The court reserved words in its Keydata ruling for the U.K.'s Financial Services Authority (FSA), which legal practitioners note has been increasingly aggressive in trying to persuade companies it is investigating to waive privilege. That's in contrast to the U.S., where regulators have shied away from this practice in recent years—see, for instance, the Department of Justice's corporate charging guidelines as stated in its 2008 Filip Memo.

The English Administrative Court suggested that “to determine whether similar practices might be adopted,” the FSA “might usefully review” procedures that English police forces (under the Police and Criminal Evidence Act 1984) and the government's Serious Fraud Office use to ensure that disputes over privilege are resolved in advance of the material being read or relied upon by investigators.

“If the FSA is going to require wholesale production of electronic data sets, which it does pretty regularly, there is some merit in suggesting they need to be thinking about [their procedures],” says Karen Smith, a partner in Herbert Smith's financial services regulation practice. “But that said, of the eight emails [under review in the Keydata case], there were only a couple for which privilege was actually upheld, so it's not the most egregious example of bypassing privilege.”