Photo by Jonathan Rotondo-McCord
Update (July 11, 2018): Supplemental briefing (here and here). Apparently, the Court raised an interesting question at the hearing on the motion for a protective order regarding an employee’s attorney/client communications via the corporate servers: the application of Carpenter v. United States, 16-402, 2018 WL 3073916 (U.S. June 22, 2018). At first blush, Carpenter, a Fourth Amendment case about warrantless tracking of cell-phone location data, seems to have nothing to do with the case discussed below (about whether the attorney-client privilege applies to email communications by company employees to their personal lawyers via the company email system).
But both raise the question: when there is a third-party “conduit” of information, does that sacrifice the confidentiality of the information? On the other hand, (1) Mr. Kirschke certainly had other means of communicating with his lawyer other than through the corporate email system (but we cannot use cell phones without communicating location data to third parties); and (2) companies (including Carlson Hotels, apparently) go out of their way to put employees on notice that they have no legitimate claim of privacy for communications on the companies’ communication systems (email, voice-mail, text messages on company issues cell phones, etc. etc. etc.). These seem to be critical distinctions.
But think about this: Carlson Hotels seeks discovery of Mr. Kirschke’s communications with his personal lawyer. What about the next case: where a third-party (a soon-to-be ex-spouse, for example) seeks discovery of an employee’s communications with her personal lawyer sent and received through her work email account, arguing that the communication(s) were over corporate email and therefore not entitled to the privilege?
Original post (June 27, 2018): We have previously noted that the concept of “waiver” in U.S. law is muddled and muddy. Think about it and this lack of a bright-line universal rule makes sense. For one thing, the consequences of waiver — that is, “voluntary and intentional relinquishment of a known right” — can be small or huge in particular circumstances. Compare a criminal defendant pleading guilty and waiving her right to trial with a property owner waiving its contractual right to a written change order in a construction project, for example. In the first scenario, in theory, a human life could be at stake. In the second scenario, the issue is whether the property owner can exploit a technicality (absence of a written change order) to avoid paying for a benefit she has received.
Clearly, we should infer waiver more readily under some circumstances than others.
On this continuum of waiver, where should we put waiver of the attorney-client privilege for a corporate employee’s emails to his lawyer sent via the company email system?
Should courts require strong evidence of waiver? If a company has a policy, shared annually with all employees, that they should have no expectation of privacy with regard to their corporate email, should this, by itself constitute the waiver of the attorney-client privilege for emails sent between employees and their personal lawyers?
The issue is now before U.S. Magistrate Judge Steven E. Rau (D. Minn.) in Kirschke v. Carlson, Inc., et al.
If employees are held to have waived the confidentiality of email communications to their lawyers from their work-place email accounts, could the receiving lawyers be liable for professional malpractice if they failed to advise their clients of the need to avoid communicating through the company’s corporate email system?
Or, on the other hand, could the company (or its lawyers) be punished for knowingly exploiting confidential attorney-client privileged communications if the company exploits such common oversights by employees who inadvertently “share” their confidential communications with their employer simply by using their work email systems (but don’t “voluntarily and intentionally relinquish a known right”)? (The linked case involves the disqualification of a law firm for its erroneous exploitation of a privileged email when the law firm thought the privilege had been waived because it had been shared with a third party.)
Practice pointer: All client intake, without exception, should include taking client information, including the client’s contact information, and, at that time, there should be a discussion of the use of email, the nature of a client’s email address(es), and the importance of confidentiality. The same holds true of voice-mail, of course, and other systems that might be vulnerable to access by third-parties (and, therefore, subject to waiver).