Checking your emails in public? What could possibly go wrong?

Many of us use our travelling time to catch up on emails. But this can be dangerous. Especially when you are working on a highly sensitive transaction and your casually-dressed neighbour is actually an investment banker who can see everything you are reading and typing. That is exactly what happened on a Eurostar train and was the subject of a recent decision by the French regulator. In this article we look at what happened, and what lessons can be learned from the decision about the expected standards of conduct in similar situations in the future.

What happened?

French telecoms group Iliad was considering a takeover of T-Mobile US Inc. One of the bankers working on the transaction for Iliad was dealing with email correspondence on a Eurostar journey. Unbeknownst to him, the passenger sat next to him was also a banker. The neighbour pieced together the transaction being contemplated from the information he had glimpsed and shared what he had surmised with his boss. Neither the neighbour nor his manager dealt in T-mobile securities, but instead decided they would seek to capitalise on the opportunity and put together a pitch to provide financing in relation to the transaction.

Did they do anything wrong?

The French regulator (Autorité des Marchés Financiers (AMF)) found that although it was inside information, the sharing of the information by the neighbour was not unlawful. He shared it within the proper course of his employment, profession or duties (in order to enable his employer to pursue an opportunity to provide financing). The AMF viewed the disclosure as strictly necessary to pursue the financing opportunity and proportionate (having regard to the nature of the information communicated and the relatively limited number of individuals to whom it was circulated), and as such considered that no offence had been committed. The AMF observed that the reason the neighbour had become aware of the information was because of the “negligence” of the banker.

The breach of confidence also had consequences for Iliad, who were fined for continuing to delay disclosure of the inside information in question even after the confidentiality of that information was compromised.

Does this mean anything I read or overhear in a public place is fair game?

Although the decision might seem to indicate that eavesdroppers are free to capitalise on the information they glean in public, in practice regulators would be unlikely to adopt such a position in all cases.

As well as the market abuse regime, any misuse of confidential information might amount to a breach of other regulatory obligations. In particular, in financial services, such conduct by an individual subject to the UK Approved Persons Regime or SMCR could also potentially breach one or more of the Statements of Principle for Approved Persons (APER) or Individual Conduct Rules (ICR). In particular, APER Principle 3 / ICR 5 impose an obligation on individuals to observe proper standards of market conduct, which might well be called into question in a case such as this. In a more extreme case, APER Principle 1 / ICR 1 (the requirement to act with integrity) might also be relevant.

Despite the AMF’s decision, in the same way that you should delete an email clearly sent to you in error, you should really turn a blind eye to anything you see in public that you know ought not to have been shared with you and which you appreciate or could reasonably be expected to realise is or may amount to confidential information.

What are the lessons from this decision?

What happened on the Eurostar that day could easily happen to many of us. It is a powerful story to share as a reminder that it is imperative to take great care when working on sensitive matters. The decision is also a reminder that, if a listed company is delaying disclosure of inside information, a failure to preserve confidentiality will trigger an obligation to announce and it is important to have appropriate policies and staff training in place. Top precautions include:

• Don’t read confidential documents (whether on a device or on paper) in a public place. If it is necessary to work on a journey, for example, use a privacy screen on your laptop or tablet.
• Avoid taking phone calls in any place you might be overheard. If it cannot be avoided, take great care and always use code names. You never know who might be listening.
• Don’t leave confidential documents, phones or laptops unattended (e.g. in a bag on a luggage rack or in a car).
• Never share sensitive information on social media, including information that could be pieced together to form an overall picture of what you might be working on.