Proposed email disclaimer law would create new problems rather than solve old ones, says expert

Out-Law Analysis | 09 Jan 2015 | 10:20 am | 6 min. read

FOCUS: A UK MP wants to cut down on the legal language contained as standard in business emails, but doing so would create headaches for UK companies.

Sir Alan Duncan has proposed new regulations which would ban UK limited companies, government departments and local authorities from including legal disclaimers in the body of their email communications.

UK businesses are under a legal obligation to include certain information in their email communications, and there are other good reasons for including legal disclaimers in emails. Sir Alan suggests that companies should include these notices in attachments and links, but this is an unsatisfactory compromise that leaves businesses exposed to legal risks.

There are changes to UK law that would be useful, but rather than his suggestion of hiding text away the change should require businesses to give some notices more prominence and to make sure they are shorter and written in plain English.

The perceived problem

Sir Alan believes that long, legalistic disclaimers are overkill and represent a triumph of the interests of bureaucracy over common sense and plain English. He has proposed new UK regulations which would "ban open text email disclaimers from the electronic communications of all UK government departments, agencies and councils and all UK limited companies".

His planned new Internet Communications (Regulation) Bill would be aimed at curbing the inclusion of legal disclaimers and confidentiality notices in messages. He said that at the very least they should be contained within links within, or attachments to, emails and "not in open format".

In a statement in the House of Commons, Sir Alan said email disclaimers represent "the very worst of sluggish, bureaucratic verbiage".

"The written envelope does not need a legal warning on the outside, and neither does an email," Sir Alan said. "What causes the greatest frustration, however, is their interminable length, and on a BlackBerry, for instance, the inability to delete them."

Sir Alan questioned whether the notices are legally binding.

"The email itself is not the end," Sir Alan said. "It is often not even the beginning of the end – merely the end of the beginning. What follows is a disclaimer, of varying lengths and comprehensibility, informing us that the email we have just received is intended for a specific recipient, that it may contain confidential information, and that it must not be used, disclosed, stored or copied. Should we find that we are not the intended recipient, we are instructed to destroy the email – to erase it both from existence and from our memory – and to make immediate contact with the sender to alert them to the mistake."

"Frankly, disclaimers are not worth the paper they are unnecessarily printed on. They attempt unilaterally to create a contract between the sender and the recipient, without asking for the consent of the recipient. They aim to scare the unintended and unaware recipient of a misplaced email into doing what is asked of them, despite there being no obligation to do so. Even if there is a legal obligation not to divulge something confidential, why bother to say so at length when it is already covered by our law and does not need repeating?" he said.

Sir Alan said email disclaimers "are way out of date" and "a hangover from the early days of the internet which have long since been overtaken"

"It is high time, therefore, that we put a stop to these meaningless missives that clog up our inboxes, deplete our printer cartridges of precious ink and cut down forests’ worth of paper," he said. "The footer and the header can survive, but let us now condemn the needless disclaimer to the dustbin of internet history."

The Bill will be next be considered by MPs in March, but would need government support to have a chance of becoming law.

Why are legal notices sent with emails?

All UK businesses apart from sole traders or standard partnerships have to include certain information in business communications. That means that the rules apply to privately owned companies, public limited companies (PLC) and limited liability partnerships (LLP),

The Companies Act and Companies (Trading Disclosures) Regulations say that businesses must give their registered name and number, place of registration and registered office address in all forms of correspondence and documentation. The information must also be accessible via the company's websites under the UK's E-commerce Regulations.

The information cannot be published via a link contained in an email or within an attachment. The UK rules require the information to be displayed "in characters that can be read with the naked eye".

Companies also often include disclaimers that, for example, seek to limit their liability for any action taken by others based on inaccurate information in those emails.

Businesses also often include confidentiality notices within the body of emails. This is to put recipients on notice that information contained in the email is confidential and should not be disclosed to others.

What is wrong with including this information in links or attachments to emails?

For the mandatory company information there is no reason why, with a change to the law, this information could not be disclosed in email attachments or via links at the bottom of those communications. There is an argument that shortening the length of the communications would help cut printing costs and have a knock-on environmental benefit.

However, there are good reasons why businesses should be wary of plans to make confidentiality notices more discreet. Confidentiality notices help make it clear to recipients of communications that the information contained within is confidential. It seeks to create a contractual obligation of confidentiality.

So if a business shares confidential information with another company via email, makes it clear that the information is confidential via a notice within that email and then finds that the company has disclosed it to others without their permission, that notice makes it easier to demonstrate to a court that a contractual breach has occurred. Courts can still ignore these notices, though.

The absence of confidentiality notices in email correspondence does not necessarily mean that the information contained in those emails is not confidential. It is just more difficult for businesses to show that recipients of that information who go on to disclose it to others are in breach of their obligations of confidence. Clearly, given the scalability of email, an organisation's confidential information could be spread more rapidly and disseminated more widely (whether deliberately or inadvertently) than confidentiality information contained in a hard copy letter.

In the UK, under common law, a breach of confidence is a civil offence. The misuse of confidential information by a business can lead to them being forced to pay damages.

However, to enforce such a claim, businesses must prove their information has the "necessary quality of confidence about it" and that the recipient was placed under an obligation of confidence when the information was shared with them. The confider must also show that there has been "unauthorised use or disclosure" by the recipient taken into their confidence and that this led to their detriment.

In addition, the common law of confidence protects those that engage in the unauthorised use or disclosure of confidential information where they acted in the public interest, or under a legal obligation, such as a court order.

More prominence, not less

Rather than banishing confidentiality notices from the body of emails, any change to existing UK rules on email disclosures should focus on improving the prominence and clarity of those notices.

It is common sense for businesses to include these notices above the main content in their email, but many organisations still include these messages in email footers, where they are less visible and more likely to be missed or ignored.

The Data Protection Act demands a level of transparency by organisations with individuals about their personal data processing activities, including the disclosure of who the 'data controller' is, the purposes for which the data is to be processed, and any other information about the data processing circumstances that is "necessary" to ensure the processing is fair.  A large part of achieving transparency is ensuring that such information is presented in a clear and prominent way.

Setting a requirement for confidentiality notices to be prominently displayed in a succinct way using plain English would be in line with these existing rules, and help raise awareness of confidentiality issues before legal disputes arise.

Sir Alan has identified a real problem but perhaps not the correct solution since his proposals would present as many new problems for business as it would solve.

Kathryn Wynn is an information law and technology specialist at Pinsent Masons, the law firm behind Out-Law