Another Musk-Twitter Sideshow Reminds That Which Email Address You Use Matters
The headline-generating Twitter-Musk saga has caused the Court’s rapid-fire issuance of more than 30 letters and memorandum opinions. Others have already been discussed on this blog. Another among them is notable for the Court’s consideration of whether Elon Musk waived privilege by sending and receiving otherwise privileged communications about the Twitter acquisition using his Tesla and SpaceX email addresses. This brief decision is an important reminder that yes, it does matter which email address you use to communicate about otherwise privileged matters.
As the Court often puts it, familiarity with the background of this dispute is assumed. For purposes of this discussion, only a few facts are critical:
- Musk serves as CEO of entities that are uninvolved third parties vis-à-vis his dispute with Twitter;
- Musk used email addresses he has on those other businesses’ email servers to circulate privileged information regarding the Twitter acquisition;
- Musk withheld those communications as privileged and did not produce them to Twitter; and
- Twitter sought to compel production of those emails, arguing that the attorney-client privilege had been waived due to Musk’s use of those other businesses’ email servers.
Delaware’s relevant evidentiary rules limit attorney-client communications to those that are “confidential.” This has “subjective and objective aspects”; a “subjective expectation of confidentiality must be objectively reasonable under the circumstances.” This is a fact-intensive analysis, and the burden is on the party claiming that privilege applies (here, Musk).
When it comes to assessing whether one should reasonably believe that their communications are “confidential” on a particular corporate email server, the Delaware courts apply the Asia Global four-factor test (so-named for a 2005 S.D.N.Y. bankruptcy court decision). These ask whether the corporate entity: (1) maintains a policy banning personal use; (2) monitors the email; (3) grants access to third parties; or (4) notifies employees of these policies. The first is the “dominant” factor, although none is dispositive.
After submission of affidavits providing the details of the relevant corporate email policies, Musk prevailed. The Court found that Musk had an “objectively reasonable” expectation of privacy under the circumstances. Among other things, the affidavits reinforced that email policies existed and limited the monitoring of employee emails on the relevant servers. Further, those affidavits evidenced that as to Musk specifically, “no one” was permitted to access his accounts without consent. On these facts, Twitter’s motion was denied. Others, as previously discussed on this blog, have not been as fortunate.
Key takeaways
Again: which email you use matters.
- Elon Musk is a unique figure, but these circumstances are not. Many people use corporate email addresses for personal matters without adequate consideration of these issues. Many others hold multiple corporate positions, but rely heavily on one email address rather than using different email addresses for different roles. Individuals facing these circumstances would be wise to consider the pertinent policies with the benefit of counsel and determine the best path forward (e.g., use of multiple and distinct email accounts for different roles).
Emails, like diamonds, are forever.
- As a colleague of mine rightly says, “e-mail is better known as ‘eternal’ mail.” It should be treated accordingly: with caution. Ask yourself if you’d like to see an email again in the future. If not, reconsider. What seems funny now may seem less so in a future deposition.
Privilege is not absolute.
- As this case reminds, privilege assertions get tested. This can happen for a variety of reasons, including the waiver arguments that Musk faced. The scope of a potential waiver can be sweeping, depending on the circumstances. Periodic training on the contours of privilege can be helpful in helping directors, officers, and executives navigate these issues and assess their risks accordingly (e.g., assessing the likelihood that a particularly message is, in fact, privileged).
Companies should consider their email policies periodically.
- Decisions applying Asia Global reinforce the import of corporate policies and practices regarding their email servers. Entities facing these decisions should discuss with counsel the best path forward, which requires balancing users’ confidentiality expectations and wishes against the corporate need to review and/or monitor email.
This post is as of the posting date stated above. Sidley Austin LLP assumes no duty to update this post or post about any subsequent developments having a bearing on this post.