Confidentiality Online?

In the UK, over 100,000 WhatsApp messages between a former health secretary and government ministers during the COVID-19 pandemic were leaked.[1] The former health secretary, Matt Hancock, shared his WhatsApp messages with a journalist, Isabel Oakeshott, with whom he was collaborating on his book entitled Pandemic Diaries (Hancock with Oakeshott 2022). They essentially co-authored the book.

The messages must have helped her write up his story. However, Ms Oakeshott had a track record of leaking material on other public figures[2] and leaked the health minister’s WhatsApp messages to The Daily Telegraph. She believed they exposed details that were in the national interest and that therefore her actions were in the public interest. Nevertheless, this put conversations into the public domain that were expected to remain private and confidential.

WhatsApp is one of a rising number of private messaging services that are designed to be less public than social media, such as Facebook, although social media platforms are creating spaces of private messaging. In a private messaging service, the user can determine who is included in each private messaging group they organise and the messages are encrypted as a means to better ensure confidentiality.

In the wake of the pandemic, many governmental and business leaders who were restricted from face-to-face meetings used private messaging apps to enable them to continue or replace discussions with online messaging. In this case, it is not surprising to read the debate over whether Mr Hancock was right to share these messages with his colleague, and whether it was right for Ms Oakeshott to have made them public. But the main point from my perspective is that it is almost impossible to prevent such choices being made. Users should try their best to keep messages private that are private, but they would be advised not to trust them to remain private. Best to behave with “zero trust”.

Private messaging is new, with many new users during the pandemic, so mistakes in its use is understandable. That said, concern over confidentiality is not at all new.

In the sixties and seventies, many executives worked with a clean desk. This was different than cleaning your desk for the next person. It was a strategy for security to keep all paper, calendars, and any other media off their desk. The only device on the desk might be a phone. This could prevent anyone visiting with the executive, cleaning the desk, or walking past to see the executives notes etc. A one-to-one conversation could remain private. I would not be surprised if President Nixon kept a clean desk in the Oval Office, but he surreptitiously and famously taped conversations, which were subsequently obtained by the US Senate Watergate Committee.

What can you do? I think remaining offline is an option but one that would undermine anyone’s effectiveness in the digital age. Don’t avoid digital media. I email, blog, and use social media and private messaging but I would say that, as I’m an academic. We want people to read our words. But academics as well as governmental and business leaders have fallen over their choices of words.

The use of email has been the usual suspect in cases of breaching confidentiality. In using email, it has long been argued that you should never write any email that you would not want to see in the news. This might sound paranoid, but it might also have some positive implications for people to think more carefully about what they write. I realise that email and certainly private messaging apps and social media are used often in ways that are more parallel to a conversation than to a personal letter or an article or news item to be kept or published, but even the Bee Gees knew – if you believe their lyrics – warned us that ‘loose talk costs lives’.

When you use email, and it is a private confidential message, say it is. Consider adding a message that it is intended for the recipient and only the recipient. Here is one I think covers all the bases:

“CONFIDENTIALITY: This email and any attachments are confidential, except where the email states it can be disclosed, and it may also be privileged. If received in error, please do not disclose the contents to anyone, but notify the sender and delete this email and any attachments.”

That said, I often jokingly note that the best way to get someone to read a message is to say it is confidential.

In short, there is no proverbial silver bullet in any age and certainly not in the digital age when people wonder if there is even such a thing as privacy and confidentiality. Remember that even without digital media, people will spread rumours about who, said what, to whom, and when. A record of what you said can be of value to your communication, your memory, and to the public record. That said, what you communicate privately could be in the public record. Write as if it might well be.


Matt Hancock with Isabel Oakeshott (2022), Pandemic Diaries: The Inside Story of Britain’s Battle Against Covid. Leicester, UK: W. F. Howes Ltd.


[1] A fuller account is provided by Kate Whannel, BBC News, 3 March at:

[2] See an article in The Scotsman by Stephen Mcilkenny on 2 March 2023:

Comments are most welcome