Outside Director Communications: Maximizing the Potential to Protect Attorney-Client Privilege

Email communications can be a trap for unwary independent directors. The December 2020 In re WeWork Litigation decision illustrates the point, as discussed in this earlier blog. Specifically, directors who often use corporate instead of personal email accounts for sensitive emails can lose the protection otherwise afforded by attorney-client privilege.

A more recent case decided by the Delaware Court of Chancery, In re Dell Technologies Inc. Class V Stockholders Litigation, demonstrates how an independent director might continue to use corporate email and maintain the privilege, while at the same time reinforcing certain lessons learned from In re WeWork Litigation.

In addition to explaining this latest case, this blog will provide steps that outside directors can take to help maximize the potential to protect attorney-client privilege, as well as some best practices when communicating sensitive information.

In re Dell Technologies Inc. Class V Stockholders Litigation

As part of a stockholder class action lawsuit against the controlling stockholders of Dell Technologies, Inc. (Dell), the Delaware Court of Chancery ruled that one of Dell’s outside directors did not have to produce certain documents after determining that the documents were protected by attorney-client privilege.

The outside director in this case was using an email platform belonging to Accenture, a company where he previously served as CEO and a board member. The director continued to use his Accenture email account in connection with his service on Dell’s board, as well as several other boards that he served on.

The question before the court was this: Did the outside director have a reasonable expectation of privacy regarding Dell-related communications, despite using his Accenture email account?

Similar to Chancellor Andre Bouchard in In re WeWork Litigation, Chancellor Travis Laster applied the test established in a prior, separate decision, In re Asia Global Crossing, Ltd. In applying the test, Chancellor Laster found that the Dell director’s emails subject to the plaintiff’s discovery request were protected by attorney-client privilege because the director had a reasonable expectation of privacy when using his Accenture email account.

In reviewing the four factors of the Asia Global test, it is notable that Chancellor Laster did not require that all four factors be present to find that the discovery request was protected by attorney-client privilege.

The four factors are as follows:

1. Does the corporation maintain a policy banning personal or other objectionable use?
2. Does the company monitor the use of the employee’s computer or email?
3. Do third parties have a right of access to the computer or emails?
4. Did the corporation notify the employee, or was the employee aware, of the use and monitoring policies?

In looking at the first factor, the court in Dell reviewed Accenture’s email policies and found the following:

Accenture’s policy acknowledged that personal use was permissible; that Accenture would respect personal use except in certain circumstances (see below); and that Accenture would need to engage, and would engage, in systemwide monitoring to protect the entity and the system.

“…if there is a reasonable suspicion that the communication is really not personal but is, in fact, business related; …if there’s a reasonable suspicion that there’s been a criminal offense…; if access is needed in connection with a company-related litigation or an internal or external investigation; … [and] inadvertent access during the company’s general monitoring activities...”

In looking at the second factor in the Asia Global test on monitoring employee email, the court found the following:

Accenture’s policy maintains the right, subject to all applicable laws, regulations, agreements, and local policies “to open items that are marked ‘private’ or 'personal’” in the circumstances noted above. The policy also indicated that Accenture would engage in widespread activities to verify compliance with the policy, including, among other things, monitoring some or all incoming and outgoing emails.

When looking at the third factor in the Asia Global test regarding third parties having a right of access to the computer or emails, the court found the following:

This factor is largely superfluous when dealing with a company-sponsored system. In addition, the court noted that there was a record of Accenture policies stating that the company’s devices and technology, including emails, may be monitored and inspected.

Looking at the fourth and final factor in the Asia Global test regarding the corporation notifying or making employees aware of the use and monitoring policies, the court found that:

The outside director acknowledged that he was generally aware of Accenture’s email policies, some of which were put in place while he was Accenture’s CEO.

The court in Dell noted that while the last three factors in the Asia Global test favored production, it viewed the first factor as the dominant factor in the analysis in determining that the director had a reasonable expectation of privacy. In distinguishing the case from In re WeWork Litigation, the court in Dell highlighted Accenture’s policy, which allowed for personal use; that the outside director’s use was purely personal; and the relationship between the director and Accenture’s email system, which it viewed as analogous to a service provider, like Google or AOL.

Takeaways

The Dell case is likely not the last one we will see to address the question of confidentiality and privilege when it comes to electronic communications. What follows are a few ways outside directors can help to ensure that they do not unintentionally waive the attorney-client privilege in the context of their sensitive emails, as well as some best practices when communicating sensitive information.

1. Be mindful of when emails are or are not sensitive and potentially related to litigation. Emails are privileged only if the communication is between a lawyer and client and for the purpose of obtaining legal advice. Dinner reservations and travel arrangements aren’t that. That is, directors should feel OK using their work email for those kinds of trivial communications.
2. If the communication relates to a concern about a potential or likely litigation event, think twice. Directors will want to be more cautious with information they would not want to produce to the other side as part of a discovery request. This is the time to take the effort to use a personal email account. Another option is to use a board portal.
3. Consider carefully what should be put in writing. For sensitive topics, board members are generally best served to avoid communicating via email. Live discussion lends itself to nuance, something that is critical in sensitive situations. Email inevitably lacks this nuance, and thus email chains run the risk of being misinterpreted after the fact.
4. It’s not just emails. The court’s assessment in In re WeWork Litigation could potentially extend to messages (e.g., texts or instant messages) sent/received on a third-party issued mobile device. For instance, if you use your company-issued mobile phone to text the general counsel at the company whose board you sit on, those texts may not be protected by the attorney-client privilege. In the case that you use a company-issued mobile device, whether a mobile phone or tablet, it's best to avoid texting or instant messaging in your capacity as an outside director on that device until you confirm what your company’s policy is regarding personal use.
5. Refrain from any sort of casual banter when involved in an email chain related to litigation or potential litigation. Emojis, GIFs, and memes that seem funny at the time will absolutely not be funny in a lawsuit.
6. Keep your future deposition in mind. Assume everything that you send or receive will be discoverable and that you may be deposed. This mindset should help to curb sending informal and/or unclear emails that may become problematic in the face of litigation months or years later.
7. When in doubt, switch to a personal email platform to avoid taking a risk that your emails will be subject to discovery and not protected by attorney-client privilege. If the company where you serve as outside director has not issued you an email for the purposes of carrying out your duties as a director, it's best to avoid using your own employer’s email account and instead use a personal email account, like Gmail or AOL.