Trainee Solicitor breaches confidentiality

I'm the director of a company. We've had some unforeseen financial issues and haven't managed to pay a supplier in full on time. We offered this supplier a payment plan, but he has gone to a solicitor's firm to act as debt collectors.

A trainee solicitor is acting for him - in previous emails we told the solicitor which two members of the company to send correspondence to, and he has abided by these instructions, until the day before his imposed deadline for full payment, when he sent a letter containing the confidential and embarrassing details of the dispute to our company-wide email address. 

The only way he could have found this company-wide email address is through research of his own, or from instruction from his client, as we have never supplied him with it, and he has never sent emails to it previously. It is clear to me that he did this with the intention to cause embarrassment and distress. His client has previously sent us correspondence containing foul language and demanded payment within one hour, or he would set DCAs on us, and has expressed a willingness and enthusiasm to seek insolvency of our company.

I believe that by sharing sensitive information with employees of the company after having been explicitly instructed to email correspondence to the director and finance lead the trainee solicitor has breached confidentiality, and he has done this with the intention to harass. I informed him of this, and of my intention to report him to the SRA, and that I believed him to have compromised himself and therefore to now have a conflict of interest, meaning the SRA would expect him to cease acting on behalf of his client immediately. The trainee solicitor's response to this was simply "The contents of your letter are noted. We remind you that our client's claim is against ***** Limited."

I can only assume that by this he means that as the "claim" is against a company (no claim has actually been made with the court yet) he is free to divulge the details of the "claim" with any and all employees of the company, despite being specifically instructed as to which people to direct his correspondence to.

I am sure this is wrong - should I make allegations against Tesco and threaten to take them to court, and a director of Tesco asked me to send correspondence to one particular person, who was prompt in all responses, I couldn't justify sending correspondence to a night-shift worker whose role is stack shelves and shouldn't be privy to legal matters of the company. It would be a clear breach of confidentiality.

What's more, if I suddenly started doing this the day before an imposed deadline in a move clearly calculated to embarrass the leadership of the company, this is harassment. 

My issue is that in my research I'm having trouble finding examples of legislation or rulings that support this notion (that confidentiality has been breached) - can someone point me in the right direction? 

He is not your solicitor. He

He is not your solicitor. He acts on his client's instructions.

Profile: solicitor for 30 + years dealing mainly in commercial transactional and dispute work, but with a broad range of experience - insolvency, environmental, employment and more. NB you are reminded of this forum's terms and conditions - the exclusion of liability applies to all replies you are given. What I say should not be relied on as legal advice

He is not your solicitor. He

He is not your solicitor. He acts on his client's instructions.

Profile: solicitor for 30 + years dealing mainly in commercial transactional and dispute work, but with a broad range of experience - insolvency, environmental, employment and more. NB you are reminded of this forum's terms and conditions - the exclusion of liability applies to all replies you are given. What I say should not be relied on as legal advice

Yes, but my point isn't that

Yes, but my point isn't that he wasn't following my instructions per se, but that he has a duty of confidentiality which he has breached.

Are you saying your

Are you saying your opponent's solicitor owes this duty to you?

Profile: solicitor for 30 + years dealing mainly in commercial transactional and dispute work, but with a broad range of experience - insolvency, environmental, employment and more. NB you are reminded of this forum's terms and conditions - the exclusion of liability applies to all replies you are given. What I say should not be relied on as legal advice

Well, yes. There is a duty of

Well, yes. There is a duty of discretion. DCAs sharing information about your debts with your neighbors is considered harassment by the court. That's because it is. Should they have tweeted these allegations at us they would no doubt be found guilty of defamation. By breaking the pattern of private correspondence and choosing to email a company-wide email address in a move calculated to cause distress they have breached confidentiality in order to harass. 

You're a legal professional. Going back to the Tesco example, in your line of work would you ever choose to email sensitive correspondence about a financial dispute to Tesco's packing department instead of their financial or legal department? Especially if your correspondance had so far been with the relevant departments? If you did something like that, could it be for any reason other than to worry the packing department that their jobs were in jeopardy? Would the SRA look at that and approve?

The question is what duty is

The question is what duty is owed to your company. Perhaps there was a mistake, but your company is not this solicitor's client.

You have said you intend to refer the matter to the SRA. They may give you the answer you would prefer, but I am not convinced.

Profile: solicitor for 30 + years dealing mainly in commercial transactional and dispute work, but with a broad range of experience - insolvency, environmental, employment and more. NB you are reminded of this forum's terms and conditions - the exclusion of liability applies to all replies you are given. What I say should not be relied on as legal advice

Thanks, I appreciate you

Thanks, I appreciate you taking the time to consider and respond. Right now you don't consider the trainee solicitor to be in breach of confidentiality. Is there anything at all that he could have done wrong?

His behaviour intuitively feels wrong to me, and the person who suggested that he had opened himself up to a conflict of interest was actually a solicitor with a similar amount of experience as yourself (having read your profile). At the time I assumed this was due to breaching confidentiality, but you have made me think that perhaps he was thinking about some other form of breach.

Unfortunately the solicitor in question can't extend me the favour of a chat twice, so I can't follow up with him. I wonder if you have any ideas that could help?

I agree with you

and there is a complaint to be investigated. In my own current employer - not legal but global professional services - we have conduct and ethics awareness, training and obligations on precisely this. Handling any client data and information for any connected purpose is absolutely paramount in establishing professional trust. I do not think that hiding behind "not your client" is reason enough for this not to be followed up, maybe via your own solicitor?

Profile: Interested in the subject

Thanks - yes, if we had our

Thanks - yes, if we had our own solicitor on hand things would be easier, but we're not looking to accrue costs. If we thought we could get a reasonable amount of compensation for this I would get a solicitor on it straight away, but I don't think we'd necessarily be looking at a significant amount.

Not sure about money

Explanation / Rectification / Training needs / Prevention / Apology.

Profile: Interested in the subject

What is a company wide e-mail

What is a company wide e-mail address?

How does this poor chap know that sending an e-mail to one e-mail address sends it to everyone?

Profile: solicitor for 30 + years dealing mainly in commercial transactional and dispute work, but with a broad range of experience - insolvency, environmental, employment and more. NB you are reminded of this forum's terms and conditions - the exclusion of liability applies to all replies you are given. What I say should not be relied on as legal advice

It is the equivalent of the

joiners adage - measure twice - cut once. Email users in business where client confidentiality is at the centre of what they do MUST ensure that emails are sent to only those who require it and with appropriate consideration to confidentiality settings of the content, so that even if the email goes to the wrong people it is password protected. Absolutely mandatory in any organisation where client information is being sent - even indirectly.

A company wide email is usually an aggregated single email address comprising all other groups or individuals in a corporate email system.

Profile: Interested in the subject

client confidentiality

Applies to the client!

Can you answer the second question?

Profile: solicitor for 30 + years dealing mainly in commercial transactional and dispute work, but with a broad range of experience - insolvency, environmental, employment and more. NB you are reminded of this forum's terms and conditions - the exclusion of liability applies to all replies you are given. What I say should not be relied on as legal advice

Employees should be trained

in the use of the corporate email system and provided with appropriate and regular refresher and awareness updates. It is 10 times a year in my organisation, most of which is mandatory.

Profile: Interested in the subject

Hold on.  Wasn't this trainee

Hold on. 

Wasn't this trainee solicitor outside the organisation? The question remains, how was he to know that an e-mail to that address would go to everyone in the organisation?

Profile: solicitor for 30 + years dealing mainly in commercial transactional and dispute work, but with a broad range of experience - insolvency, environmental, employment and more. NB you are reminded of this forum's terms and conditions - the exclusion of liability applies to all replies you are given. What I say should not be relied on as legal advice

In most organisations

email addresses are either individual - atticus@xxx.co.uk or a groups, e.g. allteams@xxx.co.uk.

It is obvious when typing in the To.., Cc... and Bcc.. fields - if you take 5 seconds to read it - who or which groups you are sending an email to. If a group comprising all employees was selected and not spotted that is when big mistakes happen. Plenty of examples have been exposed of a colleague describing their boss in less than flattering terms and then pressing send only to realise they have selected the whole organisation!

Profile: Interested in the subject

Indeed. but that does not

Indeed.

but that does not answer the question. I am sure the OP can cast more light on what happened.

Profile: solicitor for 30 + years dealing mainly in commercial transactional and dispute work, but with a broad range of experience - insolvency, environmental, employment and more. NB you are reminded of this forum's terms and conditions - the exclusion of liability applies to all replies you are given. What I say should not be relied on as legal advice

Apologies, I wasn't getting

Apologies, I wasn't getting notifications of replies, and didn't realise the conversation had continued.

The trainee indisputably knew that the email address he had used was not mine or our finance leads, which are the email addresses he had been told to send to. Therefore whether or not he knew it was a company-wide address, he knew it was going somewhere other than where it was meant to, and the fact that he did this the day before his imposed deadline shows an intent to increase pressure by sharing with more people in the company.

So while he wouldn't know the names of the people he was sending the email to, he knew he was sending it to people other than those he was meant to, and the format of the email address makes it clear it's a far-reaching one - he would have to plead incredible stupidity to not realise what he was doing, and then have to explain his motivation for doing it in the first place.

I can understand the

I can understand the annoyance.

But I still cannot identify any duty owed to your company that may have been breached.

Even less can I see a conflict of interests, as I see that this was mentioned earlier. For such a thing to arise, the solicitor must have two interests (usually, but not always, different clients) which are in conflict or competition with each other. What interest does this law firm have that conflicts with its obligations to its client?

As a matter of interest, what was the offending e-mail address? Just give the part before "@". Any idea how this lawyer got that e-mail address?

Profile: solicitor for 30 + years dealing mainly in commercial transactional and dispute work, but with a broad range of experience - insolvency, environmental, employment and more. NB you are reminded of this forum's terms and conditions - the exclusion of liability applies to all replies you are given. What I say should not be relied on as legal advice

Well I would think something

Well I would think something along the lines of data protection would be the duty in question - information concerning loans and payment history are protected by the act. It's very standard practice for a company's directors to keep this information confidential and not share it with their staff. The example of a night shift shelf stacker at Tesco not knowing about Tesco's corporate debts applies here.

The conflict of interest would be the fact that he's compromised himself - we now have a genuine grievance and cause for complaint, which means he's not an impartial third party anymore. He has a reason to be worried around us and can't represent his client fairly knowing he's going to be investigated for wrong doing. Incidentally, compensation of up to £500,000 can be awarded for distress caused by breaches of data security.

The email address was reach@xxx. He likely got it from an auto-responder I had on saying I had limited access to emails, but that if the recipient of my auto-response had emailed reach@xxx they could rest assured others had access to that email address.

My colleague (the one I told him to CC everything to) did not have an auto-responder, and I had actually already been in email contact with the trainee solicitor on the day he sent the email - he was responding to that email, so there's no argument that he thought his emails were going unread.

So he thought he was replying

So he thought he was replying to you! In effect you told him to use that e-mail address.

What personal data of yours are we discussing here? I thought this was about your company.

 

Profile: solicitor for 30 + years dealing mainly in commercial transactional and dispute work, but with a broad range of experience - insolvency, environmental, employment and more. NB you are reminded of this forum's terms and conditions - the exclusion of liability applies to all replies you are given. What I say should not be relied on as legal advice

What makes you think he

What makes you think he thought he was replying to me, and that I told him to use the address? The wording specifically says that other people have access to the email address - so not going to me - and it says if you were emailing reach, not to email reach. On top of this, this trainee had already specifically been told to email my colleague.

It was the company's data - I should have said confidential rather than personal.

I based my reply on what you

I based my reply on what you said before I replied, and not on what you said in reply to my reply!

The fact remains that you gave him the e-mail address that he used.

Profile: solicitor for 30 + years dealing mainly in commercial transactional and dispute work, but with a broad range of experience - insolvency, environmental, employment and more. NB you are reminded of this forum's terms and conditions - the exclusion of liability applies to all replies you are given. What I say should not be relied on as legal advice

You should pursue your

complaint either to the head of the firm or to the SRA.

It is unlikely that formal action will be taken and I am not convinced that it was deliberate. Nevertheless, sensitive information was circulated to an inappropriate audience. In some circumstances such details could be price, commercially or otherwise internally sensitive within your organisation and it was in inappropriate and avoiable aggrevation in the circumstances. Just because the code of practice does not cover exactly this situation, there is little doubt that they have indirectly breached their duty of confidentiality to their client which in different circumstances could have been very embarrassing to them.

Profile: Interested in the subject

If - that is IF - there was a

If - that is IF - there was a breach of this lawyer's duty of confidentiality owed to his client, then that is a matter for the lawyer's client to pursue.

I suggest that the OP should not take his eye off the ball of dealing with the question of the money that it is claimed his company owes.

Profile: solicitor for 30 + years dealing mainly in commercial transactional and dispute work, but with a broad range of experience - insolvency, environmental, employment and more. NB you are reminded of this forum's terms and conditions - the exclusion of liability applies to all replies you are given. What I say should not be relied on as legal advice

User login

Navigation

twitter link facebook link
netlawman link