Photo of Stephen M. Byers

Stephen M. Byers is a partner in the firm's White Collar & Regulatory Enforcement Group and serves on the group's steering committee. He is also a member of the firm's Government Contracts Group and E-Discovery & Information Management Group. Mr. Byers's practice involves counseling and representation of corporate and individual clients in all phases of white collar criminal and related civil matters, including: internal corporate investigations; federal grand jury, inspector general, civil enforcement and congressional investigations; and trials and appeals.

Mr. Byers's practice focuses on matters involving procurement fraud, health care fraud and abuse, trade secrets theft, foreign bribery, computer crimes and cybersecurity, and antitrust conspiracies. He has extensive experience with the federal False Claims Act and qui tam litigation, the Foreign Corrupt Practices Act, the Economic Espionage Act, and the Computer Fraud and Abuse Act. In addition to defense of government investigations and prosecutions, Mr. Byers has represented corporate victims of trade secrets theft, cybercrime, and other offenses. For example, he represented a Fortune 100 U.S. company in parallel civil and criminal proceedings that resulted in a $275 million criminal restitution order against a foreign competitor upon its conviction for trade secrets theft.

Finding that a lower court had underestimated the harm resulting from the government’s seizure and ongoing possession of privileged material, the Fifth Circuit ruled recently that a “taint team” process was insufficient to protect the rights of the party holding the privilege.  The appellate court’s ruling is part of a trend in which courts have expressed skepticism that the use of “taint teams” by the government is an adequate safeguard against undermining the sacrosanct attorney-client privilege.

As part of a criminal investigation spawned by civil False Claims Act qui tam actions, the government executed search warrants at the offices of Harbor Healthcare System and seized “a wealth of information protected by the attorney-client privilege” including communications between the company’s Director of Compliance and its outside counsel.  Harbor subsequently filed a motion for return of property as provided for in Federal Rule of Criminal Procedure 41(g).  The District Court ultimately granted a government motion to dismiss that proceeding, finding that a “filter team” and screening process were adequate to protect Harbor’s privileged information.Continue Reading Fifth Circuit Bolsters Company’s Claim for Return of Privileged Documents Seized by Government

In Ingham Regional Medical Center v. U.S. (Jan. 6, 2020), the Court of Federal Claims compelled production of certain government investigatory documents that the Court found were not privileged work product prepared “in anticipation of litigation.” The Medical Center sued to recover payments for outpatient healthcare services performed in connection with DoD’s TRICARE program

The U.S. Department of Justice released revisions to the Foreign Corrupt Practices Act corporate enforcement policy on March 8, 2019. While intended to clarify the DOJ’s position on a number of hot-button issues, including its controversial stance on certain instant-messaging software, a closer look reveals that these changes fall short of answering several key questions

Attorney General Jeff Sessions and EU Justice Commissioner Věra Jourová have met twice over the last two weeks, signaling momentum towards a new EU-U.S. solution for the sharing of electronic evidence. These meetings occurred in the wake of proposed regulations on the sharing of electronic evidence in the EU, and the passage of the Clarifying

The Second Circuit today issued a much-anticipated ruling holding that U.S. firms are not required to turn over user data stored overseas, even in the face of a government warrant.  This decision arose from Microsoft’s December 2014 appeal of a civil contempt ruling against the tech giant for refusing to turn over the personal data

In an obscure case that could have broad implications, a judge in the Eastern District of Virginia sentenced the Danish CEO of two overseas technology companies to time served and a fine of $500,000 for the advertisement and sale of a mobile application capable of surreptitiously monitoring communications and other information on a mobile device. A Department of Justice press release touted the result as “the first-ever criminal conviction concerning the advertisement and sale of a mobile device spyware app.” Nevertheless, the sentence of ten days of time served represents a significant downward departure from the recommended 4-10 month prison term contemplated by the defendant’s plea agreement.

According to a statement of facts filed with the plea agreement, the defendant, Hassam Akbar, advertised and sold “StealthGenie,” a now-defunct mobile app that could be used for real-time monitoring of a mobile device owner’s calls, texts, emails, photographs, calendar appointments, contacts, and other information. The app apparently could also remotely activate the phone’s microphone and record nearby sound. Once installed and activated, the app was undetectable to the average user because it ran in the background whenever the smartphone was powered on with no indication that the app was running. According to the DOJ, “[a]pps like StealthGenie are expressly designed for use by stalkers and domestic abusers who want to know every detail of a victim’s personal life – all without the victim’s knowledge”; indeed, according to the DOJ “SteathGenie ha[d] little use beyond invading a victim’s privacy.” For this reason, as Wired reported, the Akbar indictment was hailed as a step in the right direction by at least one group working to fight domestic violence, which was hopeful the conviction signaled an intent to crack down not only on the users but also on the developers and distributors of tools used to perpetrate domestic violence and stalking.
Continue Reading Recent Conviction Illustrates How Obscure Federal Statute Can Be Used to Criminally Prosecute Those Who Design and Sell Devices and Apps Capable of Surreptitious Monitoring

As part of Crowell’s “Data Law Trends & Developments:  E-Discovery, Privacy, Cyber-Security & Information Governance,” Steve Byers and I examined the hottest topics in E-Discovery in Government Investigations and Criminal Litigation.  Our report begins on page 15, and explores recent trends in this rapidly expanding field and forecasts potential developments with Federal Rule

In a remarkable decision addressing the reach of search warrants aimed at personal data stored by a third party in the cloud, a court ruled last week that an internet service provider (“ISP”) can be compelled to produce personal information located outside of the U.S. The decision by Magistrate Judge James Francis (S.D.N.Y.) denied Microsoft Corporation’s motion to quash a warrant requiring production of customer email content and related data stored on a server located in Dublin, Ireland. If adopted by other courts, the ruling could have far-reaching implications not only in the context of overseas cloud storage, but the privacy of personal data stored on third- party servers generally.

The specific issue addressed by the court concerns application of the infamously antiquated Stored Communications Act (“SCA”) of 1986, which allows the U.S. government to obtain information by subpoena, court order, or warrant from third parties such as ISPs. On December 4, 2013, the court approved the government’s request for a SCA search warrant to Microsoft seeking virtually all content and data associated with a particular email account. Microsoft produced all relevant information stored on its domestic servers, but moved to quash the warrant to the extent it sought information stored at its datacenter located in Dublin, arguing that U.S. courts are not authorized to issue extraterritorial search warrants. Notably, it is not clear from the decision whether the owner of the subject email account is a U.S. resident.
Continue Reading Court Holds That U.S. Government Can Seize Email Data Stored Overseas and Questions Applicability of Fourth Amendment to “Information Communicated Through the Internet”

Last week, in United States v. Agrawal, the Second Circuit upheld a jury’s 2010 conviction of a former Société Générale trader under the Economic Espionage Act (EEA) and the National Stolen Property Act (NSPA). The three-judge panel unanimously affirmed the NSPA conviction, but split on whether the EEA conviction could stand in light of the Second Circuit opinion in United States v. Aleynikov, 676 F.3d 71 (2d Cir. 2012), in which the court vacated an ex-Goldman Sachs trader’s convictions under the same statutes for very similar conduct.

During his employment with Société, Samarth Agrawal copied and printed thousands of pages of computer code that his current employer used for a high-frequency trading program. He intended to provide the code to his future employer, another investment firm, and was arrested on the day he was scheduled to begin his new job. Agrawal was indicted by a grand jury and convicted following a jury trial for violating the EEA and NSPA.
Continue Reading Second Circuit Affirms Conviction for Theft of Computer Code Under Federal Criminal Trade Secrets Statutes

In a prior post, I wrote about a criminal trade secrets theft case in which spoliation in related civil litigation was charged as obstruction of justice. I noted that “[t]he prospect of criminal charges for spoliation in civil litigation raises the stakes for civil litigants, particularly where a parallel criminal investigation is a possibility . . . .” Last week, this scenario arose again, as it was announced that Halliburton will plead guilty to a criminal offense based on ESI spoliation that appears to have first arisen in the massive civil litigation over the Deepwater Horizon disaster.

According to the Information and Plea Agreement, following the Deepwater Horizon oil spill, Halliburton employees used a proprietary 3D modeling program to examine aspects of the drilling equipment on two occasions. On both occasions, the employees were told to delete the resulting data and reluctantly did so. Halliburton was a contractor to BP, and these events seem to have been uncovered by BP in the ensuing civil litigation when it became apparent from Halliburton emails that the 3D modeling data once existed but had not been produced. Resolution of this spoliation issue in the civil litigation is still pending. In the meantime, however, the spoliation became the basis for a criminal charge against Halliburton in the parallel criminal investigation by the Department of Justice.
Continue Reading Spoliation of ESI Charged as Criminal Offense Under Computer Fraud and Abuse Act