Clear and Simple Confidentiality Notice

We wanted to create a confidentiality notice that resembles us. Well-written, these few lines can effectively manage risk by targeting the right messages.

Curious to know our simplification process?


Before

Confidentiality Notice

This message, together with any file attached thereto, is intended exclusively for its recipient(s); It may contain confidential information. If you are not the recipient of this message, we hereby notify you that any use, reproduction or dissemination of this message and any file attached thereto is strictly prohibited. If this message has been sent to you by mistake, please notify the sender promptly by returning the message and then destroy it, as well as any attached files without retaining copies. Nothing in this notice can be construed as going against the Copyright Act (R.S., 1985, C. C-42).

After

Not the person to whom this message is intended?

That's embarrassing. This message is confidential, including attachments and other messages it contains. Here's what to do:

  1. Don't read any more! And do not communicate the content.
  2. Delete this message, first in your Inbox, and then in your trash.
  3. Write me a separate message to inform me of this error.

Thank you for your cooperation.


Clear and Simple Confidentiality Notice - En Clair Service-Conseil Inc.

Diagnosis: Why the traditional version is problematic

This is why traditional confidentiality notices are not effective:

  • The title "Confidentiality Notice" is not very engaging.
  • The text is usually dense, and sometimes complex. Often, the graphic presentation requires reading through the full paragraph to make sense of it.
  • Readers receive a considerable number of e-mails each day. Their attention span is very limited.
  • Target readers cannot effectively determine if the information concerns them before reading the full notice. If they do read it, they cannot quickly determine what to do.
  • Readers have learned that reading a privacy or confidentiality notice is usually useless.
  • Risk management is based entirely on the mistaken recipient's collaboration. Not only do recipients have to read the entire notice, but they have no incentive to collaborate. They could very well lost interest and choose to keep a confidential email without you ever being informed. So, you might as well simplify it for them.
 

Our simplification process in 4 steps

1. Identify your target audience

Who should read our confidentiality notice? In our opinion, this notice only concerns people who have received a confidential e-mail by mistake.

We could have targeted a second audience: when the recipient is the right one, but he or she does not have the right to communicate the information to other people. In our opinion, the confidentiality notice is not the appropriate place to inform that person of his or her obligations. It is best to do so upstream, either at the beginning of the business relationship, in a contract, or in the body of the email if the confidential nature of the email is occasional.

2. Define the communication goal

Our confidentiality notice should aim at two goals:

  1. Capture the recipient’s attention.
  2. Trigger an action: delete the confidential information received by mistake.

Note: your communication goal is not a legal or compliance goal (“managing the risk of leaking confidential information”). It’s what you want to achieve, from your reader’s perspective.

3. Identify key messages

To reach our goals, we need to articulate the right messages.

  • How to capture attention? Readers have learned that confidentiality notices are off-putting and that most of the time, they are not concerned by these few lines. We thus need to send a strong signal. Our solution: a title that allows the target audience to know immediately whether what follows concerns them. We also use a graphic presentation that feels simple at the outset.
  • How can the recipient remove all confidential information? To make the task easy on our recipient, we have chosen to list the actions they must take. This approach responds to the information needs of our target audience without threatening them. Let’s not forget that we depend on their collaboration!

4. Identify important secondary messages

Our target audience is not primarily computer or legal experts. Here are some things that are not obvious to most people:

  • What's confidential? Not only the email as such, but also all attachments and any previous email that could be part of the discussion thread.
  • How do I delete this content? The recycle bin is where deleted messages go to die. But before they disappear forever, they are stored for a certain length of time. Sending an email to the trash is not enough, you also have to remove it permanently from within the trash.
  • How do I report an error? Chances are that the recipient will want to respond directly to the email. It is after all the simplest and most usual method. But doing so will create a copy of this email in the Sent messages box. These messages are also kept, usually even longer than in the trash. We have made it clear to the recipient that they should report this error in a separate message, after deleting it permanently.

These secondary messages seemed to us to be lacking in traditional confidentiality notices. Yet, they can effectively manage risk by meeting the actual information needs of the target audience.

Some mistakes to avoid

The difficulty with communication is the illusion that it has been accomplished. To be understood, you must first be read. Here, we need to keep it short to avoid destroying the fragile motivation that drives our readers.

Here are some messages to avoid:

  • The title "Confidentiality Notice". Ugh… so boring! For the reader, this title mainly conveys the idea that reading the paragraph will be cumbersome, complex, and probably useless. The objective is to capture the attention, not to scare the reader away.
  • The legal consequences for the person who keeps confidential information. This information is clearly relevant for your reader, but is it wise to mention it? Remember that you are counting on your reader’s collaboration. Communicating about the risks could be perceived as threatening, thus destroying the possibility of any collaboration on their part.
  • Any other generic message that is not directly related to your communication goals. Given the context of reading (an email among many others), your confidentiality notice is not the appropriate place for this kind of messages.

The key to brevity? Do not indulge yourseflf anymore than what is strictly necessary or important to achieve your communication goals.

Traditional examples


Formal

Confidentiality Notice
This message may contain legally privileged or confidential information. If you are not the recipient or believe you have received this message by mistake, we would be grateful if you would notify the issuer and destroy the content without communicating it to others or reproducing it.

 With legal and technical concepts

Confidentiality Notice: This email, as well as any attachments, is confidential and may be protected by professional secrecy. If you are not the intended recipient, please notify the author immediately and delete it; you must not copy or use it for any purpose whatsoever or disclose its content to anyone. [The law firm] reserves the right to control any communication that passes through its network.


Threatening

Confidentiality: The content of this email and accompanying material is intended for the exclusive use of the party to whom it is addressed, and may contain information that is privileged, confidential and subject to copyright. If you are not the recipient, please do not copy, act or distribute this email. If you have received this email by mistake, please inform us immediately by emailing back and delete all documents related to this email. Unauthorized use of this email may result in liability for breach of confidentiality or copyright.

 With a limitation of liability

Confidentiality Notice
This message and any attached file may contain privileged or confidential information. If this message is not intended for you or if you have received it by mistake, we would be grateful if you would notify the sender immediately and delete the original and any attached files without copying or unveiling the contents. We assume no responsibility for the interception of any communication via the Internet or the transmission of computer viruses.


What do you think?

 

Not the person to whom this message is intended?

It's embarrassing. This message is confidential, including attachments and other messages that it contains. Here's what to do:

  1. Don't read any more! And do not disseminate the content.
  2. Delete this message, first in your Inbox, and then in your trash.
  3. Write me a separate message to inform me of this error.

Thank you for your cooperation.

 

Share if you like!