Skip to content

Are non-work related emails sent by employees private and / or confidential?

Insight

You would have thought that non-work related communications sent by employees over workplace systems would be private and / or confidential. However, in the recent decision in Brake -v- Guy, the Court of Appeal said “no”. To understand why the Court of Appeal reached this conclusion, the background to the case is very important, as is an appreciation of the consequences if the ruling had gone the other way. However, this is a decision which is helpful to employers and important to keep in mind whenever dealing with employee information rights.

Background

The position established at the trial was that the ex-employee, Nihal Brake (“NB”), had been employed by one of the defendants. The trial judge found that the email domain used to send the messages at the heart of the dispute was owned by the employer, rejecting an argument by NB that they owned the account. On appeal, NB switched their argument to largely focus instead on the emails being private and confidential, even if sent from a workplace system.

Decision

It seemed reasonable for NB to argue that when using a workplace system they would have rights of privacy and confidentiality against their ex-employer in non-work communications.

The Court of Appeal disagreed with NB, deciding that there was no reasonable expectation of privacy on the part of NB when they used the workplace system nor, for similar reasons, an obligation of confidence imposed on the ex-employer. The reasons for this can be summarised as follows.

The email account in question (a “general enquiries account”) had been found by the trial judge to be owned by NB’s employers, and not by NB, and the access passwords were ultimately controlled by the employers. It had been used by NB and others in the employers’ business, but also by NB for non-work communications. It was the main email account for the business. And when the disputes arose, and the employer accessed the email account to investigate, they had done so in a reasonable and proportionate manner. These findings could not be challenged on appeal.

In addition, the Court of Appeal explained that NB had not taken the opportunity to take the trial judge to the non-work emails to demonstrate that they were private and it isn’t sufficient to simply say that if they are non-work related then they must be private by reference to generalised descriptions. The Court of Appeal also said the fact that the email account was owned by the employer was an important, but not a decisive factor, as was the fact that the passwords were ultimately controlled by the employer. The Court of Appeal thought it significant that no attempt was made by NB to designate communications as private or confidential when they were sent or store them separately in the system, noting that there were other email accounts on the system that were used by NB and others to send personal communications. This indicated that there might be a reasonable expectation of privacy and confidentiality regarding those other accounts, in contrast to the general enquiries account.

In those circumstances the Court of Appeal upheld the Judge’s findings that there was no reasonable expectation of privacy or confidentiality in the communications in question and the Brake’s appeal failed

Implications

Employers shouldn’t take this case as a green light to do what they like with personal communications sent by employees over workplace systems. First, to establish what rights each party has requires a focus on the background facts, eg has any reasonable expectation of privacy been created or other indication been given that the communications might be confidential, or are the employers policies, processes and the structuring of its systems clear that this is not the case?

Second, it also depends on what the employer is doing with the communications. It is one thing to have them stored on their systems, but quite another, for example, to review them looking for information with no justification. And of course, the employer has to be careful about data protection requirements as well (eg obligations of security and retaining information for only so long as necessary) as the communications will inevitably contain personal data of the employees and others.

It cannot be ignored that the Court of Appeal seems to have had in mind the wider implications if it had reached a decision that the defendants had misused NB’s private information or acted in breach of confidence. It would have placed a very onerous burden on employers to have regard to those rights, particularly after employment ends and trawl through general business email accounts assessing and removing and / or providing on demand to the ex-employee anything which is not work related. This decision is very useful for any employer faced with such a claim.

If you require further information about anything covered in this briefing, please contact Ian De Freitas or your usual contact at the firm on +44 (0)20 3375 7000.

This publication is a general summary of the law. It should not replace legal advice tailored to your specific circumstances.

© Farrer & Co LLP, April 2022

Want to know more?

Contact us

About the authors

Ian De Freitas lawyer photo

Ian De Freitas

Partner

Ian has over thirty years' experience as a commercial litigator. He specialises in disputes involving data, technology and intellectual property. Ian leads the firm’s Data, IP and Technology Disputes team. 

Ian has over thirty years' experience as a commercial litigator. He specialises in disputes involving data, technology and intellectual property. Ian leads the firm’s Data, IP and Technology Disputes team. 

Email Ian +44 (0)20 3375 7471

More by the authors

Further reading

Related sectors & services

Continue to next section
Back to top