Practice Areas

Legal Pitfalls of E-mail: From Privacy Concerns to Litigation Perils, Companies Must Limit Risks

Thomas A. French

From inappropriate personal communications to incriminating corporate evidence, e-mails present a host of problems for the business community. Learning the risk and taking preventative measures can protect productivity and mitigate against liability disasters.

Employers know that unregulated Internet and e-mail access is a temptation for employees to spend time on personal communications, some of which may be objectionable to the employer or to fellow employees who are exposed to it. Such conduct wastes company time and resources and could subject the employer to liability under a Varity of employment laws. What many company executives do not know is that most e-mail, as well as other content on company computer hard drives, can be retrieved and used against them in court.

Electronic evidence, especially e-mail, is playing an expanded role in court, both because of the prevalence of e-mail as a mode of communication and because of its unique attributes. E-mail is virtually impossible to destroy. Messages which have been erased or placed in the "recycle bin" and later discarded remain on the computer hard drive and are rather easily recovered. Not only are e-mails which have been sent and erased capable of recovery, unsent drafts are also usually retrievable. Employees who do not understand or remember this, might tend to write something they would never want third persons, let alone a judge, jury or prosecutor to read, under the mistaken belief that their words are private.

When a company is involved in commercial litigation, for example, nothing could farther from the truth. In federal court, the Federal Rules of Civil Procedure mandate documentary disclosures at the outset of most cases. All documents, data compilations, and tangible things that are in the possession, custody or control of a party and which party will use at trial (except for impeachment) must be voluntarily given to all other parties.

Moreover, where damages are concerned, a party must voluntarily provide other parties with a computation of damages and supply the documents or other evidence on which the computation is based. In addition, other parties are permitted to conduct detailed discovery of documents and records which are relevant to the litigation and not protected by attorney-client or other privilege. Information stored on computer memories, disks, hard drives, network backup tapes and other computerized databases is discoverable by your opponent.

The courts have held that no relevant data or other evidence may be destroyed, once litigation has been commenced. Failure to comply with these rules will subject a party to sanctions, which in their most extreme form, could result in a finding of liability of the offending party, the imposition of damages, an award of your opponent's attorney fees, or dismissal of your case.

Prudent managers consult counsel to assist in developing an effective record retention policy that addresses electronic data as well as paper documents and records. Such policies require employees to regularly review, retain and destroy documents created and maintained in the course of business. Record retention policies can significantly limit the documents subject to review by opponents during the discovery process, and allow the company to eliminate the cost of maintaining and storing records the company no longer needs. In addition to establishing timetables for storage and destruction of business records, a good policy will establish uniform indexing procedures and will also designate records as "business" or "nonbusiness" communications.

"Nonbusiness" communications should be discarded or deleted immediately. The policy should also provide a mechanism for a "freeze" of document destruction to preserve evidence once it becomes apparent that litigation will be filed. This applies to hard copy documents as well as electronic media. Such record preservation is not only required, it is often necessary to preserve evidence which the company itself will need to prove its case in court.

How can company limit the risks posed by damaging e-mails sent by employees? Many firms monitor employee e-mail. It has been reported that almost 40% of major U.S. companies now do so. Such monitoring deters incriminating, as well as inappropriate and offensive employee communications, and provides added protection to the company's infrastructure from viruses and junk e-mail. However, the right of an employer to inspect its employee's e-mail is still unsettled in the law.

The courts have not addressed this issue under the Electronic Communications Privacy Act, (the federal law protecting e-mails from unauthorized searches). It has also been suggested that secret monitoring could violate the federal wiretap law and possibly various state statutes. Consequently, a company should clearly notify its employees that their e-mail may be monitored. Such clear warnings will eliminate any reasonable expectation of privacy.

The policy should also state specifically what is, and is not, appropriate employee use of e-mail. For example, supervisors should be instructed not to make intemperate or disparaging remarks about fellow employees. E-mail should be treated like any other document. Nothing should be committed to writing that the employee would not want read in open court by a judge or jury.

For further information, or if you have other commercial law or business litigation questions, call Thomas A. French at (717) 233-5731 or e-mail him at