Top executives at Uber used the encrypted chat app Wickr to hold secret conversations, current and former workers testified in court this week, setting up what could be the first major legal test of the issues raised by the use of encrypted apps inside companies.
The revelations Tuesday and Wednesday about the extensive use of Wickr inside Uber upended the high-stakes legal showdown with Alphabet's Inc Waymo unit, which accuses the ride-hailing firm of stealing its self-driving car secrets.
Apps such as Wickr, Signal, Telegram, Confide and Snapchat offer security and anonymity, with features including passcodes to open messages and automatic deletion of all copies of a message after as little as a few seconds.
There is nothing inherently unlawful about instructing employees to use disappearing messaging apps, said Timothy Heaphy, a lawyer at Hunton & Williams and a former US Attorney in Virginia.
However, companies have an obligation to preserve records that may be reasonably seen as relevant to litigation or that fall under data retention rules set by industry regulators. In Uber's situation, chat logs that could help get to the bottom of the trade secrets case are now inaccessible. Uber also faces a criminal investigation over the alleged theft.
"It's a knotty question for courts and lawyers on when the obligation arises" to preserve records, said Julia Brickell, general counsel at the legal discovery firm H5. But "if someone uses a communication device to specifically hide information from litigation because you knew it would result in litigation, that would be foul from the start."
Richard Jacobs, a security analyst whom Uber fired in April and now consults for the company, testified Tuesday that up to dozens of employees were trained to used ephemeral messaging systems, including Wickr, to communicate so that their conversations would be clandestine and could not surface in any "anticipated litigation."
Two officials still at Uber testified Wednesday that multiple teams used Wickr. Among the users, they said, was Anthony Levandowski, a one-time leader of Waymo's autonomous vehicle efforts who the company alleges brought trade secrets to Uber.
It is unclear when Uber began using Wickr, but the company said that in October of last year it began paying for a business version that gave it the ability to preserve messages for as long as a year instead of a maximum of six days.
While the contents of an individual user's Wickr account would be impossible to access without the account-holder's permission, the business version gives the company the ability see whatever information has not been automatically erased.
In the middle of the contentious court hearing Tuesday, Uber chief executive Dara Khosrowshahi tweeted: "True that Wickr, Telegram were used often at Uber when I came in. As of Sept 27th I directed my teams NOT to use such Apps when discussing Uber-related business."
US District Judge William Alsup opened the pre-trial hearing by admonishing attorneys that counsel in future cases can be "found in malpractice" if they do not turn over evidence from specialised communications tools.
An app such as Wickr "could be a way for Levandowski to communicate 'By the way, how did we do that back at Waymo?' and all that vanishes in 30 seconds," Alsup said. "To me it's plausible that it happened. And the evidence is gone now. Because it was an intentionally set up system to not leave a paper trail."
Federal civil court guidelines enable judges to tell jurors that they can presume that information covered up by a litigant and now missing would have been negative for that party, Brickell said.
Such a declaration could hurt Uber, as its primary defense has been that Waymo has turned up no concrete evidence of the trade-secret theft. Now, Waymo can claim that such evidence was simply deleted.
"That they were so concerned about covering things up meant that they could have known what they were doing was a crime," said Nick Akerman, a lawyer at Dorsey & Whitney and a former federal prosecutor in Manhattan. "To me, that's very powerful evidence."
Andy Wilson, chief executive of forensics software maker Logikcull, said it is already common for companies to search for usage of encrypted apps or deleted messages when conducting internal investigations.
He said his company's program is used by Salesforce.com Inc and other businesses to scan emails and chat messages. Emails showing a user signed up for a service such as Signal or Telegram are held against them in internal investigations, he said, as are records showing a text was deleted.
"It's a huge win for (customers) because it shows ill-intent" on the part of the subject of the investigation, Wilson said.
(Reporting by Paresh Dave and Heather Somerville in San Francisco. Additional rpeorting by Jan Wolfe in New York and Dustin Volz in Washington.; Editing by Jonathan Weber and Lisa Shumaker)