Episode 82 of the Case of the Week brings another decision from the saga of Twitter v. Musk. In this episode, we’ll discuss whether Elon Musk waived the ability to assert attorney-client privilege over emails sent from corporate accounts used for personal communications regarding the Twitter transaction.
If you missed the previous episode that kicked off this series of Case of the Week focused on the social media platform and the innovator, you can catch up here before continuing to this episode.
Keep reading or watch the video to understand the eDiscovery issues.
Good morning, and welcome to Episode 82 of our Case of the Week series, published in partnership with ACEDS. My name is Kelly Twigger. I am the founder and CEO at eDiscovery Assistant and the principal at ESI Attorneys. Thanks so much for joining me today.
All right. Let’s jump into this week’s decision, another one from the high-profile case—in the Delaware Chancery Court—of Twitter vs. Elon Musk.
All right. As I mentioned, this decision that we’re discussing this week comes from the Twitter versus Musk controversy. This one is from September 13th, 2022, again from Chancellor Kathaleen McCormick. These decisions are flying so fast and furiously that next week we’ll cover another decision that just came out this past Friday.
This decision from Chancellor McCormick highlights the need to consider executives and their potential to escape the language of policies that apply to all other employees. This is going to be crucial as we go through the facts of the case and discuss what the ripple effect of this case is going to be.
In this instance, Twitter moved to compel the production of personal email messages sent or received by Elon Musk on his SpaceX and Tesla email accounts that were related to the Twitter transaction.
As always, we add issue tags to our decisions in the eDiscovery Assistant database. Issue tags for this case include attorney-client privilege, privacy, and failure to produce.
Let’s talk a little bit more about the facts of this case. As you know, from other decisions on the Case of the Week, this decision is part of litigation brought by Twitter to enforce Elon Musk’s agreement to buy Twitter and to take it private. The case is on a fast track, with the trial to begin in just under a month, not just over a month.
In this particular decision, at issue is the fact that Musk used his work email accounts at SpaceX and Twitter to communicate personally regarding the Twitter acquisition. Those emails regarding the Twitter acquisition are considered personal emails between Elon Musk and his attorneys that are the subject of this motion.
Both companies, Tesla and SpaceX, have policies that advise their users that they have no expectation of privacy in their work emails. Both policies also permit monitoring of employee email accounts, meaning that the companies can access those email accounts in the case the need arises for them to be a part of what’s going on in that employee’s email.
Twitter moved to compel the production of messages from Musk’s SpaceX and Twitter accounts. This is not a standard attorney-client privilege argument — the argument here is whether or not Musk has a reasonable expectation of privacy in his SpaceX and Tesla email accounts, and whether or not those emails are confidential under Delaware Rule of Evidence 502 because they are on the company servers.
Musk argues, essentially, that the policies of the company, which say, in fact, that there is no reasonable expectation of privacy, do not apply to him. In support of that argument, Musk provided affidavits from IT, security, legal, and himself that state that his emails contain highly sensitive information, particularly with regard to SpaceX, and that sensitivity is recognized by his security team and leadership and that no one has accessed his email at either company.
Now, reading between the lines here, it is in both SpaceX and Tesla’s best interests if their email systems cannot be accessed to produce data for this litigation. Security, IT, and legal all come together from both entities to state specifically that “the policies allowing access to employee accounts are limited and are done only in the event of an investigation or to comply with legal obligations.” You mean like requests for production in a $444 billion case?
So what’s the Court’s analysis here? The Court first looks at Delaware Rule of Evidence 502. In order to be eligible for the protections of the attorney-client privilege under that rule, a communication must be confidential. That’s the sole analysis here—whether these communications in the SpaceX and Tesla accounts are confidential under Rule 502.
The language of that rule provides that “a client has a privilege to refuse to disclose and to prevent any other person from disclosing confidential communications made for the purpose of facilitating the rendition of professional legal services to the client.” A communication is “confidential”, according, to the Court, “if not intended to be disclosed to third persons other than those to whom disclosure is made in furtherance of the rendition of professional legal services to the client or those reasonably necessary for the transmission of the communication.”
So — “is not intended to be disclosed to third persons” — that’s the big issue in terms of the language here. The question is whether the policies at Tesla and SpaceX that allow access to those email accounts essentially nullify that disclosure to a third party.
According to the Court, confidentiality for Rule 502 has subjective and objective aspects. A party’s subjective expectation of confidentiality must be objectively determined and reasonable under the circumstances. Whether a party had an objectively reasonable expectation of privacy is decided on a case-by-case basis, and it’s not an analysis that lends itself to bright line rules.
Now, as always, the party asserting the privilege has the burden to prove it. There are factors that the Court looks to determine whether a user has a reasonable expectation of privacy over personal communications in their work emails. Those include primarily whether company policies or historical practices made it reasonable for employees to expect privacy in their company sponsored emails. The Court then looks to determine, whether an employee has a reasonable expectation of privacy in its work emails, and it does so by looking at four factors analyzed in the In re Asia Global case from the Southern District of New York. Those factors are as follows:
- Whether the corporation maintains a policy banning personal or other objectionable use
- Whether the company monitors the use of the employee’s computer or email
- Whether third parties have a right of access to the computer or emails
- Did the corporation notify the employee or was the employee aware of the use and monitoring policies
The Court then goes on to do an analysis of each of those four factors. And while they seem pretty clear on their face, we’re going to find that with respect to Elon Musk, they’re a little bit different.
Now, on factor one, do both companies have policies? Yes, the Court finds that the SpaceX policy does not impose a ban on personal use, but does advise that users have no expectation of privacy or confidentiality when using a SpaceX email, and reserves the right to review all communications sent on the SpaceX network. The Tesla policies discourage users from using Tesla communications for communicating about their personal lives and warn the users that they have no expectation of privacy and communications made on any Tesla-owned systems. Neither company bans personal use of company emails, but both reserved the right to monitor emails.
The Court notes that the Chancery court has held that comparable policies like the Tesla and SpaceX policies weigh in favor of production. Here, however, the Court finds that there are mitigating circumstances here that weigh against production.
First, both companies have policies limiting the grounds for monitoring employee emails. So while both companies can access employee emails, it’s only after securing the approval of legal and the human resources departments and only where necessary to investigate an issue or conduct business (i.e., after the employee has left the company).
These policies suggest, according to the Court, that you can expect privacy in your communications unless you are acting contrary to company guidelines. Now, where that line is drawn and how you make that determination at some point is pretty vague.
The Court also notes that these policies suggest that an employee might expect privacy over personal communications unless that employee is acting contrary to company guidelines. And because those guidelines don’t ban personal use, an employee might reasonably surmise that the companies would not review their personal communications when they are otherwise compliant with company policies.
Next, Musk argues that the policies at SpaceX and Tesla do not apply to him. He argues that both companies adopted Musk’s specific rules and provided affidavits to that effect from himself, IT, and legal that state that Musk had unrestricted use of his email accounts and that no one could access those accounts without his consent.
Those affidavits are the only evidence before the Court reflecting that “rule”. And the Court looks at those facts and Musk’s status at the company as sufficient evidence that no one would access the email without his approval. And in considering both of those mitigating factors, it says that factor one weighs against the production of emails from Tesla and SpaceX accounts for Elon Musk.
The second factor, essentially the Court looks at here, factor two, which is whether the company monitors the use of the employee’s computer and emails. And the Court says that neither of the companies actually monitored accessed or reviewed Musk’s email. And so that factor weighed against production.
It begs the question, if that’s the standard, why would a company regularly ask or go into an employee’s email? This is a situation where you’ve got a policy, but the Court is finding so many ways to get around that policy that the question becomes how does an organization draft a policy that allows them to go in and claim this information when needed?
All right. Factor three, according to the Court, doesn’t apply here. The Court notes that Musk clearly had a right to access the computer or email at issue. So that factor weighs against production.
On the fourth factor, the Court held that Musk clearly had knowledge of the policies of both companies, but the Court finds that, “because the policies and practices on balance favor Musk’s position, his knowledge of those policies too, weighs in his favor.” And the Court finds that factor weighs against production.
As a result, all of the factors essentially weighed against production here. And the Court denies Twitter’s motion to compel the information from the SpaceX and Tesla accounts.
What are our takeaways from this case? Well, I mentioned this at the outset, I think this decision has some significant implications for discovering the communications of executives, board members, and anyone that can argue they are outside the bounds of the policies that would be applied to an employee using a company platform for personal communications.
The Court’s analysis here suggests that if I were an employee at Tesla or SpaceX and used my work email to communicate with my attorney, I would be subject to those policies, but Musk is not. Or maybe the Court would look at whether or not the entities had actually accessed my email and consider that because they hadn’t, that weighed against me having to produce personal communications from my work account. I have my doubts.
There are essentially no other written policies here that Musk is able to put forward suggesting that there are Musk specific rules that apply to him, but the Court acknowledges that and issues this quote that I think is important to consider because it really acknowledges that the Court says there are going to be skeptics like me of its decision today. The Court says:
[A] cynic might doubt that Musk specific policies exist at SpaceX and Tesla. Defendant’s factual arguments to that effect rely solely on the affidavits of Musk, who has a lot at stake in this litigation, and three of his direct reports, and none of the affidavits are supported by any corporate records reflecting the Musk specific rules. Still, to this jurist, the evidence rings true.
The Court has little doubt that neither SpaceX nor Tesla view him as on par with other employees, that he has the power to direct operational decisions, and that nobody at either company would access his information without first obtaining his approval. One can debate whether this corporate reality makes for good corporate hygiene, but it is difficult to discredit the recitation of the facts.
That analysis by the Court, that particular statement, does not include the sensitivity of the information that Musk argued with respect to his SpaceX accounts, and it really frames Musk as any other corporate CEO in America. And so I think that this decision has some problems in that it doesn’t distinguish anything about Musk from any other corporate CEO. And although this is a state court decision under a Delaware Rule of Evidence, so it has limited applicability, as the country’s premier business court this case could have an enormous ripple effect.
That’s our Case of the Week for this week. Thanks so much for joining me. We’ll be back again next week with another decision from our eDiscovery Assistant database.
If you’re interested in doing a free trial of our case law and resource database, sign up to get started.
Thanks. Have a great rest of the week, and I’ll see you on our next episode.