BCCA – No privacy claim against lawyer

13 Jan

On January 9th, the Court of Appeal for British Columbia affirmed the dismissal of a claim against a lawyer that was based in part on his service of application materials and in part on his conveyance of information about the plaintiff in a casual conversation with another lawyer.

The application that became the subject of the claim was made in an earlier family law proceeding. It was for production of financial documentation from the plaintiff relating to seven companies in which he had an interest.

The defendant represented the plaintiff’s wife. He served the companies with application materials (a notice plus affidavit) without redaction and in an unsealed envelope. Apparently his process server left the materials with two unrelated companies in an attempt to affect service. The plaintiff also argued that the defendant should have crafted his application materials to protect the plaintiff’s privacy – serving notices “containing only information relevant to the particular relief that might concern each company.”

The Court held that the impugned action was deemed not to be an invasion of privacy based on section 2(3)(b) of the British Columbia Privacy Act, which states that the publication of a matter is not a violation of privacy if “the publication was privileged in accordance with the rules of law relating to defamation.” The defendant, the Court explained, was acting in the course of his duty to his client, and occasion protected by absolute privilege.

The “casual conversation claim” arose from a discussion the defendant had with another lawyer during a break in discovery in another case. The defendant said he represented a woman whose former husband had sold a business in Alberta for $15 million and that the couple had three young children. Another person who was present came to believe the defendant was speaking about the plaintiff.

The Court affirmed the trial judge’s finding that the plaintiff failed to prove the information disclosed was private and subject to a reasonable expectation of privacy. More significantly, it affirmed an obiter finding that that the defendant’s disclosure was not wilful.

Duncan v Lessing, 2018 BCCA 9 (CanLII).

 

Advertisements

Surreptitious recording of IME warrants a re-do

3 Jan

On December 28th, Justice Sweeny ordered a plaintiff to submit to another medical examination because he surreptitiously recorded a prior examination, commenting:

The surreptitious recording of the examination was improper. The effect of this recording is the doctor would now, most likely, be subject to cross-examination on issues as to what exactly happened in the course of the examination. The evidence of the plaintiff is also relevant. Mr. Cruz may be examined or cross-examined on the transcript. If the doctor was aware of the recording, he may have conducted his examination a different way. He may have been clearer in the language used. He may have been more specific is instructions given to the plaintiff. Much of the communication that goes on is nonverbal. The doctor was denied an opportunity to ensure that his words and conduct were being accurately recorded.

Cruz and Cruz v. Saccucci, 2017 ONSC 7737.

BC arbitrator endorses non-consensual sharing of personal information with union

24 Dec

On March 8th of this year, arbitrator Kinzie held that an employer did not breach the British Columbia PIPA by disclosing amounts earned by bargaining unit members to their certified bargaining agent. He made the following principled statement about when the exception to the PIPA consent rule would be engaged by disclosures by an employer to bargaining agent:

As the party to the collective agreement with the Employer, which agreement governs the terms and conditions of employment of the Employer’s employees, the Union, in my view, is an equal partner with the Employer to those employment relationships.  They have the same legitimate interest in the management of those relationships.  Therefore, I am of the view that the disclosure of employee personal information by the Employer to the Union regarding employees in the Union’s bargaining unit that is relevant to a matter concerning the interpretation and/or the application of the collective agreement would not violate Section 19 of the Personal Information Protection Act if their consent was not obtained because such disclosure, in my view, would be “reasonable” for the purposes of “managing” an employment relationship governed by the terms of that agreement.

Notably, the employer had called the BC OIPC for advice and was apparently told “definitely NOT [to] turn that info over to anybody.”

Comox Valley Distribution Ltd. v United Steelworkers, Local 1-1937, 2017 CanLII 72391 (BC LA).

Div Ct. quashes IPC decision for failure to identify PI under consideration

22 Dec

On December 18th, the Divisional Court quashed an IPC/Ontario order that affirmed a municipal institution’s decision to apply the public interest override in disclosing an internal investigation report. The Court held that the IPC erred by not identifying the personal information under consideration in its reasons:

[67]           The Commissioner is essentially asking this court to undertake the detailed analysis of the information in the Report described above, decide what portions of the Report fall within the s. 14 personal information exemption, and then assess the reasonableness of the Commissioner’s application of the s. 16 test based on that conclusion.  That is not the role of this court.  That complex analysis goes beyond supplementing the reasons.   It amounts to asking this court to review the reasonableness of the Commissioner’s decision based on our own assessment of what was exempted under s. 14 rather than based on what the Commissioner decided was exempted.

[68]           Given the acknowledged need to disclose only that portion of the exempted information that meets the s. 16 “clearly outweighs” balancing test, each piece of personal information that is exempted under s. 14 must form part of the analysis that the section requires.  In this case, we do not know what the Commissioner was weighing as against the public interest.  This is not a matter of considering what reasons could be offered in support of the decision; it is a matter of not knowing what his decision was on that complex issue, which is prerequisite to the application of s. 16.  This is especially important in regard to the application of s.16 because the public interest override, which is rarely used, can have a major impact on individuals whose personal information would normally be protected by a statutory exemption.

Barker v. Ontario (Information and Privacy Commissioner), 2017 ONSC 7564 (CanLII).

In snooping investigations, disclose the logs

21 Dec

When an employer confronts an employee with an allegation of improper access to personal information, it is important to give the employee the event log data that proves the allegation. It may often be voluminous and difficult to interpret, but presenting a general allegation or summarizing events without particulars will give the employee a good reason to deny the allegation.

This is what happened in this very illustrative British Columbia case in which an arbitrator held he could not infer dishonesty from the grievor’s initial failure to admit wrongdoing because the grievor had not been given log data. Also, if an employee continues to deny responsibility, log data can be difficult to rely upon; even if it can be established to be authentic, there are issues about presenting log data in a meaningful and privacy-protective way. An early admission can go a long way.

Fraser Health Authority (Royal Columbian Hospital) v British Columbia Nurses’ Union, 2017 CanLII 72384 (BC LA).

IPC addresses PHIPA request for raw data

20 Dec

On September 29th, the IPC/Ontario held that PHIPA governs and provides a right of access to “raw data” about an identifiable individual. It also held that raw data is not subject to the right of access unless it can reasonably be severed from the repositories in which it is retained. The IPC said:

Having regard to the evidence before me, I conclude that where the extraction of the complainant’s information can be done through the development of conventional custom queries by hospital staff, based on information in reporting views available to the hospital, the complainant’s information can be reasonably severed for the purpose of section 52(3) of the Act.  The hospital’s obligation to provide access to this information, if the complainant wishes to pursue it, is met by providing him with the results of such queries.  The information need not be in native format, but can be in the format in which those results are generated through such queries.

“Reporting views” are tools that make generating certain types of reports from databases easier. The IPC has suggested that hospitals must provide access to data that can be extracted based on such tools together with “conventional queries”. Hospitals can charge a requesters a fee that represents reasonable cost recovery.

St. Michael’s Hospital (Re), 2017 CanLII 70006 (ON IPC).

IPC interprets prohibition on collecting health card numbers

20 Dec

Section 34(2) of PHIPA prohibits persons other than health information custodians or agents of health information custodians from collecting, using and disclosing health card numbers. There are some narrow exceptions, one of which applies when the collection, use or disclosure is “for purposes related to the provision of provincially funded health resources to [the] person [whose health card number is collected…].”

In a decision issued October 10th, the IPC said the following about the exception:

 Having regard to the above, I find the proper interpretation of section 34(2)(a) is that a collection or use of a health number will only be “related to the provision of provincially funded health resources” where the health number is collected or used for the purposes of the provincial funding of health resources, or directly obtaining those health resources.

The IPC therefore held that an insurance company could not routinely collect health card numbers on an application form for supplementary health insurance benefits. Although related in the broad sense, the insurance company did not routinely use the number to coordinate benefits. The IPC permitted the company to continue to collect health card numbers to obtain reimbursement for payments made under plans that provide for emergency medical travel coverage.

An insurance company (Re), 2017 CanLII 70023 (ON IPC).