The HP Saga: HP Advised by RAND to Use Pretexting

3 Oct ’06

The NYT lands what seems to me to be a bombshell into the middle of the HP story: HP was advised by Brian Jenkins of the RAND Corporation, a former deputy chairman of Kroll (and appointed by President Clinton to be a member of the White House Commission on Aviation Safety and Security), to use pretexting in the leak investigation. At the time, Jenkins was a consultant to HP on other security and crisis management matters.

Hewlett-Packard sought the advice of a well-known intelligence specialist, Brian Jenkins of the RAND Corporation, on how to find the source of a boardroom leak, according to a report compiled by H.P.’s law firm and provided to a House subcommittee.

According to the report by the law firm, which was requested by H.P. in August to investigate the methods used to spy on directors, “Jenkins specifically recommended that they conduct pretexting to get information if they had not already done so.”

The report said that the company’s general counsel, Ann O. Baskins, called Mr. Jenkins on Jan. 30. Kevin Hunsaker, a senior counsel working for Ms. Baskins, also told the lawyers at Wilson Sonsini that he spoke with Mr. Jenkins. The lawyer’s report said that Ms. Baskins told Patricia C. Dunn, the company’s chairwoman at the time, that “Jenkins agreed with their techniques.”

Some assertions made by Ms. Baskins that are found in the report have been contradicted by other documents. A telephone call late Monday to Ms. Baskins’ lawyers was not returned.

If true, the account would go some way to establishing at least a good faith belief that pretexting was not illegal. Alas, what the good lord giveth … the NYT also reports that the opinion on pretexting’s legality that HP asked its security firm to obtain from its counsel was in fact prepared by a law clerk:

The Wilson Sonsini report found that H.P. lawyers relied on a legal opinion prepared by a law clerk, not a lawyer, at a firm associated with Ronald DeLia, the private detective the company had hired to find the source of the leaks.

It’s not clear from the NYT report that HP lawyers knew it was prepared by a clerk, but if the account is true and they did, it would – ahem – go some additional distance to establishing a lack of diligence on the part of HP staff.

Update: Jenkins denies it:

Hewlett-Packard’s outside counsel, asked to review the operation, said in a report in August that company lawyers reported that Mr. Jenkins had recommended the use of pretexting. The document was later provided to a House subcommittee and was cited Tuesday in The New York Times.

But on Tuesday, Mr. Jenkins, who had not responded to earlier requests for comment, said that he had not offered any such recommendation.

“Pretexting is a dumb idea,” he said. “I counseled caution.”

He said he could not say much more because he was still bound by a confidentiality agreement.

My guess is the NDA prevented him from saying anything, including his mea non culpa. Leaked emails confirming it one way or the other will surely come next.

Previous post:

Next post: