Steven E. BERKHEIMER, Plaintiff(s), v. HEWLETT-PACKARD COMPANY, Defendant(s) Case No. 12 cv 9023 United States District Court, N.D. Illinois Signed April 07, 2014 Counsel James P. Hanrath, Steven P. Blonder, Michael J. Femal, Jonathan L. Loew, Much Shelist Denenberg Ament & Rubenstein, PC, Chicago, IL, Paul J. Skiermont, Skiermont Derby LLP, Dallas, TX, for Plaintiff(s). David. J. Levy, Pro Hac Vice, Thomas R. Davis, Pro Hac Vice, Morgan, Lewis & Bockius LLP, Houston, TX, Jason C. White, Nicholas A. Restauri, Scott D. Sherwin, Morgan Lewis & Bockius LLP, Chicago, IL, for Defendant(s). Gilbert, Jeffrey T., United States Magistrate Judge ORDER *1 Defendant's Motion to Modify the Default Protective Order [48] is granted. The Court is inclined to enter Defendant's proposed protective order in large part but, as discussed in the Statement below, it has questions about the protocol for printing, copying and using copies that are made of the source code. Accordingly, Defendant's Motion to Modify the Default Protective Order is set for hearing on that issue on 4/15/14 at 10:45 a.m. See Statement below for further details. STATEMENT This case involves claims of patent infringement made against Defendant's Exstream software product. In discovery, Plaintiff requested access to the source code for Defendant's Exstream software. Defendant has agreed to make its source code available. The parties, however, disagree about what restrictions and protections, if any, should be imposed in conjunction with the process by which Plaintiff will be given access to Defendant's source code. Plaintiff argues that the default Local Patent Rule 1.4 Protective Order that already governs this case is sufficient to protect the confidentiality of Defendant's source code. Defendant strongly disagrees and argues that good cause exists to modify the default Local Patent Rule 1.4 Protective Order to impose greater and more controlled protection of its highly confidential source code. In this District, the Local Patent Rules provide a default protective order that is automatically entered in patent infringement cases. See Local Patent Rule 1.4. However, there is nothing in the default protective order that specifically address source code. The default protective order includes a provision that any party can move to modify the order for good cause. Id. Rule 26(c) of the Federal Rules of Civil Procedure also explicitly authorizes, upon a showing of “good cause,” that a court may “protect a party or person from annoyance, embarrassment, oppression, or undue burden or expense” in discovery by “requiring that trade secret or other confidential ... or commercial information not be revealed, or be revealed only in a specified way.” FED. R. CIV. P. 26(c)(1)(G); see also In re Violation of Rule 28(D), 635 F.3d 1352, 1357 (Fed. Cir. 2011). The production and review of source code involves certain security risks because of its highly confidential and proprietary nature. See Metavante Corp. v. Emigrant Sav. Bank, 2008 WL 1969596 at *3 (E.D. Wis. May 5, 2008). Several courts have addressed the issue of how source code should be produced and have ordered that it be produced in the same or similar manner as proposed by Defendant in this case. See, e.g., CIVIX-DDI v. Hotels.com et al., No. 05 C 6869 [Dkt.#602] (N.D. Ill. April 1, 2010) (J. St. Eve) (denying plaintiffs motion to compel source code production at defendant's counsel's office in Chicago and ordering plaintiff to review source code on a secure computer at defendant's offices in California) (citing Minnesota c. CMI of Ky., Inc., 2009 WL 2163616, at *7 (D. Minn. July 16, 2009) and Polycom Inc. v. Codian, Ltd., 2008 WL 194588, at *3-4 (E.D. Tex. Jan. 22, 2007) (holding that plaintiffs inconvenience and travel expense do not establish good cause for reviewing source code at plaintiffs preferred location)). In addition, several other courts have adopted provisions similar to those proposed by Defendant as the default standard for the production of source code.[1] *2 As a threshold matter, the Court is satisfied that Defendant has established good cause for heightened protection of its highly valuable, proprietary source code during discovery. See Defendant's Memorandum In Support of Motion to Modify the Default Protective Order. [Dkt.#49-25], Decl. of Anthony Wiley, Ex. 23. The source code is the lifeblood of the Exstream software product. “[I]t can be considered a repository of the collective knowledge of all the computer programmers who have worked on the Exstream software.” Id. at ¶3. Defendant “has never licensed the source code to a third party or publicly disclosed any portion of the source code.” Id. at ¶4. It “is stored in a secured development environment that can only be accessed by a limited number of appropriately credentialed HP Exstream personnel (e.g., programmers) who have a business need to access the source code.” Id. Defendant consistently has maintained that its source code should be accorded a high level of protection in other lawsuits in which its source code was at issue. See Defendant's Memorandum In Support of Motion to Modify the Default Protective Order [Dkt.#49], at 6 n. 4. Accordingly, the Court agrees with Defendant that it should be afforded additional protections not provided in the Local Patent Rule 1.4 Protective Order in making available to Plaintiff its source code during discovery in this case. On balance, Defendant's modified protective order is reasonably calibrated toward those ends and is consistent with safeguards put into place by other courts in this District and around the country for such highly confidential material. The Court has reviewed Defendant's proposed modified protective order and Plaintiff's proposed modifications to Paragraph 5 of the default Local Patent Rule 1.4 Protective Order. The Court will address Plaintiffs major objections to Defendant's modified protective order but, in its discretion, will not go through the proposed modified protective order line by line and specifically address each of Plaintiffs objections in this Order. The primary disagreement between the parties is the manner in which the source code will be made available to Plaintiff. Plaintiff has requested that Defendant provide directly to Plaintiffs counsel two electronic copies of its source code on a compact disc. Defendant objects to producing electronic copies of its source code and instead proposes that the source code be provided on a stand-alone computer that Plaintiff, or his experts, can use to inspect the source code. Plaintiff argues he needs electronic copies of Defendant's code to ensure that he has unfettered access to the source code. Although Plaintiff's access to Defendant's source code is relevant to the prosecution of his patent infringement claims, there is no requirement in the Federal Rules of Civil Procedure that a party or its expert be allowed unfettered and absolute access to highly confidential material without any restrictions. Indeed, portions of Federal Rule of Civil Procedure 26(c)(1)(C) were enacted to curtail unlimited production and afford companies some level of protection for their trade secrets. See FED. R. CIV. P. 26 Advisory Committee's Note 1970 Amendment (“The new reference to trade secrets and other confidential commercial information reflects existing law. The courts have not given trade secrets automatic and complete immunity against disclosure, but have in each case weighed their claim to privacy against the need for disclosure.”). It is not disputed that Defendant's Exstream software is a trade secret that is entitled to certain protections because of its confidential and propriety nature, and the Court has found that Defendant has established good cause that production of its source code should be afforded additional protections not provided in the default protective order that otherwise governs this case. Generac Power Systems, Inc. v. Kohler Co., 2012 WL 2049945, at * (N.D. Ill. June 6, 2012) (recognizing that “[s]ource code for programs is often one of the most valuable assets a company possesses”); Computer Assoc. Intern. v. Quest Software, Inc., 333 F. Supp. 2d 688, 696 (N.D. Ill. 2004) (in granting a motion for preliminary injunction the court recognizes that source code is a valuable trade secret). The Court agrees, in its discretion, with Defendant that its source code should be produced for inspection only on a stand-alone computer located at Defendant's counsel's office in Chicago to which Plaintiff and his experts will be given reasonable access for inspection of the source code (or at some other mutually agreed upon location). See Semien v. Life Ins. Co. of N. Am., 436 F.3d 805, 813 (7th Cir. 2006) (“It is well-established that district courts enjoy broad discretion in controlling discovery.”). *3 Plaintiff's proposal that Defendant provide electronic copies of its source code on a compact disc increases the risk of unintentional disclosure or copying of highly confidential, proprietary material. The Court agrees that is an unnecessary risk to take in this case. Plaintiff's convenience-based arguments do not outweigh Defendant's legitimate concerns regarding inadvertent disclosure of its highly confidential and highly valuable source code if electronic copies of Defendant's source code were to be produced. The location of the production should have little impact on Plaintiffs expert's ability to review substantively the source code. The Court recognizes that it may be more inconvenient for Plaintiffs expert to have to review the source code in the manner proposed by Defendant, but such inconvenience is not outweighed by the legitimate concerns of Defendant to protect its source code. Defendant's proposal provides a reasonable process for Plaintiff to gain access to its source code. As cited above, judges in this district, and others, have held that source code should be inspected at the location where it is maintained. See, e.g., CIVIX-DDI, No. 05 C 6869, [Dkt.#602] (N.D. Ill. Apr. 1, 2010) (denying plaintiff's motion to compel source code production at defendant's counsel's office in Chicago and ordering plaintiff to review source code on secure computer at defendant's offices in California) (citing CMI, 2009 WL 2163616, at *7 and Polycom, Inc., 2007 WL 194588, at *3-4). In this case, ordering that the source code be inspected where it is maintained would be in Kentucky. As an accommodation to Plaintiff, Defendant has agreed to make its source code available at its counsel's Chicago office or at another mutually agreeable location. Plaintiff also objects to the limitations Defendant seeks to put on his ability to print and copy portions of Defendant's source code. The parties appear to agree that a “reasonable” number of pages may be printed. Plaintiffs proposal, however, does not provide any parameters for what will be deemed to be reasonable. In contrast, Defendant's proposed protective order puts an initial limitation on the number of continuous pages printed (no more than 5 continuous printed pages) and an initial maximum on the total number of pages (no more than an aggregate 500 pages or 10% of the total source code) without the prior written approval of Defendant. Defendant's modified protective order also gives Defendant the ability to review material Plaintiff or his expert prints, to object to what it considers to be any unreasonable scope of print activity before producing any printouts to Plaintiff, imposes a period of days for Defendant to respond to requests for copies and other things by Plaintiff, and otherwise curtails Plaintiff's or his experts ability to work with the source code in the course of preparing the case for trial. The Court is not sure it understands all of the intricate limitations Defendant's proposed order imposes in this regard or whether the intricacy or complexity is necessary. The Court also is sensitive to Plaintiffs objection on work product grounds to providing to Defendant copies of whatever its expert prints as the expert is conducting his or her analysis of the source code. The Court wonders, for example, whether it would be simpler to require Plaintiffs expert to conduct his or her analysis of the source code in the room in which the source code is produced on the standalone computer, make that room adequate, comfortable and sufficient for that purpose, and require whatever copies are made of the source code to stay in that room unless and until they are included in the expert's report, filed with the Court or used in a deposition. The room would be off limits to Defendant and its counsel, and potentially accessible only by entering a code into a security keypad that would prevent access to the room by anyone without the presence of Plaintiffs expert. *4 Before it decides to enter Defendant's proposed order or a modified version of that order that addresses the printing and copying issue in a somewhat different way, the Court would like to discuss those issues with the parties. Accordingly, Defendant's Motion to Modify the Default Protective Order [48] is set for hearing to discuss these particular issues at the time stated in the docket entry accompanying this Statement. Plaintiff's other objections to Defendant's proposed order and protocol include, among others: (1) the search tools that will be available to Plaintiffs experts to search Defendant's source code; (2) the times available for inspection; (3) use of the knowledge gained by review of Defendant's source code in this case; and (4) whether or not persons entering the room are subject to search. With regard to the first issue, this seems like a non-issue or is premature at best. The only difference in the parties' proposed language is whether the tools are “presently available” versus “used in the ordinary course of the Producer's business.” Plaintiff has not argued that the tools provided are insufficient, and because Plaintiff has not had access to the source code, he has yet to test the review tools. Unless and until there is a problem with the review tools installed on the computer on which the code is produced for inspection, this matter is premature. And, in any event, Defendant has offered to discuss with Plaintiff alternative review tools if the tools provided by Defendant are insufficient for Plaintiff's or his expert's purposes. As to the time available for inspection, the Court finds that normal business hours are reasonable. If for some reason, normal business hours are not sufficient, the parties shall meet and confer and attempt to work out a modified schedule. If the parties cannot resolve the problem, they may submit the issue to the Court for resolution. As to the language in the modified protective order relating to future use of information, Plaintiff argues that Defendant's language is vague. Both parties agree that any information about or knowledge of Defendant's source code can be used solely for the prosecution or defense of this case. Defendant's proposal, however, adds an additional sentence: “No Person shall review or analyze any Restricted-Confidential Source Code for purposes unrelated to this case, nor may any Person use any knowledge gained as a result of reviewing Restricted-Confidential Source Code in this case in any other pending or future dispute, proceeding, or litigation.” This explains in greater detail than the language proposed by Plaintiff that it is impermissible to use Defendant's source code or any knowledge about the source code for any purpose whatsoever other than this lawsuit. Plaintiffs additional language drives home the point that nothing learned in this case can be used for any other purpose; on balance that is both accurate and fair. Finally, as to whether or not persons should be subject to search before entering the room in which the computer is stored, given that these safeguards are being put into place to ensure that Defendant's source code is protected from copying and disclosure, it is reasonable that any person entering the room be searched to determine that he or she is not bringing any devices into the room that would allow them to copy or download the source code. For all of the reasons discussed herein, the Courts finds that Defendant has established that good cause exists to modify the default Local Patent Rule 1.4 Protective Order to provide additional and greater protections for the production and inspection of Defendant's source code in this particular case. Accordingly, Defendant's Motion to Modify the Default Protective Order [48] is granted, and the Court will enter Defendant's Modified Protective Order a version of that order after it has an opportunity to discuss the issue of printing and use of copies of the source code with counsel at the hearing set in the docket entry accompanying this Statement. *5 It is so ordered. Footnotes [1] As Defendant discusses in its Memorandum of Law in Support of its Motion to Modify the Default Protective Order [Dkt.#49], the District of Delaware has adopted a Default Standard for Access to Source Code that expressly sets out this level of protection. See District of Delaware Default Standard for Access to Source Code, ¶ 2 (“A single electronic copy of source code or executable code shall be made available for inspection on a stand-alone computer.”). The Northern District of California also has a Proposed Model Protective Order for patent cases with similar protections. See Northern District of California Proposed Model Protective Order, ¶ 9 (“Any source code produced [ ]shall be made available [ ] at an office of the Producing Party's counsel or another mutually agreed upon location ... The source code shall be made available for inspection on a secured computer in a secured room without Internet access or network access to other computers.”). Similarly, judges in the Eastern District of Texas, in both the Marshall and Tyler divisions, have proposed commensurate levels of protection. See Eastern District of Texas, ¶10(a) (“Access to a Party's Source Code Material shall be provided only on “stand-alone” computer(s) ... [with exceptions for transporting] the stand-alone computer(s) may only be located at the offices of the producing Party's outside counsel.”).