Privilege, privacy and confidentiality; unlike confidentiality, reasonable expectation of privacy is not a precursor to privilege

February 08, 2023

The Commercial Court in Jinxin Inc v Aser Media Pte Ltd and others & Others has ruled that an employer’s right to monitor and access private information of an employee held on its systems does not extend to a loss of confidentiality in those documents, and therefore a loss of privilege, as against the employer.

Mr Simon Salzedo KC, sitting as Deputy High Court Judge, held that:

  • Privacy and confidentiality are separate legal constructs that are not to be equated with one another.
  • In deciding whether documents are privileged, it is more helpful to consider whether the test for confidentiality has been met directly, rather than to start with an assessment of whether there is a reasonable expectation of privacy and to move to confidentiality.

Facts

MPS was a holding company of group companies in the business of selling rights for worldwide sports events.

Jinxin, the claimant, had purchased 65% of shares under a share purchase agreement (SPA) in MPS from vendors, which included some of the defendants.
MPS and its subsidiaries subsequently entered insolvency proceedings.

Jinxin claimed that it had been induced to enter the SPA by fraudulent misrepresentations and sought rescission of the SPA and to recover monies paid for the shares.

Jinxin took steps to collect data from MPS’ systems, which included email inboxes and documents used by some of the defendants as company officers of MPS, in order to investigate the causes of MPS’ financial difficulties. In order to reduce the risk of Jinxin’s legal team reviewing privileged documents, Jinxin set up a separate legal team to review the documents, and those documents in which the defendants might claim privilege were quarantined and not reviewed by Jinxin.

The defendants complained that the steps taken were not sufficient to protect the potentially privileged documents in the data set that Jinxin had collected.

Jinxin sought a declaration from the Court that the defendants did not have a reasonable expectation of privacy in the documents and that, as a reasonable expectation of privacy was a touchstone of confidentiality (as was accepted in Simpkin v The Berkeley Group Holdings plc), the documents could not be confidential; and, it followed, as confidentiality was a prerequisite to privilege, the documents were therefore not privileged.

Decision

The Commercial Court refused to grant the declaration sought by Jinxin.

The Judge ruled that it was mistaken to describe a reasonable expectation of privacy as being a touchstone for confidentiality. Mr Simon Salzedo KC noted that, although the tests for confidentiality and privacy are similar as they require an objective assessment (for misuse of private information: is there a reasonable expectation of privacy?; and for breach of confidence: was the information imparted in circumstances importing an obligation of confidence?), they are different causes of action which rest on different legal foundations and protect different legal interests. They should therefore not be equated.

Instead, it is more helpful to consider the test for confidentiality as set out in Coco v AN Clark (Engineers) Ltd directly, rather than to start from a reasonable expectation of privacy and move to confidentiality.

Mr Simon Salzedo KC noted that the question of whether information was confidential or not was not a binary answer (as for the assessment for misuse of private information), but would depend on the information, persons and uses of it i.e. a full assessment of the facts of the individual circumstances was necessary.

On the facts of this case, the Judge rejected the argument that the information was not confidential vis a vis MPS by reason of the information having been stored on MPS’ systems and that it therefore could not be privileged. In his judgment, Mr Simon Salzedo KC explained that a company does not have freedom to use information that is stored on its systems as it chooses simply because it is stored on its systems and it has a right to access it. He continued that such circumstances import an obligation on the company not to misuse the information. While a company’s ability to access the information might narrow the scope of what counts as misuse, it does not negate the idea of confidentiality (and therefore impact on the question of whether privilege attaches to the documents in question).

Observations

The case includes a helpful review of case law relating to privacy and confidentiality, in cases where privilege is claimed.

The judgment is clear that those who legitimately come into possession of information, have access to it, and/or rights to monitor it have limited rights, and that the information may still be confidential vis a vis them. Further, legal privilege is a substantive right that cannot easily be overridden, including for the purpose of using it against the party claiming privilege.

Separately (and it appears in further recognition and protection of the rights of employees vis a vis their employers), the High Court has, in the recent case of FKJ v RVT and Others, rejected an application for strike out of a claim brought by a former employee (FKJ) against her former employer (RVT) and managing partner for misuse of private information in connection with obtaining (allegedly) private WhatsApp messages. In his ruling (but without making a decision on the facts), Master Davison was clear that he thought the idea that no real or substantial wrong had occurred was ‘unrealistic’. Among other things, Master Davison noted that no authority had been cited or explanation given by RVT to support the position that WhatsApp messages downloaded to a work laptop had lost their private character.

It follows from these recent judgments that employers who have access to information belonging to their employees in the usual course of business must tread very carefully when dealing with that information.