The Ontario Court of Appeal has recently recognized a new civil right of action of “intrusion upon seclusion” which attracts liability for invasion of personal privacy. This decision is significant since no appellate court in Canada has previously acknowledged an independent tort of breach of privacy. Currently in British Columbia, employee privacy rights are protected only under statute or express language in employment agreements.
A Bank of Montreal employee, Tsige, surreptitiously viewed the personal banking records of her common-law partner’s former wife, Jones, at least 174 times over a four year period. Tsige did not publish, distribute or record the information in any way. When she became aware of this, Jones sued Tsige for breach of privacy but her action was dismissed by a motion judge on the basis that Ontario law did not recognize a tort of breach of privacy. However, the Court of Appeal allowed the action and awarded Jones $10,000 in damages.
The Court identified the required elements to establish the tort as follows:
a. the defendant’s conduct must be intentional (or reckless);
b. the defendant must have invaded, without lawful justification, the plaintiff’s private affairs or concerns; and
c. a reasonable person would regard the invasion as highly offensive causing distress, humiliation or anguish.
With respect to damages, the Court stated that given the intangible nature of the interest protected, damages should be measured by a modest conventional sum of up to $20,000.
While this decision is binding in Ontario, it is likely to be persuasive in BC courts and may result in an increase in claims by employees for “breach of privacy”. Accordingly, employers in our province are well advised to ensure their policies put employees on notice about the level of privacy they can expect in the workplace. This decision, together with the 2011 decision of the Ontario Court of Appeal in R v. Cole which recognized an employee had a reasonable expectation of privacy arising out of his personal use of his work laptop, should prompt all employers to review and update their workplace privacy and technology use policies.