On October 4, 2023, Justice Cohen of the New York County Commercial Division issued a decision in Pursuit Credit Special Opportunity Fund, L.P. v. Krunchcash, LLC, 2023 NY Slip Op 33448(U), sanctioning a litigant for accessing an inadvertently produced Dropbox link, explaining:
This motion presents novel questions about litigation counsel’s obligations when she or he comes into possession, through non-party discovery, of a DropBox link that provides live access to an opposing party’s cloud-based corporate file directory.
In this case, Defendants subpoenaed documents from Plaintiff’s financial consultant. The resulting production contained several emails that included links to a DropBox site, which Plaintiff used effectively in lieu of an in-house server to store its electronic files. For approximately one week, Defendants’ counsel (and its client) accessed those links to download, review, and analyze Plaintiffs unproduced electronic documents before notifying Plaintiffs counsel that it had done so.
After completing its review, Defendants’ counsel informed Plaintiffs counsel (by letter) that: (i) the DropBox links were live; (ii) all privileges with respect to the DropBox-linked documents purportedly had been waived by making the DropBox link available to Plaintiffs consultant; (iii) Defendants intended to use the files in an upcoming deposition; (iv) Defendants would make purportedly inculpatory (to Plaintiff) information gleaned from the files publicly available in court papers; and (v) demanded that Plaintiff dismiss this lawsuit with prejudice.
. . .
The parties have not cited (and the Court has not found) any precedent or guidance that directly addresses this vexing and concerning fact pattern. Nevertheless, the Court has little difficulty concluding that Defendants’ counsel should have ceased reviewing the DropBox files as soon as they realized that they had obtained unauthorized access to Plaintiffs corporate file directory (as a practical matter, Pursuit’s computer system) and should have ensured that their client did the same. At that point, it was no longer litigation discovery or “disclosure” within the meaning of the CPLR, inadvertent or otherwise, but something more akin to corporate espionage (albeit without the illicit break-in). Instead, counsel went on the offensive and threatened to use the information gleaned during its clandestine review for litigation advantage. Whether such review and use would have been permissible in the more common circumstance of receiving inadvertent production of individual privileged documents during the ordinary course of discovery is not before the Court. What makes this situation different, in the Court’s view, is that Plaintiff’s corporate file directory was not produced at all (although some of the documents contained within that directory ultimately were to be produced). Instead, the directory was surreptitiously and repeatedly accessed by counsel and their client under circumstances that should have raised professional alarm bells – loud ones.
(Internal quotations omitted).
You should read the entire opinion (linked in the first paragraph).