305 determination that the order has been breached;

(2) Referral to the United States Attorney;

(3) In the case of an attorney, accountant, or other professional, referral to the ethics panel of the appropriate professional association;

(4) Such other administrative sanctions as the Commission determines to be appropriate, including public release of, or striking from the record any information or briefs submitted by, or on behalf of, such person or the party he represents; denial of further access to business proprietary information in the current or any future investigations before the Commission, and issuance of a public or private letter of reprimand; and

(5) Such other actions, including but not limited to, a warning letter, as the Commission determines to be appropriate.

APOs issued in cross-border long-haul trucking (“LHT”) investigations, conducted under the United States-Mexico-Canada Agreement (“USMCA”) Implementation Act, 19 U.S.C. 4571–4574 (19 U.S.C. 4501 note), and safeguard investigations, conducted under the statutory authorities listed in 19 CFR 206.1 and 206.31, contain similar (though not identical) provisions.

B. Section 337 Investigations

APOs in section 337 investigations differ from those in title VII investigations: There is no set form like the title VII APO application, and provisions of individual APOs may differ depending on the investigation and the presiding administrative law judge. However, in practice, the provisions are often similar in scope and applied quite similarly. Any person seeking access to CBI during a section 337 investigation (including, for example, outside counsel for parties to the investigation and technical experts and their staff who are employed for the purposes of the investigation) is required to read the APO, file a letter with the Secretary indicating agreement to be bound by the terms of the APO, agree not to reveal CBI to anyone other than another person permitted access by the APO, and agree to utilize the CBI solely for the purposes of that investigation.

In general, an APO in a section 337 investigation will define what kind of information is CBI and direct how CBI is to be designated and protected. The APO will state which persons may have access to CBI and which of those persons must sign onto the APO. The APO will provide instructions on how CBI is to be maintained and protected by labeling documents and filing transcripts under seal. It will provide protections for the suppliers of CBI by notifying them of a Freedom of Information Act request for the CBI and providing a procedure for the supplier to seek to prevent the release of the information. There are provisions for disputing the designation of CBI and a procedure for resolving such disputes. Under the APO, suppliers of CBI are given the opportunity to object to the release of the CBI to a proposed expert. The APO requires a person who discloses CBI, other than in a manner authorized by the APO, to provide all pertinent facts to the supplier of the CBI and to the administrative law judge and to make every effort to prevent further disclosure. Under Commission practice, if the underlying investigation is before the Commission at the time of the alleged breach or if the underlying investigation has been terminated, a person who discloses CBI, other than in a manner authorized by the APO, should report the disclosure to the Secretary. See19 CFR 210.25, 210.34(c). Upon final termination of an investigation, the APO requires all signatories to the APO to either return to the suppliers or, with the written consent of the CBI supplier, destroy the originals and all copies of the CBI obtained during the investigation.

The Commission's regulations provide for the imposition of certain sanctions if a person subject to the APO violates its restrictions. The Commission keeps the names of the persons being investigated for violating an APO confidential unless the sanction imposed is a public letter of reprimand. 19 CFR 210.34(c)(1). The possible sanctions are:

(1) An official reprimand by the Commission.

(2) Disqualification from or limitation of further participation in a pending investigation.

(3) Temporary or permanent disqualification from practicing in any capacity before the Commission pursuant to 19 CFR 201.15(a).

(4) Referral of the facts underlying the violation to the appropriate licensing authority in the jurisdiction in which the individual is licensed to practice.

(5) Making adverse inferences and rulings against a party involved in the violation of the APO or such other action that may be appropriate. 19 CFR 210.34(c)(3).

Commission employees are not signatories to the Commission's APOs and do not obtain access to BPI or CBI through APO procedures. Consequently, they are not subject to the requirements of the APO with respect to the handling of BPI and CBI. However, Commission employees are subject to strict statutory and regulatory constraints concerning BPI and CBI, and they face potentially severe penalties for noncompliance. See18 U.S.C. 1905; title 5, U.S. Code; and Commission personnel policies implementing the statutes. Although the Privacy Act (5 U.S.C. 552a) limits the Commission's authority to disclose any personnel action against agency employees, this should not lead the public to conclude that no such actions have been taken.

II. Investigations of Alleged APO Breaches

The Commission conducts APO breach investigations for potential breaches that occur in title VII, safeguard, and LHT investigations, as well as for potential breaches in section 337 investigations that are before the Commission or have been terminated.^[1] Administrative law judges handle potential APO breaches in section 337 investigations when the breach occurred and is discovered while the underlying investigation is before the administrative law judge. The Commission may review any decision that the administrative law judge makes on sanctions in accordance with Commission regulations. See19 CFR 210.25, 210.34(c).

For Commission APO breach investigations, upon finding evidence of an APO breach or receiving information that there is reason to believe that one has occurred, the Secretary notifies relevant Commission offices that the Secretary has opened an APO breach file and that the Commission has commenced an APO breach investigation. The Commission then notifies the alleged breaching parties of the alleged breach and provides them with the voluntary option to proceed under a one- or two-step investigatory process. Under the two-step process, which was the Commission's historic practice, the Commission determines first whether a breach has occurred and, if so, who is responsible for it. This is done after the alleged breaching parties have been provided an opportunity to present their views on the matter. The breach investigation may conclude after this first step if: (1) the Commission Start Printed Page 85306 determines that no breach occurred and issues a letter so stating; or (2) the Commission finds that a breach occurred but concludes that no further action is warranted and issues a warning letter. If the Commission determines that a breach occurred that warrants further action, the Commission will then determine what sanction, if any, to impose. Before making this determination, the Commission provides the breaching parties with an opportunity to present their views on the appropriate sanction and any mitigating circumstances. The Commission can decide as part of either the first or second step to issue a warning letter. A warning letter is not a sanction, but the Commission will consider a warning letter as part of a subsequent APO breach investigation.

The Commission recognizes that the two-step process can result in duplicative work for the alleged breaching party and Commission staff in some APO breach investigations. For example, parties who self-report their own breach often address mitigating circumstances and sanctions in their initial response to the Commission's letter of inquiry on the breach. But, under the Commission's two-step process, they must await a Commission decision on breach and then submit again their views on mitigating circumstances and sanctions. To streamline this process and accelerate processing times, the Commission offers alleged breaching parties the option to voluntarily elect a one-step APO breach investigation process. Under this process, the Commission will determine simultaneously whether a breach occurred and, if so, the appropriate sanction to impose, if any. Under either process, the alleged breaching party has the opportunity to submit affidavits reciting the facts concerning the alleged breach and mitigating factors pertaining to the appropriate response if a breach is found.

Sanctions for APO violations serve three basic interests: (a) preserving the confidence of submitters of BPI/CBI that the Commission is a reliable protector of BPI/CBI; (b) disciplining breachers; and (c) deterring future violations. As the Conference Report to the Omnibus Trade and Competitiveness Act of 1988 observed: “[T]he effective enforcement of limited disclosure under [APO] depends in part on the extent to which private parties have confidence that there are effective sanctions against violation.” H.R. Conf. Rep. 100–576, at 623 (1988).

The Commission has worked to develop consistent jurisprudence, not only in determining whether a breach has occurred, but also in selecting an appropriate response. In determining the appropriate response, the Commission generally considers mitigating factors such as the unintentional nature of the breach, the lack of prior breaches committed by the breaching party, the corrective measures taken by the breaching party, and the promptness with which the breaching party reported the violation to the Commission. The Commission also considers aggravating circumstances, especially whether persons not authorized under the APO had access to and viewed the BPI/CBI. The Commission considers whether there have been prior breaches by the same person or persons in other investigations and whether there have been multiple breaches by the same person or persons in the same investigation.

The Commission's rules permit an economist or consultant to obtain access to BPI/CBI under the APO in a title VII, safeguard, or LHT investigation if the economist or consultant is under the direction and control of an attorney under the APO, or if the economist or consultant appears regularly before the Commission and represents an interested party who is a party to the investigation. See19 CFR 207.7(a)(3)(i)(B) and (C); 19 CFR 206.17(a)(3)(i)(B) and (C); and 19 CFR 208.22(a)(3)(i)(B) and (C). Economists and consultants who obtain access to BPI/CBI under the APO under the direction and control of an attorney nonetheless remain individually responsible for complying with the APO. In appropriate circumstances, for example, an economist under the direction and control of an attorney may be held responsible for a breach of the APO by failing to redact APO information from a document that is subsequently filed with the Commission and served as a public document, or for retaining BPI/CBI without consent of the submitter after the termination of an investigation. This is so even though the Commission may also hold the attorney exercising direction or control over the economist or consultant responsible for the APO breach. In section 337 investigations, technical experts and their staff who are employed for the purposes of the investigation are required to sign onto the APO and agree to comply with its provisions.

The records of Commission investigations of alleged APO breaches in antidumping and countervailing duty cases, section 337 investigations, safeguard investigations, and LHT investigations are not publicly available and are exempt from disclosure under the Freedom of Information Act, 5 U.S.C. 552. See, e.g.,19 U.S.C. 1677f(g); 19 U.S.C. 1333(h); 19 CFR 210.34(c).

The two types of breaches most frequently investigated by the Commission involve: (1) the APO's prohibition on the dissemination or exposure of BPI or CBI to unauthorized persons; and (2) the APO's requirement that the materials received under the APO be returned or destroyed and that a certificate be filed with the Commission indicating what actions were taken after the termination of the investigation or any subsequent appeals of the Commission's determination. The dissemination of BPI/CBI usually occurs as the result of failure to delete BPI/CBI from public versions of documents filed with the Commission or transmission of proprietary versions of documents to unauthorized recipients. Other breaches have included the failure to bracket properly BPI/CBI in proprietary documents filed with the Commission, the failure to report immediately known or suspected violations of an APO, and the failure to adequately supervise non-lawyers in the handling of BPI/CBI.

Occasionally, the Commission conducts APO breach investigations that involve members of a law firm or consultants working with a firm who were granted access to APO materials by the firm although they were not APO signatories. In many of these cases, the firm and the person using the BPI/CBI mistakenly believed an APO application had been filed for that person. The Commission has determined in all of these cases that the person who was a non-signatory, and therefore did not agree to be bound by the APO, could not be found to have breached the APO. However, under Commission rule 201.15 (19 CFR 201.15), the Commission may take action against these persons for good cause shown. In all cases in which the Commission has taken such action, it decided that the non-signatory appeared regularly before the Commission, was aware of the requirements and limitations related to APO access, and should have verified their APO status before obtaining access to and using the BPI/CBI. The Commission notes that section 201.15 may also be available to issue sanctions to attorneys or agents in different factual circumstances in which they did not technically breach the APO, but their action or inaction did not demonstrate diligent care of the APO materials, even though they appeared regularly before the Commission and were aware of the importance that the Commission places on the proper care of APO materials.

The Commission has held routinely that the disclosure of BPI/CBI through Start Printed Page 85307 recoverable metadata or hidden text constitutes a breach of the APO even when the BPI/CBI is not immediately visible without further manipulation of the document. In such cases, breaching parties have transmitted documents that appear to be public documents in which the parties have removed or redacted all BPI/CBI. However, further inspection of the document reveals that confidential information is actually retrievable by manipulating codes in software or through the recovery of hidden text or metadata. In such instances, the Commission has found that the electronic transmission of a public document with BPI/CBI in a recoverable form was a breach of the APO.

The Commission has cautioned counsel to ensure that each authorized applicant files with the Commission within 60 days of the completion of an import injury investigation or at the conclusion of judicial or binational review of the Commission's determination, a certificate stating that, to the signatory's knowledge and belief, all copies of BPI/CBI have been returned or destroyed, and no copies of such materials have been made available to any person to whom disclosure was not specifically authorized. This requirement applies to each attorney, consultant, or expert in a firm who has access to BPI/CBI. One firm-wide certificate is insufficient.

Attorneys who are signatories to the APO in a section 337 investigation should inform the administrative law judge and the Secretary if there are any changes to the information that was provided in the application for access to the CBI. This is similar to the requirement to update an applicant's information in title VII investigations.

In addition, attorneys who are signatories to the APO in a section 337 investigation should send a notice to the Commission if they stop participating in the investigation or the subsequent appeal of the Commission's determination. The notice should inform the Commission about the disposition of CBI obtained under the APO that was in their possession, or the Commission could hold them responsible for any failure of their former firm to return or destroy the CBI in an appropriate manner.

III. Specific APO Breach Investigations

Case 1. The Commission determined that an attorney breached the APO issued in a section 337 investigation when the attorney prepared, filed in EDIS, and served a public version of a confidential document that contained unredacted CBI.

After filing the public version in EDIS and serving it on opposing counsel, the attorney received notification from opposing counsel that the document contained unredacted CBI. The attorney immediately contacted the Commission, and the Office of the Secretary removed the document from public view five hours after it had been posted. The attorney filed a corrected public version that redacted all CBI, but unauthorized individuals had accessed the public version with unredacted CBI while it was posted publicly. Although the attorney argued to the Commission that the information at issue was not CBI, the Commission found that the attorney had not provided evidence sufficient to demonstrate that the CBI was available publicly at the time of the breach.

In determining whether to issue a sanction for the breach, the Commission considered the following mitigating factors: (1) the breach was unintentional and inadvertent; (2) after being notified of the breach, the attorney took prompt action to remedy the breach and prevent further dissemination of CBI; (3) the attorney self-reported the breach to the Commission; (4) the attorney's law firm implemented new procedures to prevent similar breaches in the future; and (5) the attorney had not previously breached an APO in the two-year period preceding the date of this breach. The Commission also considered the following aggravating factors: (1) the attorney did not discover the breach; and (2) unauthorized individuals had access to and presumably viewed the CBI.

The Commission determined to issue a private letter of reprimand to the attorney.

Case 2. The Commission determined that an attorney breached the APO issued in a section 337 investigation when the attorney prepared and filed in EDIS a public version of a confidential document that contained unredacted CBI.

The public version that the attorney filed contained no redactions. Eleven days after the public version was posted publicly to EDIS, opposing counsel reported to the Commission that the document contained CBI. The Secretary immediately removed the document from public view, and the attorney filed a corrected public version that redacted all CBI. However, multiple unauthorized individuals had accessed the public version with unredacted CBI while it was posted publicly. Although the attorney argued to the Commission that the information at issue was not CBI, the Commission found that the attorney had not provided evidence sufficient to demonstrate that the CBI was available publicly at the time of the breach.

In determining whether to issue a sanction for the breach, the Commission considered the following mitigating factors: (1) the breach was unintentional and inadvertent; and (2) the attorney had not previously breached an APO in the two-year period preceding the date of this breach. The Commission also considered the following aggravating factors: (1) the attorney did not discover the breach; (2) the public version was posted publicly to EDIS for twelve days; and (3) unauthorized individuals had access to and presumably viewed the CBI.

The Commission determined to issue a private letter of reprimand to the attorney.

Case 3. The Commission determined that a law firm breached the APO issued in a section 337 investigation when it improperly retained documents containing CBI past the investigation's termination date. The Commission also determined that a second breach occurred when a non-APO-signatory attorney at the law firm accessed an improperly retained document containing CBI, used that document as a template in an unrelated section 337 investigation, and in doing so inadvertently disclosed CBI to counsel in the unrelated investigation.

The law firm discovered both the improper retention and the unauthorized use approximately a year and a half after the underlying section 337 investigation had terminated. The law firm immediately reported the events to the then-presiding administrative law judge in the underlying section 337 investigation, and it then confirmed both destruction of the document by the unauthorized recipient in the unrelated section 337 investigation and that it did not possess any other CBI from the terminated underlying section 337 investigation. Despite the law firm's confirmation that it had destroyed all of the improperly retained CBI, the law firm discovered about five years later that it still retained documents from the underlying section 337 investigation in a misnamed and archived electronic folder that was inaccessible absent special circumstances. The law firm quarantined the folder to prevent further access by law firm personnel, notified the Commission accordingly, and implemented new safeguards to prevent future inadvertent retention of CBI.

In determining whether to issue a sanction for the breach, the Commission considered the following mitigating factors: (1) both breaches were inadvertent and unintentional; (2) the Start Printed Page 85308 law firm discovered its own breaches; and (3) after discovering the breaches, the law firm took prompt corrective action to investigate the breaches and prevent further dissemination of CBI; (4) the law firm promptly self-reported the unauthorized retention, access, and use of CBI; (5) for the breach involving the improper retention of CBI, the CBI remained otherwise protected by being stored on an internal archive that was inaccessible absent special circumstances; and (6) the law firm implemented new safeguarding procedures to prevent against similar breaches in the future. The Commission also considered the following aggravating factors: (1) one breach resulted in unauthorized individuals accessing and viewing the CBI; (2) the law firm violated the APO in two different ways, by improperly retaining CBI and by exposing CBI to an unauthorized party; and (3) the law firm committed multiple breaches during the relevant two-year time period, including a breach in another APO breach investigation. The Commission also noted that the law firm had failed to properly dispose of the CBI for several years after discovering the first breach.

The Commission issued a private letter of reprimand to the law firm for the two breaches because none of the individuals responsible for the breaches remained at the law firm at the time the Commission issued the sanction. The Commission further required the remaining APO signatories at the law firm to submit affidavits confirming the destruction of all CBI from the underlying investigation and confirming that the law firm had not improperly retained CBI from any other section 337 investigation.

Case 4. The Commission determined that two attorneys from different law firms that were co-counsel for a party in a section 337 investigation each separately breached the APO by emailing drafts of a brief that contained CBI acquired under the APO to an unauthorized recipient, who then shared the CBI with additional unauthorized individuals.

The first breach occurred when an attorney from one of the two law firms emailed a draft brief containing unredacted CBI to a group that included an APO non-signatory. The second breach occurred shortly thereafter that same day when an attorney from the other law firm sent a reply email to the same group copied on the first email with another draft that also contained unredacted CBI. Both breaching emails included among the recipients the attorney who was not authorized to receive the CBI and five attorneys from both co-counsel law firms that were signatories to the APO. The non-APO signatory attorney then forwarded the drafts to additional attorneys that were not APO signatories. One of the law firms discovered the breaches 20 days after the breaching emails were sent to the unauthorized recipients. The breaching parties sought to confirm destruction of the documents at issue the morning after discovering the CBI disclosure, and they reported the breaches to the Commission two days later.

In determining whether to issue a sanction for the breach, the Commission considered the following mitigating factors: (1) the breach was inadvertent and unintentional; (2) one of the breaching parties discovered the breach; (3) after discovering the breach, the breaching parties took prompt action to remedy the breach and prevent further dissemination of CBI; (4) the breaching parties promptly self-reported the breach to the Commission; and (5) the attorneys involved had not previously breached an APO in the two-year period preceding the dates of these breaches. The Commission also considered the following aggravating factors: (1) unauthorized individuals had access to and viewed the BPI; and (2) the breaching parties violated the APO on two occasions.

The Commission issued private letters of reprimand to both attorneys who emailed the documents containing unredacted CBI. The Commission also issued warning letters to the five APO signatories who were copied on the breaching emails but failed to identify the breaches. As APO signatories and recipients of the email transmitting unredacted CBI, they had an opportunity to immediately discover that one of the recipients on the group email with the draft brief containing unredacted CBI was not an APO signatory and to prevent the second breach from occurring. The Commission found that warning letters for these five attorneys were appropriate because early detection of the first breach could have prevented the second breach, and it would have prevented the unauthorized recipient from further disseminating CBI to additional unauthorized individuals.

Case 5. The Commission determined that four attorneys at a law firm breached the APO issued in a section 337 investigation when the law firm publicly filed in EDIS and served on its clients a document that contained unredacted CBI.

Although all four attorneys worked on the document, only three of the four attorneys reviewed the final version for CBI. After those three attorneys reviewed the document and determined that it did not contain CBI, one of the attorneys publicly filed the document in EDIS and another served the document on the firm's clients, who were not authorized under the APO to view CBI. Six days later, opposing counsel notified one of the attorneys that the document contained unredacted CBI. After receiving this notice, the attorney immediately contacted the Commission to request that the document be removed from public view, contacted the Office of Unfair Import Investigations to notify them of the issue, and contacted the clients who had received the document to request that they destroy it. In their submissions to the Commission about this breach, the attorneys confirmed to the Commission that they had received responses (and confirmations of destruction) from all of the clients who had received the unredacted document.

In determining whether to issue a sanction for the breach, the Commission considered the following mitigating factors: (1) the breach was inadvertent and unintentional; (2) after being notified of the breach, the law firm took prompt action to remedy the breach and prevent further dissemination of CBI; (3) the firm promptly self-reported the breach to the Commission; and (4) the attorneys had not previously breached an APO in the two-year period preceding the date of this breach. The Commission also considered the following aggravating factors: (1) the responsible attorneys did not discover the breach; and (2) unauthorized individuals had access to and presumably viewed the CBI.

The Commission determined to issue private letters of reprimand to the three attorneys who reviewed the final version of the document. The Commission determined to issue a warning letter to the fourth attorney who worked on the document but did not review the final version before it was filed or served. The Commission found that the fourth attorney contributed to the breach but was not directly responsible for the exposure of CBI to unauthorized individuals.

Case 6. The Commission determined that a law firm breached the APO issued in a section 337 investigation when it filed on EDIS a public version of a brief that contained unredacted CBI, including language that a confidential Commission document treated as CBI.

Two supervisory attorneys and one associate attorney from the law firm were each responsible for drafting, reviewing, and redacting the public version of the brief. A fourth attorney, Start Printed Page 85309 who served as lead counsel in the underlying investigation, was involved in drafting and reviewing the brief and signed the brief when it was filed. The fourth attorney relied on both supervisory attorneys and the associate attorney for redacting the brief for CBI. The law firms representing the parties to the underlying section 337 investigation agreed to exchange briefs that they had each redacted for their own clients' CBI. Following that procedure, the breaching law firm reviewed the public version of its brief for only its own client's CBI, despite knowing that it had included CBI obtained under the APO that a confidential Commission document treated as CBI. The law firm sought confirmation from opposing counsel that the draft did not contain CBI from opposing counsel's client, and opposing counsel signed off on the draft under the mistaken belief that it did not contain its client's CBI. However, the brief, as filed on EDIS, did contain CBI from opposing counsel's client that the law firm had obtained under the APO. Although the law firm had relied on opposing counsel's representation that the draft brief did not contain their clients' CBI, the law firm ultimately was responsible for the breach by deciding to include the unredacted CBI in the brief and for exposing it to unauthorized persons by filing the public version of the brief on EDIS. Opposing counsel discovered the breach and notified the law firm and the Commission. The original public version of the brief was on EDIS for two days before the breaching law firm filed a corrected public version of the brief (which it did immediately upon being notified of the breach).

In determining whether to issue a sanction for the breach, the Commission considered the following mitigating factors: (1) the breach was inadvertent and unintentional; (2) the law firm took prompt corrective measures upon learning of the alleged breach by filing a corrected public version of the brief; and (3) the parties involved had not previously breached an APO in the two-year period preceding this breach. The Commission also considered the following aggravating factors: (1) the breach resulted in exposure of CBI to unauthorized individuals; and (2) the law firm did not discover its own breach.

The Commission issued private letters of reprimand to the two supervisory attorneys and the associate attorney for their role in the breach. The Commission also issued a warning letter to the lead counsel, who failed to provide proper protection of CBI, but who was not directly responsible for the disclosure of the CBI.

Case 7. The Commission determined that two partners and one senior counsel at a law firm breached the APO issued in a section 337 investigation in three different ways. First, the Commission determined that they breached the APO when they accessed and used CBI from the investigation in related federal district court litigation before finalizing a cross-use agreement covering such use. Second, the Commission determined that they breached the APO when, before finalizing the cross-use agreement, they provided CBI to an associate attorney who was not subscribed to the APO in the terminated section 337 investigation. Finally, the Commission determined that they breached the APO by publicly filing a CBI exhibit from the terminated section 337 investigation in the district court's electronic case-filing system.

Following the termination of the underlying section 337 investigation, the law firm began discussions with opposing counsel to formulate a cross-use agreement that would allow the parties to retain and use certain CBI from the section 337 investigation in related federal district court litigation. In its submissions to the Commission on this matter, the law firm indicated that it had restricted internal access to the CBI until the agreement was finalized with opposing counsel. However, four months before the agreement was finalized, the partners and senior counsel used CBI from the section 337 investigation in preparing a filing for the district court litigation and attached a confidential exhibit from the section 337 investigation to it. The partners and senior counsel also provided CBI from the section 337 investigation to an associate attorney who had not worked on the underlying section 337 investigation and was not authorized under the APO to access or view CBI from it. The associate had no previous experience with section 337 investigations or with Commission APO practice.

Because the cross-use agreement was not yet in place at the time that the law firm was preparing the filing at issue in this investigation, the law firm sought approval from opposing counsel to use the confidential exhibit and the CBI within it, but opposing counsel denied this request. Following this denial, the senior counsel, who was the primary drafter of the filing, reviewed the document to remove all references to CBI and instructed the associate to remove the confidential exhibit from it. One of the partners, who was lead counsel for the district court litigation, reviewed the final version of the revised filing and also instructed the associate to remove the exhibit and correct the labeling of the remaining exhibits. The associate instructed administrative staff to remove the confidential exhibit and to replace the confidential exhibit on the exhibit list with a public exhibit. When staff sent a revised exhibit list and revised set of exhibits, the associate checked the exhibit list to confirm that staff had made the required adjustments, but the associate did not check the public or confidential sets of exhibits to ensure that the confidential exhibit had been removed. The partner and senior counsel also did not check the exhibits. The associate then instructed staff to submit the filing and its exhibits to the district court's case-filing system, which they did. After receiving notification of the filing, one of the partners asked the associate to confirm that the firm had not filed any of the confidential exhibits publicly. The associate confirmed that the confidential exhibits were not accessible through the district court's electronic case-filing system but did not check the public exhibits.

The morning after the law firm filed the document and exhibits, opposing counsel notified the law firm that the filing included a confidential exhibit that was available publicly on the district court's electronic case-filing system. In this notification, opposing counsel reiterated to the law firm that it did not approve of the law firm's use of the confidential exhibit as part of the filing. The law firm immediately contacted the district court to request that the court remove the filing, which it did that same day. In its submissions to the Commission on this matter, the law firm indicated that it put in place stricter procedures for the retention and storage of CBI from terminated investigations that are subject to potential cross-use agreements to ensure that such agreements are finalized and in place before anyone accesses or uses the CBI.

In determining whether to issue a sanction for the breach, the Commission considered the following mitigating factors: (1) the public exposure of the CBI was inadvertent and unintentional; (2) after being notified of the exposure, the law firm took prompt action to remedy the breach and prevent further dissemination of CBI; (3) the firm self-reported the use and exposure of CBI to the Commission; (4) the law firm implemented new procedures to prevent against similar breaches in the future; and (5) the attorneys had not previously breached an APO in the two-year period Start Printed Page 85310 preceding the date of these breaches. The Commission also considered the following aggravating factors: (1) the law firm's use of the CBI and its provision to an associate were not inadvertent; (2) unauthorized individuals had access to and presumably viewed the CBI; (3) the law firm violated the APO in three different ways; (4) the law firm did not discover the public exposure of the CBI; and (5) the law firm failed to follow its own procedures by accessing and using CBI to which the firm had restricted access pending the completion of the cross-use agreement.

The Commission also considered the law firm's argument that its use of the exhibit and its provision of CBI to the associate attorney was consistent with 28 U.S.C. 1659(b), which provides for the transfer and admissibility of the Commission record in federal district court litigation under certain circumstances. However, the Commission determined that the exhibit at issue was not a part of the Commission record, as defined under 19 CFR 210.38(a), and thus, it was not within the scope of section 1659(b). In addition, the Commission noted that the application of section 1659(b) would not mitigate the public exposure of the CBI.

The Commission determined to issue private letters of reprimand to the partner who served as lead counsel and to the senior counsel. The Commission determined that they were both part of the decisions to use the CBI in the filing, to provide it to the associate attorney, and to delegate the removal of the exhibit to the associate, who did not have any previous experience with section 337 investigations and Commission APO practice. The Commission determined to issue a warning letter to the second partner, who worked on the filing and was aware of the associate's access to the CBI, but was not involved with the finalization of the document or the failed process to remove the confidential exhibit.

The Commission found that good cause existed to issue a warning letter to the associate under 19 CFR 201.15(a). The associate was not a signatory to the APO in the underlying section 337 investigation and did not have previous Commission APO experience, and thus the Commission determined that the issuance of a sanction would be inappropriate. However, the associate had several years of experience as an attorney, was aware that the exhibit was confidential, and had received specific instructions to remove the confidential exhibit from the filing. The associate was also directly responsible for the public exposure of CBI.

Case 8. The Commission determined that an attorney at a law firm breached the APO issued in a section 337 investigation when the law firm publicly filed in EDIS and served to its clients a confidential document that the attorney had prepared.

Although the document contained unredacted CBI, the attorney did not place confidential headers on the document when he was preparing it to be filed. As a result, after the attorney finalized the document, a paralegal filed the document publicly on EDIS, and the law firm's client, who was not on the APO, was provided with a copy of the document. After the document was posted to EDIS, opposing counsel notified the attorney that the document contained CBI, and the paralegal, at the attorney's direction, contacted the Office of the Secretary to request that the document be removed from public view. In addition, the attorney contacted the client who had received the document and requested that the client destroy it. The attorney refiled the document as confidential, but multiple unauthorized individuals had accessed the document while it was available publicly on EDIS.

In determining whether to issue a sanction for the breach, the Commission considered the following mitigating factors: (1) the breach was unintentional and inadvertent; (2) the attorney self-reported the breach to the Commission; (3) after being notified of the breach, the attorney took prompt action to remedy the breach and prevent further dissemination of CBI; and (4) the attorney had not previously breached an APO in the two-year period preceding the date of this breach. The Commission also considered the following aggravating factors: (1) the attorney did not discover the breach; and (2) unauthorized individuals had access to and presumably viewed the CBI.

The Commission determined to issue a private letter of reprimand to the attorney. The Commission determined not to hold the paralegal who filed the document or any other individuals at the law firm responsible for the breach. The attorney was the only person involved in the preparation of the document for filing, and the breach occurred because the attorney failed to apply CBI headers.

Case 9. The Commission determined that an attorney breached the APO in a section 337 investigation by transmitting to unauthorized individuals a link to a document that contained unredacted CBI obtained under the APO.

The attorney discovered the breach eight days after sending the link when he received a question from one of the unauthorized recipients who had gained unauthorized access. Upon learning of the breach, the attorney immediately deactivated the link and confirmed that unauthorized recipients had destroyed the document and would refrain from using any CBI that they may have viewed. The attorney also immediately reported the breach to the opposing counsel and, two days later, reported the breach to the Commission.

In determining whether to issue a sanction for the breach, the Commission considered mitigating factors, including that: (1) the breach was inadvertent and unintentional; (2) the law firm discovered its own breach; (3) the law firm promptly self-reported the breach; (4) after discovering the breach, the law firm took prompt action to remedy the breach and prevent further dissemination of CBI; (5) the law firm implemented new procedures to prevent against similar breaches in the future; and (6) the attorney had not previously breached an APO in the two-year period preceding the date of this breach. The Commission also considered the aggravating factor that unauthorized persons had access to and presumably viewed CBI.

The Commission issued a private letter of reprimand to the attorney.

Footnotes