ABA Resolution on E-mail: Does It Help?
[1]
Micalyn S. Harris, Winpro Inc.
At its annual meeting in Toronto in August, the House of Delegates of the
American Bar Association (the ABA's policy-making body) adopted a resolution
calling on courts of all jurisdictions to accord attorney-client electronic
mail communications the same expectation of privacy and confidentiality as that
enjoyed by communications via mail, telephone, cellular telephones and
facsimile.[2]
The resolution reads as follows:
RESOLVED, that the American Bar Association urges state, local, and
territorial courts to accord a lawyer-client electronic mail communication,
whether by the Internet or any other means, the same expectation of privacy and
confidentiality as lawyer-client communications by telephone calls, United
States mail and other means of communication traditionally deemed private and
confidential.
The recognition that e-mail is widely used by attorneys and clients for
communication, particularly informal communication, makes it desirable that
courts, attorneys, and clients consider the privacy and confidentiality issues
involving its use. If the intention of the resolution was to encourage courts
to establish a rule that any use of electronic communication will not in an of
itself be deemed to waive attorney-client privilege for purposes of the rules
of evidence, the language chosen fails to make that intention clear. The
analogy, implied by the ABA resolution, that e-mail is like telephone calls,
the U.S. mail and "other means of communication traditionally deemed private
and confidential" ignores the unique aspects of e-mail communication. E-mail is
significantly different from both telephone calls and the U. S. Mail. Moreover,
courts have recognized differences among various types of telephone and mailed
communications (land lines vs. cellular telephone, sealed letter vs. post
cards), and concluded that, in some circumstances, they are not private.
E-mail feels like a telephone call. As a result, e-mail communications tend to
be informal. Accordingly, such communications are often less precisely worded
than would have been the case had communication been in a formal memorandum.
Unlike a telephone call, however, e-mail is not ephemeral. E-mail creates a
document, and that document may, depending upon the particular mode of e-mail
communication, be routinely accessible to a number of people between sender and
receiver. Moreover, because computer systems are often backed up daily, weekly
and monthly, and backup copies stored off-site, e-mail is likely to be
accessible to additional people after it is delivered and "filed." As a result,
e-mail may be more widely-available than paper documents and is likely to be
long-lived. Thus, the adverse consequences of casual communication, ephemeral
and subject to being re-created from the memory in the case of a telephone
conversation, are potentially greater in connection with the more or less
permanent document created by e-mail.
The resolution's implied analogy to cellular telephones is even less helpful.
Cases involving cellular telephones not equipped with automatic scrambling
devices have often held that participants in such conversations did not have a
reasonable expectation of privacy. Later cellular telephone cases in which
expectations of privacy were found to exist were often based on the fact that
newer technology automatically scrambled conversations "en route" and
unscrambled them only at the receiving end.[3]
If the cellular telephone analogy holds for e-mail, it might imply that in
order for e-mail to have a reasonable expectation of privacy, e-mail which
travels beyond a closed system (for example, between two entities using the
same internet service provider) must be encrypted.
From a technical standpoint, the analogy to facsimile transmissions is also
faulty. Facsimile transmissions, like telephone conversations, move from sender
to receiver without intermediate "stops." E-mail communications moving via
direct modem connection between sender and receiver move in the same way that
telephone and facsimile messages move. Communications which travel across the
Internet, however, while not broadcast as cellular telephone conversations are
broadcast, move in relays and may come to rest on one or more intermediate
servers. These intermediate servers may or may not be part of a commercial
service provider system. While on these intermediate servers, messages may
legally be read by the intermediate systems' operators in the normal course of
maintaining those systems. Thus, the risk of disclosure of information to third
parties having no obligations of (and perhaps no awareness of) confidentiality
requirements or expectations, is greater than it would be with "point-to-point"
facsimile transmissions.
Of all of the analogies suggested by the resolution, the suggestion that
e-mail communications be treated like communications through the mail is
perhaps least helpful. Lawyers and their clients generally mail communications
that they wish to keep confidential in sealed envelopes. There is considerable
literature, particularly technical literature, which describes sending messages
across the Internet as analogous to sending a post card through the mail.[4]
The analogy is apt. Leaving aside the confidentiality obligations of U.S.
postal employees, it would be difficult for a third party, even knowing
confidential information had been sent from a given lawyer or to a given client
on a post card, to locate that post card in the U.S. mail system. Nevertheless,
lawyers, and even non-lawyers, do not send confidential information on
postcards. They recognize that there is no reasonable expectation of privacy
when information is sent by post card. Post card messages are typically casual
and innocuous.
U. S. Mail postal employees have obligations of confidentiality regarding the
mail they handle, and commercial service providers have, under the Electronic
Communications Privacy Act,[5]
similar obligations to their customers regarding the content of the messages
they handle (although such obligations may be undercut by the contracts between
providers and subscribers). It is at least questionable, however, that such
obligations of confidentiality will be or should be extended to noncommercial
entities, such as universities, which are part of the Internet and may act as
relay stations for messages not addressed to them. The issue is not whether
intermediate systems' operators can or should look at these messages. The fact
is they can and should and do in the normal course of their work. The only
issue is whether lawyers and their clients can be charged with knowledge of how
their communications systems work, and with making thoughtful evaluations of
the risks and implications of their use in support of the desired conclusion
that there is a reasonable expectation of privacy when using e-mail
communication for confidential information.
Five years ago, such information was known to relatively few people, and
lawyers could argue that it was not reasonable for them to be expected to learn
about their e-mail systems. Today, a great deal has been written about e-mail
privacy, and the possible lack of it.[6]
Information on the subject is no longer so arcane that lawyers can confidently
argue they could not be expected to understand and evaluate the issues.
To date, e-mail has been the subject of successful discovery motions, and the
basis for a number of lawsuits that could not have been successful had the
e-mail messages been unavailable as evidence. Research to date has disclosed no
cases in which use of e-mail between attorney and client has been found to
waive the attorney-client privilege. The risk of such waiver however has been
recognized, and several states have adopted legislation aimed at assuring that
the use of e-mail will not destroy attorney-client privilege.[7]
In the absence of legislation, there is a risk that a court might determine
that mere use of e-mail waived the attorney-client or related work product
privilege because expectations of privacy were not reasonable.
A draft report of the Task Force on E-Mail Privacy of the Lawyer Business
Ethics Committee of the ABA's Business Law Section states,
It is the consensus of the Task Force that use of unencrypted e-mail between
attorney and client should not, in and of itself, result in a waiver of the
attorney-client privilege or the related work-product privilege for purposes of
the rules of evidence. The Task Force recognizes, however, that under certain
factual circumstances, a court that may decide otherwise, i.e., a court may
decide that communication via unencrypted e-mail will be regarded as a waiver
of the attorney-client privilege for failure to treat information as
confidential. Several states have, or are in the process of adopting, specific
rules in this issue [footnotes omitted]. In the absence of specific rules,
counsel will need to consider the possible risks, weigh them against the
benefits, and proceed on the basis of that evaluation.
Several states, including New York,[8]
have adopted legislation stating that for purposes of their rules of evidence,
mere use of e-mail will not, it and of itself, constitute an automatic waiver
of the attorney client privilege, and presumably the related work product
privilege. Iowa has warned that attorneys have an ethical duty to discuss the
advisability of e-mail communication with clients and obtain client consent to
its use.[9]
The majority of the states which have dealt with the issue, either in relation
to their rules of evidence or their ethical rules, fall somewhere between these
two extremes.
The advantages of electronic communication are numerous. It's fast, efficient,
inexpensive and generally easy. It has, however, risks that deserve to be
understood and considered These risks include the fact that applicable law
regarding whether there is a reasonable expectation of privacy in connection
with e-mail is in a state of flux in many states. Ethical requirements
regarding under what circumstances e-mail may be used also differ from state to
state, and the technology itself covers a variety of arrangements and is
evolving.
Accordingly, before using e-mail for confidential communications, lawyers are
well-advised to understand the basics of the specific arrangements they are
about to use. Local rules of evidence and local ethical rules and opinions
should be checked. Other factors, such as a client's statements and procedures
regarding handling of e-mail, may have an impact on whether a reasonable
expectation of privacy exists. The risks and benefits of using e-mail must be
evaluated in light of all of these factors. Both in the context of litigation
and in conjunction with commercial transactions, consideration of these issues,
and thoughtful evaluation of the risks and benefits in advance, can help avoid
unpleasant surprises regarding disclosure and discovery of confidential
information conveyed by e-mail.
This article provides general information, and represents the views of the
author(s). It does not constitute legal advice, and should not be used or taken
as legal advice relating to any specific situation. Brief portions may be
quoted with attribution, including the name(s) of the author(s) and citation to
the publication in which they first appeared.
FOOTNOTES
1Copyright
1998, Micalyn S. Harris, All Rights Reserved. Cite as: Micalyn S. Harris. "ABA
Resolution on E-mail: Does It Help?" 2 wallwtreetlawyer.com No. 5,
October, 1998. Text may vary slightly from printed version.
2See
14 ABA/BNA Lawyer's Manual on Professional Conduct, No. 15, August 19, 1998, at
394.
3See
Tyler v. Berodt, 877 F2d 705, 706 (8th Cir 1989), cert. den.
493 US 1022 (1990); State v. Smith, 438 NW2d 571 (Wis 1989); State v.
Delaurier, 488 A3d 688 (RI 1985); People v. Fata, 559 NYS2d 348
(App Div 1990), but cf. U.S. v. Smith, 978 F2d 171, 180 (5th
Cir 1992), cert. den. 113 S Ct. 1620 (1993); State v. McVeigh, 620 A2d
133 (Conn 1993), suppressing cordless telephone conversation.
4See
e.g., Freivogel, William, "Communicating with or About Clients on the Internet:
Legal, Ethical, and Liability Concerns," ALAS Loss Prevention J. 17 (Jan.
1996), noting that technical articles frequently liken Internet messages to
postcards, leading legal writers to conclude that there is no reasonable
expectation of privacy, but himself concluding, "It is important to remember
that the hacker's activity is as criminal as the wiretapper's." Id, at
18, citing 18 U.S.C. 2510 et seq. See also, Harris, Richard E.V., "Electronic
Communications and the Law of Privilege", 11 California Litigation 14 (1997).
(Note: this and the following sentence were omitted from the published version
of the article.)
5Electronic
Communications Privacy Act, 18 U.S.C. 2510 et seq.
6See
e.g., The Wall Street Journal, September 22, 1998, p. A1, col. 4, analogizing
e-mail to a postcard.
7See
e.g., Section 4547 of New York's civil practice law and rules (Chapter 156 of
the Laws of 1998), which provides: "No communication privileged under this
Article shall lose its privileged character for the sole reason that it is
communicated by electronic means or because persons necessary for the delivery
or facilitation of such electronic communication may have access to the content
of the communication." A proposed 952 of the California Evidence Code was not
adopted. That section would have provided, "As used in this article,
'confidential communication between client and lawyer' means information
transmitted in confidence....A communication between a client and his or her
lawyer is not deemed lacking in confidentiality solely because the
communication is transmitted between the client and his or her lawyer by fax,
cellular telephone, internet, electronic mail, or computer network, or other
electronic means."
8See
Section 4547, New York Civil Practice Law.
9Iowa
Op. 96-01 and Iowa Op. 97-01.
|