Are Email Confidentiality Notices Just Plain Stupid?
Confidentiality notices, often automatically pasted at the end of email correspondence are annoying, aren’t they? More annoying still are those trails of emails sent back and forth when the parties hit “reply” a few times and a brief email chat becomes a 10-page string loaded with repetitive boilerplate notices. Here’s the one that I use, which looks similar to or exactly like the ones sent by many other attorneys:
CONFIDENTIALITY NOTICE: This facsimile/e-mail message is intended only for the person or entity to which it is addressed and may contain CONFIDENTIAL or
PRIVILEGED material. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender and destroy all copies of the original message. If you are the intended recipient but do not wish to receive communications through this medium, please so advise the sender immediately.
Does this obnoxious prophylactic effort actually protect anyone’s confidentiality, or is it just plain stupid? Some commentators suggest as much. (See goldmark.com, Jeffrey Goldberg, 8/14/03 [“counting the ways” in which email confidentiality notices are “stupid.”]). The reasons for why attaching a confidentiality notice to emails may be considered a waste of effort and space at least and a serious mistake at worst include: (1) it gives an ambiguous directive; (2) it projects a contradictory intent; (3) it has no legal effect; and (4) it can eviscerate any legal effect that it might otherwise have.
The ambiguous directive of the confidentiality notice says that the “unauthorized” recipient is prohibited from reviewing or distributing the email message, while also directing that take action by contacting the sender and destroying the message. How do I know that I am not the intended recipient unless I review the message? Since the message was, in fact, addressed to me (because that’s how I got it), then aren’t I the de facto intended recipient? How do I know that I’m not supposed to review the message until after I have read it and then found the notice at the end of the message? And, who are you, Sender, to tell me what is prohibited; what authority do you have to tell me what to do with the emails sent to my address?
Very often, confidentiality notices at the end of email messages directly contradict the intent of the sender. This is the case if, for example, the information contained in the email is a press release or corporate memo, directing the recipient to disseminate its contents to other employees. And what does “may contain confidential or privileged material” mean? Is it or isn’t it confidential? How am I supposed to know what portions of the message are or are not confidential or privileged? Recently, I took on a lawsuit where it turned out that my new legal adversary was an old friend. My friend/new adversary sent me an email, stating that he was glad to have me as his adversary so that we could make head-way on some protracted issues in the case and, in the same email, made friendly inquiries about me and my family. At the end of the email was a confidentiality notice. Common sense told me that nothing in that particular email could be deemed confidential. Nor did any privilege exist, no matter what the email contained.
Nearly all of my legal adversaries send me emails with a confidentiality notice at the end of their emails. The problem for them is that there is no way their messages are kept confidential. In fact, we, as attorneys, are looking for those emails which contain incriminating admissions and/or contradictory statements that can be used against our adversaries. Such correspondence is used in court all the time as evidence to support legal positions and, if the court papers are filed online as in Federal Court proceedings, these communications are available to anyone who wishes to see them.
So, there are some prime examples of why confidentiality notices at the end of emails are totally useless. Now, here’s why they are simply a bad idea: First, it can lull the sender into a false sense of security by the very harshness of the message’s tone and implied legal implication of “prohibition.” A confidentiality notice has no inherent legal effect. Second, if used routinely, they can make all of your email communications non-confidential. If you make all of your email communications confidential, when it is clear that you do not have a “reasonable expectation of confidentiality” for every message you write, then you are not making specific efforts to protect certain information, as distinguished from all information. You must intend to protect certain information as confidential.
Only when such notices are used carefully and sparingly do they have a chance to actually protect confidential information transmitted by email. The basic legal standard is a “reasonable expectation of confidentiality,” which does not exist by the mere force of the words in the notice; such an expectation must be accompanied by another reason for having such an expectation.
To simplify, your author suggests that you keep the following in mind when you want to attempt to keep information confidential. Common sense should tell you that you cannot force someone to keep your secrets just by demanding that they do. There must be some outside agreement or requirement that your secrets will be kept by a particular recipient. Therefore, the confidentiality notice is like a reminder or a back-up of sorts, indicating that you are proceeding under a previously-established agreement between you, the sender, and another party, who is the recipient; it reaffirms your commitment to keep your secrets secretive.