You’ve probably received an email with a legend at the bottom that reads something like this:
This message and any attached documents contain information which may be confidential, subject to privilege or exempt from disclosure under applicable law. These materials are intended only for the use of the intended recipient. If you are not the intended recipient of this transmission, you are hereby notified that any distribution, disclosure, printing, copying, storage, modification or the taking of any action in reliance upon this transmission is strictly prohibited. Delivery of this message to any person other than the intended recipient shall not compromise or waive such confidentiality, privilege or exemption from disclosure as to this communication. If you have received this communication in error, please immediately notify the sender and delete the message from your system.
First of all: wow! Only a lawyer would write something like this. Nonetheless, the real question is whether this stock confidentiality notice at the end of just about everyone’s emails these days has any legal effect.
The question reminds me of the rather often repeated story of Alex Berenson and the Pepper Hamilton email. Alex Berenson is a reporter for the New York Times, who in January 2008 was reporting on drug company Eli Lilly and the government investigations regarding Zyprexa. Pepper Hamilton was representing Eli Lilly in the investigations. In early January, a high-powered lawyer sent the following email:
Tom and I were racing to other meetings when we left the EDPA and I am just back, looking for Tom so we can have a call. We’ll call you as soon as I have him. Preview: They’re in the stratosphere on number and Meehan wants a deal.
The lawyer intended the email to be sent to a lawyer named Bradford Berenson at Sidley Austin (another firm representing Eli Lilly). But the Pepper Hamilton lawyer had previously emailed both Brad Berenson, the attorney, and Alex Berenson, the reporter; therefore, both were in the auto-complete feature of his email directory. As a result, he inadvertently sent the email to Alex Berenson instead of Brad Berenson.
To the uninformed, the email may be hard to decipher, but Alex Berenson knew exactly what it meant. “EDPA” is the Eastern District of Pennsylvania. Meehan is Patrick – then the U.S. attorney in that district (now a member of Congress). “Meehan wants a deal” and “they’re in the stratosphere” means that Eli Lilly and the U.S. attorney were discussing some kind of settlement deal. Reporter Alex Berenson was aware of the talks, but he thought they were on hold. With this new piece of information, he did a little digging, which resulted in a front-page New York Times story—“Lilly Considers $1 Billion Fine to Settle Case.”
But the Pepper Hamilton lawyer’s inadvertent email included the same sort of stock email disclaimer that appears above, so why didn’t that work? The answer is because it’s unenforceable in a situation like this. In reality, if you inadvertently send an email to the wrong person, there is virtually no way to put the genie back in the bottle. Alex Berenson, when asked about his reaction to receiving the email and whether he immediately called the Pepper Hamilton lawyers to let them know, was mocking in his disregard of the email disclaimer. Berenson responded, “I did not do that, and I also did not abide by the stock confidentiality notice that is at the bottom of all these emails that says, if you’ve reached [sic] this in error, delete this or, you know, the Starfleet Enterprise will come get you.” (Click here for the transcript of the entire interview.)
There is no legal doctrine or theory under which an email confidentiality disclaimer is enforceable in a circumstance like this. There is virtually no scholarly analysis of the impact of email disclaimers and very little analysis by non-scholars. Two of the few authors who has commented on the subject, Michael Santarcangelo and Patrick Romero, have suggested that the misconception that email disclaimers have validity may arise from the mistaken belief that the Electronic Communications Privacy Act somehow applies. But, as these authors point out, the ECPA prohibits only “intercepting” emails. Emails that arrive at their destination—even if the sender did not intend that destination—are not emails that have been intercepted in transit. ECPA is, therefore inapplicable. In short, ECPA is focused on the criminal intent of the interceptor, not the ability of the sender to execute his or her own intentions.
With regard to preserving the attorney-client privilege, there may be at least some reasonable basis for including a disclaimer. Privilege is an evidentiary rule that arises within the scope of a lawsuit, and a waiver must be intentional and knowing. Courts examining potential waivers of privilege look at (1) the reasonableness of precautions taken to prevent inadvertent disclosure, (2) the time taken to rectify the error, (3) the scope of relevant discovery, (4) the extent of disclosure, and (5) the fairness of stripping the particular communication of the privilege. A disclaimer might give you an argument that it wouldn’t be fair to strip a communication of privilege because the reader should have known—upon seeing the disclaimer—that the communication was inadvertently sent. It may be wise to come up with some other arguments, but . . . it’s an argument.
With regard to communications with lawyers, the rules are a little different. Model Rule of Professional Conduct 4.4(b) states, “A lawyer who receives a document relating to the representation of the lawyer’s client and knows or reasonably should know that the document was inadvertently sent shall promptly notify the sender.” It is noteworthy that the rule requires only notice and doesn’t require refraining from reading the document or prohibit other use of the document. And a number of states haven’t even adopted Rule 4.4(b), so there may not be a requirement even to notify the sender in certain states. Nonetheless, if a court is examining “fairness” in connection with waiver of privilege, a disclaimer on an email sent to a lawyer might help.
I’m not suggesting that everyone who uses disclaimers at the end of emails immediately run out and order the IT staff to delete them. Although rare, there are circumstances where “everybody does it” is as good a reason to do something as any. Email disclaimers cost nothing, and you certainly won’t be in the minority if you use them.
What’s more important, however, is to consider some really effective ways to avoid the inadvertent sending of emails, either individually or corporately. For instance, you might disable the “Reply All” function from your employees’ email and require the use of multiple keystrokes to execute that function. Those few extra seconds before blasting out a reply to every recipient of the initial email may be all the grace you need. Or you can make sure your employees know how to remove Alex Berenson’s name from the auto-complete feature. Or consider encryption technology for especially sensitive email. Not even the best email disclaimer is a substitute for discipline and good judgment. Training, communication, and reinforcement offer your best hope of ensuring that your emails—and those of others in your organization—end up only where you intend to send them.