Thursday, April 1, 1999
A company’s e-mails generally include: (1) communications with professionals (e.g. lawyers and accountants); (2) business communications with co-workers, clients and other businesses; and (3) personal communications. All three types of communications give rise to different liability concerns.
First, communicating with attorneys and other professionals via e-mail may be convenient, but may also give rise to confidentiality concerns. Even though a number of state bar associations, including that of New York, have acknowledged an attorney-client privilege in regular, unencrypted e-mail communications, companies need to make sure that such a privilege has not been destroyed or undermined. The privilege can be destroyed if the e-mail is forwarded to staff members, or to people outside the company’s managerial circle. E-mails that are printed and left in common areas, or that are left opened on monitors can also destroy the privilege. Applying court rulings on conventional communications, attorney-client e-mails that are mistakenly forwarded by the client to third parties would probably still retain privileged status, although no cases appear to have ruled firmly on this issue.
Second, one of the potentially costliest consequences for a company that uses e-mail for most of its business communications is discovery. In the face of litigation, a company may be ordered by a court to reproduce such e-mails at its own cost. Such an obligation could be extremely taxing on a company’s resources, and can be avoided by implementing a periodic and systematic policy of deleting e-mails that are unwanted and not subject to legal record-retention requirements. To be effective, such a policy should ensure that deleted e-mails do not remain on a computer’s hard drive (i.e. they should be electronically “shredded”) because such discovery demands have extended such e-mails. Companies should note, however, that the destruction of e-mails in anticipation of litigation or otherwise against the law can result in fines and presumptions in trial that are far most costly than discovery of the e-mails would have been.
Third, although a company cannot, as a practical matter, prevent employees from sending and receiving personal e-mails, it should nevertheless take steps to mitigate potential liability arising from such non-business uses. Inappropriate e-mails (e.g. sexist or racist jokes, harassing messages) sent or forwarded by a company’s employee usually identifies the company’s name in the Internet protocol address, and may cause embarrassment to the company. Worse yet, recipients of such messages may try (and indeed have tried) to hold the company liable for any injuries. To prevent such claims, a company should delineate its boundaries of permissible e-mail use in the employee handbook or equivalent materials, and should take prompt action when alerted of potential violations. Courts have held in favor of companies that addressed reported violations promptly by, for example, censuring the employee or by holding staff meetings to clarify the company’s e-mail usage policies.
