The Importance of Email Disclaimers

CSO’s web site has a blog posting about an alleged accidental data leakage via a misdirected email from a lawyer to a news reporter. Nothing exceptional about that. It’s the sort of cock-up that happens from time to time. But what’s particularly interesting about this story is that the journalist didn’t report the content of the email.

Now there can be many reasons why reporters hold back information. The content might not be interesting enough. It might be counterproductive to compromise a potential useful source. But it might also be because the email disclaimer did its job. That last thought got me thinking about the value of email disclaimers.

The blog posting contains some useful comments from a lawyer. But the situation is never clear cut. And the legal position can vary from country to country. I’m not a legal expert but my understanding is that under English law a recipient of a communication is obliged not to disclose the content of an expressly marked confidential communication. (It would be interesting to some expert thoughts on this.)

With all the current concern about data leakage, it clearly makes sense to ensure that email disclaimers and corporate policies for business communications are as good as you can get them. They might be your last line of defence.

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

I wonder how valid such a disclaimer is if it is routinely applied to every email leaving the building. As a journalist I'm used to getting press releases by email which sign off with an auto-generated threat of dire consequences if I reveal a single word. Presumably the organisations involved aren't really hoping I'll keep their product launches, industry recognition and other great achievements to myself. In which case, how do I tell when they really mean it?
Dear sir Email encryption is a sure way to combat fraud rather than some holier-than-thou disclaimer footnote. But awareness of this simple mechanism is woefully lacking in the mainstream.
I agree that users who should really be relying on encryption for protection of contents and for privacy, should not even be wasting the bytes in tacking an email disclaimer onto the end of every email. You might as well wave garlic over your computer. However, as an attorney, there are reasons for these disclaimers that go beyond security. Disclaimers are routinely used to put recipients on notice: to flag correspondence which might be subject to a privilege, and to mark communications as containing proprietary data. Many companies are in joint venture agreements or merger talks and they are disclosing vast amounts of information to each other that one owns and the other wants. They could even be competitors. Failure to mark the information, even in this extremely low-level no-brainer way, could exempt the information from the agreement's coverage against nondisclosure and nonuse. And then there's the other 95% of email disclaimers. I wrote an article about legal issues with these email disclaimers a year ago and it's amazing to me how the issue continues to grow and expand, like a hot air balloon. People clearly love them and hate them; my Fortune 500 clients are always using them and asking me about them. ( I'm thinking about establishing an annual Obnoxious Email Disclaimer Of The Year award. Carol Shepherd, Attorney Arborlaw PLC
Apart from the legalities associated with these, the question which I'm most frequently being presented with (because of my technical capacity within the roles I've worked on) relates to how easily these can be implemented and managed. I've recently started using Exclaimer to centralise our email disclaimers and so far I have been really impressed with this tool - I highly recommend it.