The situation on privacy expectations of e-mails for employees continues to develop both in Canada and the U.S. A unanimous decision released by the New Jersey Supreme Court this past week in Stengart v. Loving Care Agency, Inc. adds to this area.
Prior to leaving the employer to file a discrimination suit, the employee exchanged 7-8 e-mails with her lawyer through a personal Yahoo! e-mail account through the company’s laptop computer. The employer then retrieved these e-mails through the Temporary Internet Files cache and used them in preparation for the suit. The trial court initially ruled that the employee had waived any attorney-client privilege by using the company computer, a position reversed on appeal.
The Supreme Court ruled in favour of the employee, taking a position opposite to a similar New York case from a few years ago in Scott v Beth Israel Med. Ctr. Inc., which also dealt with attorney-client privilege. Other American courts have found no reasonable expectation of privacy in unprofessional e-mails sent through an internal system to a supervisor, and alternatively that a reasonable expectation of privacy did exist for attorney-client e-mails when
sent through the employer’s e-mail system.
The court adopted the fact-specific test from re Asia Global Crossing, Ltd. The employer in Stengart did not have an explicit policy in place to deal with personal communications,
The company reserves and will exercise the right to review, audit, intercept, access, and disclose all matters on the company’s media systems and services at any time, with or without notice…
E-mail and voice mail messages, internet use and communication and computer files are considered part of the company’s business and client records. Such communications are not to be considered private or personal to any individual employee.
The principal purpose of electronic mail (e-mail) is for company business communications. Occasional personal use is permitted; however, the system should not be used to solicit for outside business ventures, charitable organizations, or for any political or religious purpose, unless authorized by the Director of Human Resources.
Rabner C.J. notes that the employee took steps to protect her personal e-mails from the employer, including a personal e-mail account instead of her company e-mail, utilized password protections, and did not save the account password on the computer. She did not know that pages viewed were saved on the computer cache. Consequently, she had a subjective expectation of privacy in discussing her future lawsuit, especially since the company policy does not address personal e-mail accounts at all.
The employee did not waive privilege by using the company laptop, and the company violated the privacy interests by accessing the e-mails, and for failing to alert the employee’s lawyer that they possessed them before reading them. The New Jersey Rules of Professional Conduct (RPC) do provide some guidance in these situations,
4.4 (b) A lawyer who receives a document and has reasonable cause to believe that the document was inadvertently sent shall not read the document or, if he or she has begun to do so, shall stop reading the document, promptly notify the sender, and return the document to the sender.
The New Jersey Rules are based on the the ABA Model Rules, which the court said defines the term document to include e-mails and electronic modes of transmission.
The conduct expected of the employer was clarified in the decision,
To be clear, the Firm did not hack into plaintiff’s personal account or maliciously seek out attorney-client documents in a clandestine way. Nor did it rummage through an employee’s personal files out of idle curiosity. Instead, it legitimately attempted to preserve evidence to defend a civil lawsuit. Its error was in not setting aside the arguably privileged messages once it realized they were attorney-client communications, and failing either to notify its adversary or seek court permission before reading further. There is nothing in the record before us to suggest any bad faith on the Firm’s part in reading the Policy as it did. Nonetheless, the Firm should have promptly notified opposing counsel when it discovered the nature of the e-mails.