Motion to Suppress Evidence Denied for Theranos Defendant Where Encrypted Database Was Produced: eDiscovery Case Law

In U.S. v. Holmes, No. 5:18-cr-00258-EJD-1 (N.D. Cal. Aug. 4, 2021), California District Judge Edward J. Davila denied the defendant’s motion to suppress evidence of customer complaints and testing results, as well as findings in a January 2016 report from the Centers for Medicare & Medicaid Studies (“the CMS Report”), rejecting the argument that the Government was not responsible to confirm that a database of patient test results (received from third party Theranos in an encrypted state and without the encryption key) within the four days after receipt before Theranos decommissioned the server on which the original database was stored, making the encryption key (and a usable database) irretrievable.

Case Background

In this case against defendants Elizabeth Holmes and Ramesh “Sunny” Balwani for wire fraud and conspiracy to commit wire fraud regarding alleged deceptive representations about their company (Theranos) and its technology, the Department of Justice (DOJ) served grand jury subpoenas on Theranos in April and June of 2018 for information specifically from the LIS database and requested a copy of the database itself, along with the necessary software to access and search it.  On June 5, 2018—one day after the grand jury subpoena seeking a copy of the Laboratory Information System (LIS) database issued—outside counsel for Theranos emailed David Taylor (Theranos’s General Counsel who replaced Holmes as CEO following her indictment) “to touch base on LIS” and suggested that “we should just give DOJ the database and let them figure it out….[T]hey won’t know what to do with it and…the people who do are in India. Our experts are the only ones who understand it, and we don’t want to make them percipient witnesses. Is there anyone left at the Company who could assist us in actually getting the database to the government?”

Internal emails between Theranos employees revealed that the LIS database copy would be encrypted and require not only a password but also a private key to access the information in the database.  On July 25, 2018, the Government requested the LIS database and any software necessary to access or query it be produced by August 10, 2018.  In-house counsel informed outside counsel that “[t]here might be one password” to the LIS database copy that only one person at Theranos knew, and that “IT is still working on that.”  Theranos employees/agents were ultimately unable to obtain the private key.

On August 27, 2018, outside counsel produced a copy of the LIS database to the Government.  Their email to the Government attaching the transmittal letter included the password but failed to mention that a private key would also be necessary to access the LIS database.  In subsequent communications with the Government, Theranos’ outside counsel confirmed that it was unaware of any additional information or software that would facilitate government access to the LIS database information.

Immediately after production of the LIS database copy, Theranos began moving to decommission the original LIS database at its Newark facility.  Theranos began to dismantle the physical server hardware housing the LIS database on August 29, 2018, with the “all clear to shutdown” arriving on August 30, 2018.  On August 31, 2018, Theranos vacated the Newark facility (4 days after the LIS database was produced).  In September and October 2018, the Government tried repeatedly and unsuccessfully to access the information from the copy of the LIS database and they were ultimately informed that the database was encrypted, that the means to decrypt it were not available and an alternative version of the database could not be located.

With the database unavailable, defendant Holmes filed a motion to suppress evidence of customer complaints, testing results, and the CMS Report, contending that allowing the Government to use that evidence as “evidence of fraud” after it failed to gather and preserve the LIS database would violate her rights to present a complete defense and to receive due process, because the entirety of the LIS database was necessary to refute that evidence.


Judge’s Ruling

Noting that “[t]he parties agree that, for all intents and purposes, the LIS database copy produced to the Government cannot be accessed without the private key, and the information on the LIS database is lost—perhaps irretrievably”, Judge Davila stated: “The LIS database information alone would not provide a conclusive determination of whether the Theranos blood tests were accurate, and it could just as likely contain incriminating evidence to the contrary. Any exculpatory value is therefore speculative in nature.”

Judge Davila also stated: “Second, the Ninth Circuit cases both parties cite appear to suggest that the Government must be the party ultimately responsible (whether through affirmative action or inaction) for the destruction or loss of the potentially exculpatory evidence… The Government sought the LIS database from third parties Theranos and WilmerHale. Through WilmerHale, Theranos produced an encrypted copy of the LIS database in response to government subpoenas, but it did not inform the Government that the additional key was necessary to access the database, nor did it provide the key. It is undisputed that the copy of the LIS database Theranos provided was not accessible; and the only entity in possession of the sole working version of the LIS database was Theranos—up until it dismantled the database hardware, destroying the key and rendering the original database unusable as well. The Government thus never had true possession of the LIS database in the first instance, and there is no dispute that the Government played no role in the decommissioning and dismantling of the original LIS database.”

In denying the motion to suppress, Judge Davila also rejected defendant Holmes’ argument that the Government should have looked at the LIS database copy immediately upon receipt and that the Government could have reconstructed the LIS database.

So, what do you think?  Should outside counsel have done more to confirm that the database being produced was usable and not encrypted?  Please share any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant, an Affinity partner of eDiscovery Today.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.


Leave a Reply