When sending emails, it is best to assume that there is no such thing as “private” email—even if you work for the Central Intelligence Agency (CIA). Just ask former CIA Director General David Petraeus. Or executives at Apple Inc., which won a huge patent verdict against Samsung Electronics Co. Ltd., in large part because of Samsung executives’ internal emails that contained troublesome admissions. It was a costly lesson for Samsung, and it underscores the importance of educating employees about the risks of including sensitive information in emails.

In the Apple v. Samsung smartphone litigation, Apple proved that Samsung had infringed its patents by copying the iPad and iPhone. In post-trial interviews, members of the jury stated that the internal Samsung employee emails were the “most damning.” The emails at issue had been sent by Samsung executives to other Samsung executives, and they discussed which features from the Apple devices Samsung should incorporate in its devices. The emails also discussed the fact that Google Inc. viewed Samsung’s designs as too similar to Apple’s devices, and that changes needed to be made to them.

The dilemma, of course, is that email plays an essential role in today’s business environment. In many respects, email has taken the place of in-person meetings and phone calls as the primary means of conveying information. As a result, there are now digital records or transcripts of communications that, prior to the onset of the digital age, would have been memorialized only in handwritten notes or only in the participants’ memories. 

Given the focus on emails (and e-discovery generally) in litigation today, it is important to implement appropriate policies and procedures to educate employees to avoid providing competitors with ammunition. At a minimum, companies should implement an email destruction policy that deletes all emails periodically. Emails should be retained for the shortest period possible. Emails on the company’s local servers, backup servers and backup tapes should also be deleted periodically. However, it is important that this policy be suspended for custodians that have emails relevant to pending, anticipated or threatened litigation. 

Second, a company should advise its employees of the company’s policies regarding email usage and provide regular employee training on the appropriate use of email correspondence. Employees should be aware of the firm’s deletion policy and, more importantly, of its suspension during pending litigation (a litigation hold). Employees should be warned to not delete emails during a litigation hold. Evidence of the deletion of the email will likely show up during discovery, and it will raise a red flag to the company’s adversary, and may lead to a claim of spoliation of evidence. In addition, employees should be aware that even though an email has been deleted from the company’s servers, it may still exist on the servers of the addressees of the email.

Companies should advise employees to assume that all of their emails will be read by someone other than the addressee(s). During litigation, the email may be read by other employees, attorneys, a jury and/or a competitor. Employees should be advised to consider prior to drafting the email whether the subject of the email correspondence would be best conveyed in person or via telephone. In making this assessment, employees should consider whether the content of the email is about a major competitor or a sensitive issue. If so, more likely than not, the email should not be drafted unless it is protected by attorney-client privilege.

Employees should be advised to avoid reporting the contents of conversations or meetings about competitors in email correspondence. In the Apple case, an employee emailed transcribed statements from an executive meeting in which a Samsung executive said, “Let’s make something like the iPhone.” Employees should avoid making statements about copying a competitor, the relative strength of their company’s products to those of a competitor, the strength or weakness of their company’s competitive positions or admissions of liability. Employees should be reminded to double check the addressee on an email before sending it. Emails inadvertently sent will reside on the servers of the addresses.

It may be impossible to completely prevent employees from making statements in emails that may prove to be damaging should they surface in litigation. However, with frequent reminders of these guidelines, a company should be able to minimize the risk that a “smoking gun” email will determine the outcome of a trial.