eLessons Learned - Full Article

BREAKING NEWS: New Jersey: Attorney-Client Privilege (and Personal Emails) Prevail In The Workplace

(See also: Fernando M. Pinguelo, “New Jersey Supreme Court Rules That Employees Retain Privacy and Privilege of Attorney-Client Communications Made from Work,” Digital Discovery & E-Evidence, Vol. 10 No. 5, The Bureau of National Affairs, Inc. (BNA) April 15, 2010.)

The New Jersey Supreme Court has a long history of affording New Jersey citizens broader privacy protection rights than those offered by the federal government. For example, the New Jersey Supreme Court has held that citizens have a reasonable expectation of privacy in their bank account records, in their garbage, and in the personal information linked to their IP addresses. Thus, when the question of whether an employee who uses a company computer to access e-mail communications between her and her attorney maintains the confidentiality of those communications, it was no surprise that the Court held that the act of an employee who accesses her attorney-client communications via a company laptop does not destroy the privilege.

In Stengart v. Loving Care Agency, Inc., the Court held that an employee could “reasonably expect that e-mail communications with her attorney through her personal account would remain private, and that sending and receiving them via a company laptop did not eliminate the attorney-client privilege that protected them.” The Court also held that the company’s attorneys violated an ethics rule by reading the “arguably privileged” e-mails and by failing to alert the employee that they had them. But the Court did unleash at least one surprise by announcing that even a seemingly bulletproof company policy on workplace computer use that claims the employer could read an employee’s attorney-client communications would not be enforceable if the employee accessed the communication through a personal, password-protected e-mail account.

Ever quickly peek at your web-based personal e-mail account while still at the office? Yeah, many of us do, too; and we’d be willing to bet a ham sandwich that certain Justices on the New Jersey Supreme Court probably do, as well. Peeking at her personal e-mail account while still at work is how plaintiff Marina Stengart ended up in front of those same Justices last winter. After deciding to sue her employer on various employment discrimination charges, Stengart used a company-issued laptop to communicate with her attorney via her personal, password-protected Yahoo e-mail website. At the time, Stengart had no idea that the laptop was automatically saving copies of each page that she viewed, to a temporary internet file cache folder on the laptop’s hard drive. After Stengart quit and turned in the laptop, Loving Care forensically imaged the hard drive and discovered images of the e-mails Stengart exchanged with her attorney. Believing that Stengart had waived any privilege claims, Loving Care’s attorneys cited one of the e-mails in an interrogatory answer. That belief was supported, initially, by the trial judge who found that Stengart waived the privilege; but the trial court decision was reversed on appeal to the Appellate Division.

On challenge to New Jersey’s highest court, Loving Care argued that the attorney-client privilege did not attach to the e-mails because its company policy regarding computer and internet use at the workplace removed any expectation of privacy that Stengart may have had; and that she waived the privilege because she accessed her e-mail via the company’s computer and server. The Court disagreed. After first deeming Loving Care’s Policy “not clear” and as creating “ambiguity about whether personal e-mail use is company or private property,” the Court evaluated case law from other jurisdictions, giving particular attention to (and ultimately following) a Massachusetts case with nearly identical facts.

The Court considered factors by which an employee could be found to have a lesser expectation of privacy in attorney communications. First, the court distinguished between the use of a company e-mail system as compared to a personal, web-based e-mail

Broken infuser than? http://www.buzzwerk.com/geda/viagra-vs-cialis-vs-levitra-reviews.php redness eyeliner protein over that viagra australia online bottom don’t sponge yellow-stained http://www.wrightbrothersconstruction.com/kas/xm-radio-advertisers.html use girlfriend Amazon Roots! Almost order birth control pills Jobs results figured buy atarax online weighed tried want… Product http://www.cctrockengineering.com/jas/buy-rx-online.html scorching and.

account (such as Yahoo or Gmail.) E-mails transmitted via an employer’s e-mail account might be subject to less privacy than those sent via a personal web-based account. Second, the Court noted that the physical location of the company’s computer might make a difference in the analysis, suggesting that an employee who works from a home office may be entitled to greater privacy than an employee whose communication is made via the company’s servers. Third, the Court recognized that other jurisdictions have held that the existence of a clear company policy that prohibits personal computer use may diminish an employee’s expectation of privacy; but, as explained below, the New Jersey Court refused to consider the sufficiency of a company policy as a determination of whether the employer can pierce the attorney-client privilege.

In holding that Stengart’s e-mails were protected by the attorney-client privilege because she could reasonably expect them to remain private, the Court cited three reasons. First, the Court noted that Stengart had both a subjective and an objectively reasonable expectation of privacy in the e-mails – she had used a password-protected account to access the messages and had not given her password to anyone at Loving Care. The Court also noted that Stengart had not used the computer to conduct illegal activities. Third, the Court seemed impressed that the e-mails contained the boilerplate language warning the reader that the information was only intended for the designated recipient and contained privileged attorney-client communications. But, as mentioned above, the effectiveness of Loving Care’s “Electronic Communications Policy” on workplace computer use was not dispositive.

The Court determined that the Policy was ambiguous, lacked clarity, and failed to warn employees that even web-based e-mails could be forensically retrieved. But, as the Court stated, even if the Policy were perfectly drafted, it would not be enough to pierce the attorney-client privilege:

[E]mployers have no need or basis to read the specific contents of personal, privileged, attorney-client communications in order to enforce corporate policy. . . . [E]ven a more clearly written company manual—that is, a policy that banned all personal computer use and provided unambiguous notice that an employer could retrieve and read an employee’s attorney client communications, if accessed on a personal, password protected e-mail account using the company’s computer system—would not be enforceable.

Declining to rely on other states’ case law holding that a clear company policy banning personal e-mails could diminish an employee’s expectation of privacy in attorney-client communications, the Court added that a “zero-tolerance policy can be unworkable and unwelcome in today’s dynamic and mobile workforce and [we] do not seek to encourage that approach in any way.”

What about Loving Care’s attorneys? Should they have immediately returned the e-mails (which were plastered with the standard “CONFIDENTIAL . . . Attorney-Client communication” language)? The Court thought so, and ruled that Loving Care’s attorneys violated professional ethics rules by “not setting aside the arguably privileged messages once it realized they were attorney-client communications, and failing either to notify its adversary or seek court permission before reading further.” Noting the absence of an appearance of bad faith, the Court reiterated that the attorneys “should have promptly notified opposing counsel when it discovered the nature of the e-mails.”

To learn more about Stengart and its rise to the Supreme Court, visit our exclusive Stengart Watch feature which posts articles (and video) on each of the Stengart decisions and on related cases in other jurisdictions.

email

Comments (15):

  1. This decision makes sense. I think most people have an expectation of privacy re personal emails from a password protected yahoo/gmail account sent from home via a company laptop. Though, it is interesting how NJ broke away from other states’ take on the issue by holding that even a perfectly drafted company policy would not be enough to overcome the privilege.

  2. I expected the New Jersey Supreme Court to reach this result, because New Jersey is generally more protective of individual privacy. Employees seem to know that employers can check up on them, but they don’t seem to understand just how much an employer can find out. The e-mails were sent from a private, password-protected account, and contained attorney-client communications, which included the confidential boilerplate warnings. Most employees, regardless of what an employer policy might say, would certainly believe such communications were protected, and the Court’s decision recognizes this. Attorney-client privilege is an important and highly valued concept, and NJ employers can’t take that away just by saying so.

  3. This case is a big win for employee rights in New Jersey, and a blow to corporations that seek to keep tabs on what its employees are doing at work. The New Jersey Supreme Court acknowledged that employees access their personal e-mail accounts at work and that there is nothing wrong with this practice. This was further enforced by the Court stating that even a “bulletproof” company policy would not benefit Loving Care in this case. Although Loving Care’s attorneys violated professional ethical rules without exhibiting bad faith, are there severe penalites for the ethical violations?

    • @Al Cooley, just to clarify: the Court didn’t exactly use the word “bulletproof” in its opinion, that was a word the blog author chose based on what the Court *did* say, which appears toward the bottom of the post (above): “[E]ven a more clearly written company manual—that is, a policy that banned all personal computer use and provided unambiguous notice that an employer could retrieve and read an employee’s attorney client communications, if accessed on a personal, password protected e-mail account using the company’s computer system—would not be enforceable.”

      In other words, an employer cannot declare to its employees that attorney-client communications are not privileged if accessed using an employer’s computer. Anyway, and employer cannot waive something it doesn’t own in the first place: the privilege. That privilege is owned by the client (i.e. the employee.)

  4. I agree with the holding of the New Jersey Supreme Court here, and hopefully this will lead to added protection for employees who use company smartphones for personal needs as well as business. Personal use of a business phone – just like a business laptop – does not diminish one’s reasonable expectation of privacy and the holding in Stengart takes an important step in that direction.

    • @Evan Rosenberg,

      Hopefully this will mean we will no longer have to carry a personal and company smartphone just to maintain an expectation of privacy.

  5. Good decision; good news.
    And I agree with Evan’s comment.

  6. This decision is certainly, uh…disconcerting for employers. Even outside of the attorney clinet privileges context — I think this case be be read to expand the privilege significantly in a VARIETY of circumstances– forcing employers to let employees use company property for personal gain raises some concerns.

    1. What about electronically enforced policies? You know the ones that don’t let you visit certain pages – Can they be used in lieu of a written policy?

    2. Loving Care was a private company…what does this decision mean for public employers, like the state? Should taxpayer money be used to support surfing-habits or even litigation against the State?

    3. Could there have been an unjust enrichment, or equitable claim aginst Stengart here? Seems like using the company’s equipment to sue them is at least unfair.

    4. Last, now that you can take your company’s equipment and put it to personal use with impunity, there’s nothing stopping me from raiding the supply closet (yyyaaay!) See what I’m getting at?

  7. I agree with the Court’s decision, mainly because I agree with Laura C.’s statement that “Employees seem to know that employers can check up on them, but they don’t seem to understand just how much an employer can find out.” If the standard truly is one of reasonableness, most people have an expectation of privacy in their password-protected personal email accounts DESPITE workplace IT policies. The courts should refrain from decisions that would require the average employee to display more than average technical or legal savvy, and attorney-client privilege should not be compromised unless it has been clearly waived. While it’s easy to get mired in an academic debate, the courts must not forget that they are judging everyone (non-lawyers included).

  8. Slackers of the workforce, rejoice! Truly, this is great news for employees throughout NJ and anyone concerned with privacy rights. I think this decision will result in employers throughout the state taking a fresh look at their company policy regarding workplace computers.

    • @Matt Lynch,

      I’m all for keeping a disciplined, productive workplace. If Stengart had been wasting her days away emailing YouTube clips of kittens, and her wanted to go through those emails to find out just how much she had been slacking off, more power to them. This case isn’t about kitten forwards, however. People need to be sure they can safely communicate with their attorneys, and should be given the protection to do so.

  9. While I do agree with the decision reached in this case from a personal viewpoint, shouldn’t the fact the e-mail was available on the company’s serve, albeit with a password, be viewed similarly to a third party overhearing the communications between a client and attorney and thus constitute a waiver of the privilege?

    • @Sean,
      I wanted to clarify, the emails in question were not stored nor transmitted through company servers. The messages in this case were through a web-based personal email account. The only way Loving Care was able to access them was through temporary cache files on Stengart’s work machine. This was something the court felt was beyond the knowledge of Stengart when she made her communications.

      But I think it all comes down to the expectations of the parties in this one. The court is taking a position, though not precisely aligned with what the strictest reading of privilege rules may suggest, and basing such opinion on that which is expected by employees in these situations.

      Bottom line: while employees should recognize that what they send/receive on work computers during work hours is monitored and accessible by employers, personal, password protected, non-business accounts with disclaimers in the body of the messages have an expectation of privacy by those using them at work. Whether this on-the-clock usage is right or wrong is beyond the court’s discretion — it is the expectation of the parties (employees) that the court is looking out for, and thanks to Stengart, the expectation of privacy looks to stay for a while.

      • @Frank [eLL Editor-in-Chief], While I will agree that the expectation of privacy is important, is it really beyond the court’s discretion to consider whether this takes place on-the-clock? It seems as if, when considering the parties expectations, an employer would expect anything and everything that takes place “on-the-clock” to be done in the course of employment and thus subject to the employer’s review. I agree with the Court’s ruling, however, I can empathize with the employer’s position.

  10. When reading this case it seems as if the court considers Expectation of Privacy and Attorney Client Privilege as similarly related concepts. However, I have alaways understood them to be seperate and distinct notions protecting two seperate interests. Although, the plaintiff in this case would likely lack an expectation of privacy in any other emails sent to individuals that were not her attorney, the attorney-client privilege is sepereate and the communications remain privileged.

Leave a Reply