Attached is an article written by Steve Puiszis, DRI's State Rep to Illinois, which originally appeared on Practical Ediscovery, a blog sponsored by Hinshaw & Culbertson LLP.
Leor Exploration & Production, LLC v. Aguiar, 2009 WL 3097207 (S.D. Fla. Sept. 23, 2009)
The twentieth century Spanish philosopher and poet George Santayana once wrote: “Those who cannot learn from history are doomed to repeat it.” The Leor decision proves that philosophy is especially true when it comes to the realm of ediscovery. Leor is another example of a growing body of caselaw addressing whether emails sent or received by an employee through his employer’s email server are protected by attorney-client privilege. In a prior blog post we discussed several decisions that have addressed this issue and attempted to reconcile their holdings.
Guma Aguiar was the CEO and Vice Chairman of Leor Exploration & Production LLC (“Leor”). He retained a “trusts and estates attorney” to document his interests in certain entities. Subsequently, that attorney sent an email to Aguiar’s personal advisor and agent, Garrett Smith, who also happened to be the Vice President and In-House General Counsel of Leor, which memorialized a conversation involving the three of them. The email was sent to Mr. Smith’s work email address at Leor. After a series of lawsuits erupted between Aguiar, his uncle and related entities involved in oil and gas exploration, the attorney’s email surfaced in discovery and the issue presented to the court was whether it was protected by the attorney-client privilege.
Leor held that the attorney’s email to his client’s personal advisor and agent was not privileged because the client lacked a reasonable expectation of privacy in emails transmitted through his employer’s (the company’s) email server. In reaching that conclusion, the court identified four factors that should be considered in determining whether an employee has an expectation of privacy in email communications:
- Does the corporation maintain a policy banning personal or objectionable use;
- Does the corporation monitor the use of the employee’s computer or e-mail;
- Do third parties have a right of access to the computer or e-mails; and
- Did the corporation notify the employee or was the employee aware of the use and monitoring policies?
Because each of the four factors were present, the court in Leor had little difficulty in concluding that plaintiff did not meet his burden of establishing the applicability of the attorney-client privilege. However, the privilege belongs to the client not the lawyer, and the decision fails to address how an attorney can waive the privilege belonging to the client without the client’s consent. When the client sends an email to his attorney with knowledge of the four factors noted above, one can argue the client impliedly waived any right to assert the privilege, but the converse is not necessarily true. However, the decision follows the approach taken in Scott v. Beth Israel, and lawyers must take care not to run afoul of the decision.
In our prior blog post addressing this issue, we discussed how some courts have ruled that email communications retained their privileged character when they were encrypted or involved password protected web-based email notwithstanding the fact that they were sent or received via a company issued computer. While that post focused on the duties and responsibilities of a company’s attorney who receives or reviews employee emails, Leor highlights the responsibilities of any attorney communicating with his client via email.
Reasonable communication between an attorney and his or her client is necessary under Rule 1.4 of the Model Rules of Professional Conduct. Rule 1.6 of the Model Rules further requires that an attorney act competently to safeguard confidential information relating to the representation of a client against its inadvertent or unauthorized disclosure. Under Rule 1.6, a lawyer is obligated to take reasonable precautions to prevent information from coming into the hands of unintended recipients. That does not necessarily require that a lawyer use special security measures, such as encrypting emails, where the mode of communication affords a reasonable expectation of privacy. However, special circumstances can require that special precautions be taken.
While the decisions are not uniform in their holding, given the growing body of caselaw addressing the waiver of attorney-client privilege involving workplace email communications, an attorney should consider whether special precautions may be warranted in this scenario, especially if you practice in a jurisdiction where you would have reason to believe a court may find a waiver occurred. An attorney should consider addressing this issue at the outset of any representation with his client. Lawyers would be wise to follow the age-old adage: an ounce of prevention is worth a pound of cure. If the risk of privilege loss is to be avoided, then neither the attorney nor the client should communicate with one another through any email server or by any means in which they lack a reasonable expectation of privacy. While that does not mean that an attorney cannot communicate via email with his client, the attorney should endeavor to avoid emailing the client at the client’s place of business and should consider advising the client to not communicate with him through a company-issued computer, Blackberry or other communication device. Consider alternative methods of communication. While a client may consent to the use of a mode of communication that would be prohibited by Rule 1.6, that consent must be “informed.”
So before you send that next email to a client, stop and assess whether there are any privilege issues implicated by your communication. Don’t let convenience trump confidentiality. Where appropriate, clients should be advised of the risks of communication via company-issued computers or Blackberries in order to avoid a waiver of privilege as in Leor.