Attorney/Client Privilege and Electronic Communications Clarified
The Third Department recently clarified the requirements to establish when electronic communications are protected by attorney client privilege and when that privilege is waived. Parnes v. Parnes, 2011 NY Slip Op 136; NY App. Div. LEXIS 156 (3d Dep’t 2011). Traditionally, documents that are not discoverable because of attorney client privilege are those documents that contain confidential communication made to the attorney for the purpose of obtaining legal advice or services. Courts have required that reasonable steps be taken to maintain the confidentiality of that privilege or it will be lost.
Parnes was a matrimonial action. The plaintiff wife discovered a page of one of the defendant husband’s emails on the defendant’s desk at their residence. As she was looking for the rest of the email, she discovered the user name and password of the defendant’s email account which was also left on this desk. Plaintiff used this password to access the defendant’s email account, printed out the emails between the defendant and his attorney (Paul Van Ryn), and turned these over to her attorney. The plaintiff thereafter used this information to amend her complaint to reflect that the defendant conspired with his attorney to cause plaintiff mental anguish. Defendant moved to, among other things, preclude plaintiff from using any privileged communications between defendant and Van Ryn and to strike the portions of the amended complaint based on privileged information. Defendant’s motion was granted and plaintiff appealed.
The party seeking to have documents protected by the attorney client privilege has the burden of establishing “that the information sought to be protected from disclosure was a ‘confidential communication’ made to the attorney for the purpose of obtaining legal advice or services.” Because defendant contacted Van Ryn to seek advice about a potential divorce and custody battle, and because Van Ryn gave legal advice sent from his law firm email address and billed the defendant for his (Van Ryn’s) time, this burden was met.
Once this privilege is established, the party enjoying this privilege bears the burden of demonstrating this privilege was not waived. In this case, the court held, “by leaving a hard copy of part of a document on the desk in a room used by multiple people, the defendant failed to prove that he took reasonable steps to maintain the confidentiality of that privilege.” As a result, this privilege was waived with regard to the one page that was left on top of the desk.
Regarding the rest of the privileged email communications, the court held that the defendant took reasonable steps to keep the emails on his computer confidential, and thus did not waive this privilege relating to the rest of the email communications. The defendant set up a new email account and only checked it from one computer. “Leaving a note containing his user name and password on the desk in the parties’ common office in the shared home was careless, but it did not constitute a waiver of the privilege. Defendant still maintained a reasonable expectation that no one would find the note and enter the information into the computer in a deliberate attempt to open, read, and print his password-protected documents.”
In this case, the privilege was waived relating to the single page of the multiple-page email that was left in a common area, but was not waived relating to the user identification and password that was left on the same desk. Thus, the distinction is between taking active steps to prevent access to confidential information (setting up an email account for storing this information), and passively allowing this information to be viewed (leaving a page of this information out in an area accessible to others, including adverse parties).
Thus, it appears that by taking active steps such as setting up a separate, individual email account for safeguarding privileged material, demonstrates an actual intent to protect this privilege. Leaving the means of accessing this account in a location accessible to an adverse party may be careless, but does not by itself nullify the underlying intent that was established by the very act of setting up this account because it is not an active measure expressing a particular intent.
Passively leaving part of a privileged email laying out in an area utilized by others does not indicate any intent to safeguard this privileged information. The point is the uncertainty of protecting privilege or waiving privilege may or may not be the intent, but there is no way to confirm this because this passive act in and of itself does not convey any attempt to protect privilege, or to waive it.
This case illustrates the importance of taking reasonable steps to protect material that is privileged so that this privilege is not waived to a party’s detriment. Keeping information privileged is an ongoing responsibility. By analogy, if you take documents out of the safe, you must return them in order to protect your privacy.
If you require further information regarding the information presented in this Legal Alert and its impact on your organization, please contact any of the members of the Practice Area.
- New Cybersecurity Regulations May Apply to Companies that do Business with NYS Chartered Or Licensed Banks, Mortgage Bankers, Insurance Companies and Others
- New York State Department of Financial Services Finalizes Cybersecurity Regulations
- Insurance Agent Held Not Liable for Alleged Failure to Obtain Flood Insurance Coverage