SAN FRANCISCO (Reuters)--To think Hewlett-Packard, the world's second-largest computer company, is alone in pursuing aggressive internal investigations would be naive, say HP's former chairman, experts and lawyers; they do it all the time.
But do they routinely turn to such skulduggery as rifling through garbage? Impersonate someone to get their phone records, known as pretexting? Or send fake e-mails embedded with tracing technology?
Perhaps not the companies themselves, experts said, but the investigators they hire do use those methods. And, in light of HP's full-blown scandal into its board leak investigation, that gives big companies plenty of reasons to be skittish.
"Corporate America is worried and should be worried," said Jamie Wareham, global chairman of the litigation department at law firm Paul, Hastings, Janofsky & Walker LLP. "Do you think these guys in the business of pretexting only have one client and that's HP? I don't think so."
HP had turned parts of the leak probe over to Security Outsourcing Solutions, a small Boston private investigations firm, which in turn used subcontractors to investigate.
Wareham said he knows of "some large companies that are worried some of their investigative agencies use these sorts of tactics," though he declined to name them. Some companies he knows are conducting audits of their private investigators in light of HP's experience, he said.
What began as an effort under prior Chief Executive Carly Fiorina in what lawyers say appears to have been an aboveboard effort to find the source of boardroom leaks devolved into a scandal that has claimed former HP Chairman Patricia Dunn, former general counsel Ann Baskins, and several other HP executives.
California's attorney general on Wednesday filed felony charges against Dunn and four others for spying on journalists, HP employees and the company's board of directors. HP is also under investigation by the U.S. Securities and Exchange Commission and other regulators for the investigative tactics used.
Attorney General Bill Lockyer's office said it investigated at least five other cases involving potentially illegal use of database brokers, but has declined to give details.
Companies routinely conduct investigations, but their number has grown since the Sarbanes-Oxley Act of 2002 was signed in to law in July of that year. That wide-ranging law established new or enhanced standards for disclosing financial and accounting details for publicly traded U.S. companies.
"Companies now more than ever, post Sarbanes-Oxley, are routinely doing internal investigations," said William Keane, a partner at the law firm Farella Braun+Martel, noting that they typically cover issues of securities or accounting fraud, employment and discrimination matters as well as worker theft.
"I would say if there are investigations going on that include obtaining private personal phone records, they would be the exception rather than the rule," Keane said.
Dunn's involvement in HP's leak investigation in 2005 and 2006 prompted her resignation. She testified before U.S. Congress that corporate investigations are the norm, rather than the exception. And many may involve unsavory tactics, she offered.
"The fact is that I believe that these methods may, in fact, be quite common not just at Hewlett-Packard, but at companies around the country," Dunn said.
And although HP is now the poster child for corporate investigations gone "rogue," as HP's current Chief Executive Mark Hurd testified before the same congressional panel, it may not be lonely for long.
"This is kind of like the first options-backdating case," lawyer Wareham said, likening HP's leak scandal to the some 100 companies whose stock option grant practices are under scrutiny by regulators. "It's not the last one you're going to be reading about."
