This Post is Privileged and Confidential

But you started reading it anyway.

We’re all so inundated with disclaimers and license agreements at every turn that we barely flinch anymore when we see the words privileged and confidential — or worse, long paragraphs in small fonts portending doom for the unwitting recipient of a misdirected email or the surfer of a law firm website. Disclaimers seem to have spread like a consensual virus — a lawyer sees another lawyer using a disclaimer, figures it must be a good idea, and includes it in his own materials.

Website Disclaimers

Website disclaimers are fairly inoffensive. These disclaimers generally warn visitors that the information on the website is not meant to provide legal advice about the visitor’s individual legal problem and caution the visitor not to disclose confidential information in an email or contact form sent to the law firm until the firm has agreed to enter into an attorney-client relationship. Lawyers are concerned, of course, that an opposing or related party to one of the firm’s existing clients might provide confidential information that would conflict the lawyer out of its already existing representation.

There do not appear to be any reported cases that have disqualified a law firm from representing a client because the firm received unsolicited confidential information from a non-client. The Virginia State Bar Committee on Legal Ethics did issue an opinion that compared websites to advertisements in the Yellow Pages. Just as a prospective client who obtains a lawyer’s phone number from a Yellow Pages ad should have no expectation of confidentiality when leaving a voicemail message for a lawyer, the Virginia Bar reasoned that there ordinarily should be no expectation of confidentiality in an email message sent from a website. The opinion recommends, but does not require, that Virginia lawyers include such a disclaimer on their websites and cautions that lawyers may create a duty of confidentiality through sites that offer  a “free evaluation” of a prospective client’s case and invite web visitors to provide the lawyer with information about their situations.

Website disclaimers are designed to address the exact same situation repeatedly: stranger v. law firm. No disclosure of an existing client’s confidential information is involved, and whether the stranger reads the disclaimer or heeds its warning is of no consequence to the law firm, which has discharged its duty to itself (protect against claims of reliance on alleged legal advice) and to its existing clients (prevent being disqualified from existing representations).

Email disclaimers, however, are a different and dangerous breed.

Email Disclaimers

They probably have their roots in that antiquated technology: the facsimile transmission (which our ancestors colloquially referred to as a fax).  Right after the first lawyer sent a fax to opposing counsel when it was meant for the client‘s eyes only, that lawyer starting putting a disclaimer on the fax cover sheet. That way, the next time it happened the blame for the mistake could be shifted from the lawyer to the accidental recipient, who had no business reading that fax in the first place. When lawyers started using email, it must have seemed only logical to try to remedy the predictable calamity of the future misdirected email with a warning to those who receive messages that were not intended for them.

Now, probably 80% or more of the emails I receive from lawyers contain some form of disclaimer. Nearly all appear after the signature block; in longer messages they don’t even appear on the screen until I scroll down further. Some simply declare that the email is “privileged and confidential;” most suggest that the email “may” be privileged and confidential (how I should determine whether it is or not is not explained), and either ask or demand that I notify the sender, and destroy the email and any paper copies I may have printed.

There are several problems with these disclaimers, aside from cluttering up email threads. For one, attorney-client privilege and confidentiality are not the same thing.  Without digressing too much, suffice it to say that while all attorney-client privileged communications are confidential, only a small portion of the client information lawyers are required to treat as confidential is also privileged. Another incongruity is that an email intentionally sent from a lawyer to almost anyone except a client will not be confidential or privileged at all (setting aside agents or experts the lawyer may be contacting on the client’s behalf or negotiations subject to a confidentiality agreement or rule).  So for the vast majority of emails that lawyers send — to colleagues, to witnesses, to vendors, to friends, to listservs, etc. — the disclaimer is meaningless.

Undermining Disclaimers Through Overuse

Which brings us to the real problem with these disclaimers. By overusing them, lawyers may be undermining the effectiveness of disclaimers in protecting the confidential or privileged nature of the information in the email in the (hopefully) rare event that an email is misdirected (or inadvertently produced in discovery).

In Scott v. Beth Israel Medical Center Inc., 847 N.Y.S.2d 436, 444 (2007), the court refused to find that a series of emails were privileged just because they contained a disclaimer that was found in every email sent by the plaintiff. Moreover, by overusing disclaimers and privilege warnings, lawyers are training the world to ignore them — which is precisely what we don’t want people to do.

Using Disclaimers Appropriately

Appropriately used, disclaimers may allow lawyers to rescue misdirected emails that were sent to other parties and preserve the client’s confidentiality, particularly in close cases in which the confidential or privileged nature of the email is not clearly apparent on the face of the email.  Those disclaimers should be sparingly used, appear at the beginning rather than the end of the email,  and state that information in the email is confidential or privileged only when it really is. That way, unintended recipients might really sit up and take notice when they see privileged and confidential declared in an email.

This was originally published on November 17, 2008. It was (lightly) revised and re-published on February 21, 2014.

Featured image: “confidentiality” from Shutterstock.


  1. Great advice. When I first started as an attorney, I did exactly what you wrote about: I saw how every other attorney was doing it and I just figured, “Well, now I need to add a disclaimer to the bottom of my emails” and added it to the automatically-generated signature.

    I do remember thinking it was odd that the disclaimer always appeared below whatever it was that was not meant to be read.

    Now I realize that I probably need to REMOVE the disclaimer from the auto-generated email and, as you advise, only add it to the top of selected emails.

    Thanks for reminding us of these “little things” that we do without thinking.

  2. I find it’s kind of a pain to have to remember to delete each time because the volume of my non-privileged emails far exceeds the ones that need protection. Most e-mail programs will allow the creation multiple signature blocks, which can be used for different purposes. But I just use a shortcut [/AC] to run ATTORNEY-CLIENT PRIVILEGED COMMUNICATION at the top of my client e-mails. It takes a little while to get into the habit of remembering to insert it, but eventually it just becomes part of the routine of composing the e-mail.

  3. Great article and very well written. I have been practicing law for 16 years now and have really began to taking a desire to learning more about our tech driven industry. I am having a hard time still putting down the pen and paper instead of my laptop. Thanks for educating me on this topic is was very informative.

  4. Avatar Michael says:

    This is a cousin to the debate between various people who feel good or bad about whether a lawyer should look at (and use) metadata that another party unintentionally includes with a document in a transactional setting. The classic is a document that still contains the WinWord redlines showing prior drafts of the ‘final’ document that was just sent over, but metadata can be used for much more subtle purposes as well. The idea that we can see an email from another party, and somehow erase it from our mind (let alone computers — much harder :), is nearly as ridiculous IMHO as the idea that if the redlines pop up on my screen after you stupidly send them to me that I should now be barred from looking at them. Know how to use your computer, or suffer the consequences.

    (Different perspective in an ediscovery document delivery obviously.)

  5. Avatar L Stewart says:

    Thanks for the information. As a lawyer with a faily new practice, I need to keep such considerations in mind when I send confidential communications.

  6. Avatar Ion-Christopher DiMeglio says:

    I give it an “A” for data-experience, but a “C” for value. First, it seems shy a paragraph or two on possible usage scenarios & patterns. For example if I am sending confidential disclosures to a principal that is likely to be opened by staff… the statement – now used sparingly and at the top – what about “PERSONAL AND CONFIDENTIAL” on the message header – basically the equivalent to an envelope? Diving further into this morass – at least with paper the staff has to break a some sort of a seal. With email there is the possibility of encryption and a password conveyed by phone or a separate text even – anything seems smarter than shipping off an email blindly of actual confidential data. D’you think?

  7. Avatar JRo says:

    I chalk this up to being one of those things that attorneys just “do”, like golfing or being a douche. We do it because other attorneys do it, and thus if we are attorneys, we should do it to. Post hoc ergo propter hoc.
    With that being said, I’ve used a disclaimer in my emails since my practice started over six years ago. And, not surprisingly, not once in that time have I inadvertently sent a communication to someone I didn’t intend, nor have I had someone notify me that they received an errant communication from me. So why do I still use it? Probably for the same reason I use a fountain pen and wear Brooks Brothers – they feel natural, and everyone else I know does too…

  8. Avatar whirl3d says:

    For all secure/confidential/private client correspondence, the best solution I have found is to send an email that simply contains a disclaimer and a link. The disclaimer explains that the content requires a user name and password to unlock the message. This ensures that your email goes through right away (no ridiculous attachments), that your email is formatted correctly (nothing special to worry about), and that it works on every device. With a competent IT guy, you can ensure safe and private communication with clients.The actual message and related attachments can be securely stored somewhere that requires their (possibly) cached username and password.

    I wish this article had discussed what a disclaimer looks like, how it is written, what is reasonable and not reasonable. It would be good to see a discussion of how foolish it is to think that you can bind a stranger to some agreement simply by reading a line of text in an email they received. Disclaimers that threaten action if the reader doesn’t do what you want…what a joke.

    But a statement that limits liability for mishandled e-mail should be included with every message regardless of whether it is attorney-client communication. The disclaimer can go at the bottom of the message and basically lets the user know that any information or advice contained in it are inappropriate for their use and does not subject the sender or intended receiver to any liability.

    Most importantly, however, a good email signature can be a marketing piece that contains your social media contacts, address, phone number, etc. Why miss out on this opportunity?

Leave a Reply