Wellness be dammed – universal medical assessments not allowed

31 Dec

On November 12th, Arbitrator Dorsey held that an employer could not implement universal “fitness for duty” testing.

The program would require drivers responsible for carrying liquid and compressed gas to be tested once every five years. The employer framed the testing as fitness for duty testing, but the program featured urinalysis and bloodwork to look for “disorders, including anemia, infection and leukemia.” In other words, the program looked (at least partly) rooted in the promotion of wellness, though requiring employees to participate in a wellness program with an (invasive) medical assessment feature is aggressive by Canadian standards, if not unprecedented.

Arbitrator Dorsey appeared to appreciate this problem, and decided the matter by finding that the particular collective agreement provision upon which the employer relied did not have the “clear and express language” necessary to authorize universal testing. He also said that truck transportation is not so safety sensitive an endeavour “regardless of the nature of the product being transported” to justify an exception to normal preference for individualized, for cause testing.

Teamsters Local Union No 213 v Linde Canada Limited, 2015 CanLII 73757 (BC LA).

Arbitrator dismisses video surveillance grievance, makes principled statements

15 Dec

On November 12th, British Columbia labour arbitrator Stan Lanyon dismissed a policy grievance that challenged the implementation of a video surveillance system in an equipment production and maintenance plant.

Surveillance cases are driven by their facts, but Arbitrator Lanyon did dismiss a union argument that overt and covert surveillance are equally invasive: “covert surveillance is more a more egregious violation of privacy because it is capable of causing more distress, anguish and embarrassment.”

As significantly, he held that surveillance systems can be justified without evidence of “a past history of serious breaches of safety, or security issues.”

Finally, Arbitrator Lanyon recognized a difference between using cameras for disciplinary (or supervisory) purposes and using video surveillance footage in the investigation of incidents. This distinction is not clearly drawn in some case law (and employer policies), but is important.

Kadant Carmanah Design v International Association of Machinists and Aerospace Workers, District 250, 2015 CanLII 79278 (BC LA).

BC class action alleging vicarious liability for employee’s snooping to proceed

19 Nov

Yesterday the Court of Appeal for British Columbia held that a class action alleging vicarious liability for breach of the British Columbia Privacy Act should not be struck.

The claim is based on an allegation that an ICBC employee improperly accessed the personal information of about 65 ICBC customers. The Court dismissed ICBC’s argument that the Privacy Act only contemplates direct liability because its statutory tort rests on wilful misconduct. The Court reasoned that a requirement of deliberate wrongdoing is not incompatible with vicarious liability.

ICBC also raised a seemingly dangerous policy question for a data breach defendant: “Should liability lie against a public body for the wrongful conduct of its employee, in these circumstances?” The Court said this question should be answered based on a full evidentiary record.

While allowing the vicarious liability claim to proceed, the Court held that the plaintiff could not found a claim on an alleged breach of the safeguarding provision in British Columbia’s public sector privacy act. It did consider whether to recognize a common law duty to abide by the safeguarding provision, but held that it should not do so based on policy grounds, including the need to defer to the comprehensive administrative remedial regime provided for by the legislature.

Ari v Insurance Corporation of British Columbia, 2015 BCCA 468 (CanLII).

Cybersecurity and data loss (short presentation)

8 Nov

Here’s a 10 minute presentation I gave to the firm yesterday that puts some trends in context and addresses recent breach notification amendments.

CORRECTION. I made a point in this presentation that the Bill 119 amendments to PHIPA remove a requirement to notify of unauthorized “access” – a positive add given the statute does not include a harms-related threshold for notification. Section 1(2) of the Bill, I have now noticed, amends the definition of  “use” as follows: “The definition of ‘use’ in section 2 of the Act is amended by striking out ‘means to handle or deal with the information” and substituting ‘means to view, handle or otherwise deal with the information.’ The removal of “access” from the breach notification provision will therefore not invite a change.

Duty to document in the news again

3 Nov

I finally got around to reading Access Denied – the British Columbia OIPC’s October 22nd bombshell of an investigation report on the processing of freedom of information requests.

You’ve likely heard about the OIPC’s finding that a Ministerial Assistant in the Ministry of Transportation and Infrastructure commandeered an executive assistant’s workstation to wilfully “triple delete” e-mails responsive to an FOI request. While shocking, you may be just as interested in the OIPC’s less headline-catching recommendation that government re-configure its e-mail system so e-mails cannot be deleted by users before they are captured in monthly backups “for investigative and legal purposes.” The OIPC doesn’t back this recommendation with many details, but it seems to treat backups as a data source with an all-too-routine reason to access.

You may also be interested in the OIPC’s recommendation to create a legislative duty to document. I’ve wrote about the duty to document in some detail in this June 2013 post.

In Ontario, amendments to FIPPA and MFIPPA relating to the preservation of records come into force on January 1st. Read more here.

Party defending against claim based on prior settlement does not waive settlement privilege

30 Oct

On September 30th, the Divisional Court held that a party defending against claim based on prior settlement does not waive settlement privilege. The Court reasoned as follows:

Consistent with such notions of fairness, we are satisfied that the LCBO has not waived settlement privilege in this case. The LCBO claims that Magnotta’s current actions advance the same claims as the prior settled proceedings, and we express no view on that assertion. However, the LCBO should, as a matter of fairness, be able to raise the settlement in its defence and in support of its proposed motion, without automatically losing the benefit of settlement privilege. In particular, the LCBO should be able to rely on the Minutes of Settlement for this purpose.

The defendant obtained a sealing order based on the public interest in encouraging parties to settle their disputes.

Magnotta Winery Corp v Ontario (Alcohol and Gaming Commission), 2015 ONSC 6234 (CanLII).

Privacy incidents, risks and liability – a legal update

7 Oct

Today I did short update-style presentation at a session jointly-sponsored by the Canadian Insurance Adjusters Association, the Canadian Defence Lawyers and the Canadian Insurance Claims Managers Association. It includes content on breach notification statutory changes and notable case law. Slides below.

Follow

Get every new post delivered to your Inbox.

Join 1,614 other followers