Company E-Mail and Privacy: Can You Communicate With Your Attorney While At Work?
February 11, 2008
It is becoming more and more common in employment disputes for a company to assert that an employee has no reasonable expectation of privacy in any form of electronic communication that takes place during work on company computers or phones. A recent case in point is Scott v. Beth Israel Medical Center, Case No. 602736/04 (Ramos, J.), decided in the New York State Supreme Court and published on November 1, 2007.
Scott involved a breach of contract claim. Physician W. Norman Scott, who formerly served as the team physician for the New York Knicks until 2005, began working at Beth Israel in 1991 and was chairman of its orthopedic department from 1998 until he was fired in July 2004. He was initially paid $1.8 million a year. Dr. Scott alleged that Beth Israel agreed to pay him $14,000,000 in severance if he was terminated without cause. The hospital claimed that he was terminated for cause.
On August 10, 2005, Beth Israel’s counsel sent a letter to plaintiff’s counsel stating that defendants possessed certain e-mail correspondence between Dr. Scott and his attorneys concerning the dispute, as well as other e-mails between Dr. Scott and a different lawyer concerning a separate dispute. All of the e mails were written between February and August 2004, were all sent to or from Dr. Scott’s work e mail address, and were all sent over the hospital’s e-mail server. Counsel’s letter also stated that although no one at Beth Israel had read the e-mails yet, it was the company’s position that any privilege that might have otherwise attached to the communications had been waived because Dr. Scott had used the company’s e-mail system while communicating with his counsel.
Not surprisingly, Dr. Scott’s counsel contested the assertion. Wisely, the parties jointly called the Judge’s Court Attorney, who instructed Beth Israel’s counsel to provide copies of the e-mails to Dr. Scott and to also place copies of the documents into a sealed envelope and bar anyone from reviewing the e-mails pending a resolution of the dispute by the Court. Dr. Scott then filed a motion for a protective order seeking the return of all copies of the documents.
The Court first took note of Beth Israel’s e-mail policy, which stated in part that: “All Medical center computer systems, telephone systems, voice-mail systems, facsimile equipment, electronic mail systems, Internet access systems, related technology systems, and the wired or wireless networks that connect them are the property of the Medical Center and should be used for business purposes only . . . . All information and documents created, received, saved or sent on the Medical Center’s computer or communications systems are of the Medical Center. Employees have no personal privacy right in any material created, received, saved or sent using Medical Center communication or computer systems. The Medical Center reserves the right to access and disclose such material at any time without prior notice.”
This policy was contained in the company’s Human Resources Policy and Procedure Manual and was available in hard copy and maintained in the office of the Administrator for each department and on the company’s intranet. In 2002, the hospital had also distributed to every employee a handbook containing a brief summary of the e-mail policy. Although doctors hired after 2002 were required to sign a form acknowledging that they had read and were familiar with the email policy, Dr. Scott never signed such an acknowledgment and denied knowledge of the policy. Dr. Scott’s counsel also contended that it had no knowledge of the hospital’s e-mail policy.
Relying on a N.Y. statutory provision, Dr. Scott argued that communications do not lose their privileged character simply because that are “communicated by electronic means or because persons necessary for the delivery or facilitation of such electronic communication may have access to the content of the communication.” See N.Y. CPLR 4548. Analyzing that provision, the Court found that CPLR 4548 reflected “a legislative finding that when the parties to a privileged relationship communicate by e-mail, they have a reasonable expectation of privacy.” Nevertheless, the Court also held that such a statute “does not absolve an attorney of his or her responsibility to assess the risk of communicating by e-mail with a client…. As with any other confidential communication, the holder of the privilege and his or her attorney must protect the privileged communication; otherwise, it will be waived.
For example, the Court stated that “a spouse who sends her spouse a confidential e-mail from her workplace with a business associate looking over her shoulder as she types, the privilege does not attach.” By analogy, the Court reasoned, the effect of Beth Israel’s e-mail policy was “to have the employer looking over your shoulder each time you send an e-mail. In other words, the otherwise privileged communication between Dr. Scott and [his counsel] would not have been made in confidence because of the [hospital’s] policy.” Specifically, the Court determined that a “no personal use” policy that was “combined with a policy allowing for employer monitoring” significantly diminishes any expectation of confidentiality in the electronic communication. Nor does it matter if the attorney was unaware of the company’s policy. Even the New York State Bar Association has stated that “a lawyer who uses technology to communicate with clients must use reasonable care with respect to such communication, and therefore must assess the risks attendant to the use of that technology and determine if the mode of transmission is appropriate under the circumstances.” See Committee on Professional Ethics, Op. No. 782 (December 8, 2004).
The Court further noted that although no New York case was precisely on point, guidance could be had by reference to In Re Asia Global Crossing Ltd., a federal bankruptcy case dealing with substantially similar issues. 322 BR 247 (SDNY 2005). In that case, executives used their employer’s e-mail to communicate with their attorneys about actual or potential litigation with the employer. 322 BR at 256. Examining a variety of federal cases addressing whether an employee has a reasonable expectation of privacy in his or her office e-mail, the court there concluded that the attorney-client privilege would be inapplicable if “(a) . . . the corporation maintain[s] a policy banning personal or other objectionable use, (b) . . . the company monitor[s] the use of the employee’s computer or email, (c) . . . third parties have a right of access to the computer or emails, and (d) . . . the corporation notif[ies] the employee, or was the employee aware, of the use and monitoring policies?” 322 BR at 257. See also, Long v Marubeni America Corp., 2006 WL 299B671 (SDNY 2006) (no attorney client privilege or work product protection for e-mails exchanged over employer’s e-mail system where employer had formal no personal use policy). In the Court’s view, Beth Israel’s policy clearly satisfied the first and second factor and thus resulted in a waiver of any privilege. Moreover, Dr. Scott also had at least “ constructive knowledge” of the policy, since the policy was disseminated to each employee in 2002, including to Dr. Scott.
There are several lessons to be drawn from Scott. First, the way in which an employer’s e-mail policy is drafted and disseminated matters. A policy that clearly states that e-mail is to be used only for business and not personal use, coupled with a provision that allows unfettered access to such e-mails by the employer, is more likely to overcome any future claim of privacy or privilege objection by an employee. Such a policy should be distributed to all effected employees, and signed forms acknowledging receipt and understanding of the policy should be obtained from all employees, even those who have been employed with the company prior to policy coming into effect.
Second, the rationale of Scott applies not just to e-mail, but to telephone communications and any other type of electronic medium, such as instant messaging or text messaging. Furthermore, as technology continues to integrate these various forms of communication — for example, with VoIP software that can automatically produce an e-mail with a data recording of every phone message — employees should expect more accessibility and less privacy in their work-place communications generally. Employees therefore must take care to engage in private communications outside of the workplace and/or through electronic equipment that is neither owned or controlled by the employer.
Third, counsel who communicate with clients, especially through e-mails, should be cautious of doing so when the e-mail address is directed to an employee at the workplace. In cases where the client and their employer are likely to be adverse, counsel should consider asking the client to establish a separate private e-mail address for purposes of quick and easy communications.
In the end, Scott provides all of us with a reminder that the electronic age has brought with it the need for extra vigilance in guarding one’s personal and private information.