Peg Duncan has recently updated the e-Discovery Canada case law digest, and includes an interesting Alberta Court of Queen’s Bench decision from January 2008 called Design Group Staffing v. Fierlbeck. It’s about an employee who e-mailed himself a great number Alberta Treasury Branch records before departing from employment from a company who provided IT services to the ATB and the service provider’s very aggressive reaction. Any employer’s counsel will tell you that this is a very common occurrence.
The service provider applied for an Anton Piller order based on its concern about ATB client privacy and the risk of identity theft (though there was no evidence the defendant had any motive to perpetrate identity theft or sell the information). It turned out the records taken did not contain any client information. The Court criticized the service provider for its lack of diligence and vacated the Anton Piller.
It’s interesting to me how non-party privacy issues can play out in litigation. Was the service provider prepared to take whatever steps necessary to demonstrate its vigilance in protecting customer data to its client given its employee had caused a data breach? Or did it have its own motive for seeking an order and was the privacy claim simply a convenient justification for making a non-genuine demand? (I think it was the former in this case.) Where non-party privacy is engaged, should potentially affected individuals receive notice and have a right of standing? For another recent case in which these issues arise, see Datatreasury Corporation.
All About Information 
These data breaches and thefts are due to a lagging business culture. As CIO, I’m always looking for ways to help my team, business teams, and ad hoc measures of various vendors, contractors and internal team members. A book that is required reading (specific chapters, depending on nature of projects) is “I.T. Wars: Managing the Business-Technology Weave in the New Millennium.” It has a great chapter regarding security (among others).
We keep a few copies kicking around – it would be a bit much to expect outside agencies to purchase it on our say-so. But, particularly when entertaining bids for projects, we ask potential solutions partners to review relevant parts of the book, and it ensures that these agencies understand our values and practices.
The author, David Scott, has an interview here that is a great exposure: http://businessforum.com/DScott_02.html
The book came to us as a tip from one of our interns who attended a course at University of Wisconsin, where the book is in use; I like to pass along things that work, in the hope that good ideas continue to make their way to me. I hope you can make use of this info…