7.5 Disposition and/or Retention of Protected Information/Data upon Completion, Expiration, or Agreement Termination.
Upon completion, expiration, or termination of this Agreement, CONTRACTOR will return or destroy all protected information received from STATE or created or received by CONTRACTOR for purposes associated with this Agreement. CONTRACTOR will retain no copies of such protected information, provided that if both parties agree that such return or destruction is not feasible, or if CONTRACTOR is required by the applicable regulation, rule or statutory retention schedule to retain beyond the life of this Agreement, CONTRACTOR will extend the protection of the Information Privacy and Security Clause of this Agreement to the protected information not returned or destroyed, and refrain from further use or disclosure of such information for as long as CONTRACTOR retains the protected information.

1. The Recipient :
1.1. shall be allowed to retain one copy of the Confidential Information to the extent required to comply with applicable law or regulation; and

1.2. shall not be required to destroy copies of any computer records or files containing the Confidential Information which have been created pursuant to automatic archiving or back-up procedures on secured central storage servers and which cannot reasonably be deleted;

2. In the event that any such Confidential Information is retained pursuant to Clauses 1.1 and 1.2, the terms and conditions of this Agreement shall remain in full force and effect with respect to such Confidential Information so retained for so long as such Confidential Information is retained.

I guess we’ll have to agree to disagree on that. My computer expertise is limited, but so far as I know, it is indeed possible to destroy data. There’s software out there that purports to do just that, by repeatedly overwriting the storage location(s).

In any case, I’d be extremely surprised if a receiving party could get summary judgment on that point — the disclosing party would almost surely be able to get to the jury, which means the receiving party would have to incur the expense and inconvenience of discovery, and would be rolling the dice on the outcome.

————–

Michael writes: “Besides, what’s the difference? If I’m suing for plain breach of contract (failure to fulfill the duty to destroy) aren’t I seeking the same damages as I might in a fraud case? I fail to see the need to raise fraud here.”

Several things:

1. Fraud has such a nice ring to it; as a disclosing party’s trial counsel, I’m certainly going to try to plead it so I can throw the term around in front of the jury to try to prejudice the jurors against the receiving party. (How much I actually do use the term will depend on the circumstances, of course.)

2. Fraud opens up the possibility of punitive damages, not just conventional contract damages.

3. Fraud potentially expands the universe of discoverable evidence that the disclosing party’s counsel can demand to crawl through.

———————-

Michael writes: “If I have to go through a long analysis to see if receiving party’s duty wasn’t in fact breached because the stolen data was part of a backup tape that we all agreed might not be destroyed, I’ve potentially wiped out my ability to sue receiving party for the damages he caused.”

Now that is indeed a legitimate risk-allocation issue. It could be addressed by providing that, if a third party improperly gets ahold of the information from the receiving party, then the receiving party will indemnify the disclosing party against any resulting third-party claims.

And, I still say that disclosers who feel better off for having described in excrutiating detail all of the reasons that the receiving party is off the hook for having failed to destroy the data are in fact in much worse shape. Disclosers who allow receiving parties those excuses are probably also violating the disclosing party’s upward obligations to others who care about that same data (such as Visa or MasterCard), so again it makes no sense for the discloser to allow anything other than ‘destroy it all, period.’ If the receiver can’t do that, then the receiver holds the bag if it loses it, regardless of good intentions to try to actually destroy it.

If I’m the discloser, I want something handy when the lawsuits start flying arising out of the receiving party’s undestroyed data that gives me an unequivocal right to assign the blame, the risks and the damages to the receiving party, no ifs ands or buts. If I have to go through a long analysis to see if receiving party’s duty wasn’t in fact breached because the stolen data was part of a backup tape that we all agreed might not be destroyed, I’ve potentially wiped out my ability to sue receiving party for the damages he caused.

(In my mind, this is just as bad as accepting knowledge-clauses on IP warranties. I don’t care if you knew about it or not — What I care about is that I just got sued because of your bad stuff.)

(And, of course, if I’m representing receiving parties, I’m just as motivated to cloud the duty to destroy as much as I possibly can, since that will give me an argument to make when disclosing party sues me someday. Nobody says that both sides in this adversarial relationship have the same motivations!)

I think destruction clauses are designed to be practical rather than to assign risk – it is far better to have the disclosee destroy the documents than receive compensation for a disclosure. I don’t imply that the obligations have to be easy to comply with – they may be a total pain – but they do need to reflect what will actually be done, as agreed by the parties. That is the problem with agreeing to make computer data “irretrievable” – you can’t unless you destroy the hardware afterwards, which is entirely disproportionate in almost every single case.

I don’t think a party could make that fraud claim with a straight face, since that would require the claimant to make a showing that it reasonably relied on the literal promise, and it would be quite difficult to show that (for the very reason that Sarita pointed out above — everybody knows it literally can’t be done, and it’s a well documented problem, so nobody could ever reasonably rely on that literal assertion).

If I were trial counsel for a disclosing party, I would make just that argument, in a heartbeat. And good luck convincing a jury of lay people that “everybody knows it literally can’t be done”; my question to the jury (as trial counsel) would be, well if that’s the case, why did they agree to it in the first place?