Author: Dan Michaluk

Case Report – BCCA applies common interest privilege

On October 16th the British Columbia Court of Appeal applied the common interest privilege doctrine in finding that a draft legal opinion prepared for a vendor of property was immune from production despite being shared with the purchaser, its various officers and the potential financial underwriters of the proposed transaction. The opinion was about the validity of the plaintiff’s claim, which challenged the proposed transaction.

The Court explained:

The disclosures to Mr. Hotel were in the course of discussions between the solicitor for the De Graaf defendants (Mr. McEwan), the solicitor for Western (Mr. MacLean) and the solicitor for National Bank Financial. (Mr. Hotel). The interests of the clients of the three solicitors were not identical but they were common to the extent that financing of the Western exploration of the Mongolian properties was beneficial to all of them. They also shared an interest in assessing the invalidity of Maximum’s claims. Sharing the opinions in the McEwan draft was reasonably in aid of a due diligence investigation of the Maximum litigation. The chambers judge put it in terms of an ongoing interest in completing the transaction which the disclosure was designed to facilitate. In my view, that is a sufficient common interest to support the extension of the privilege. In this regard, I agree with Mr. Justice Lowry (as he then was) in Fraser Milner Casgrain LLP v. Canada (M.N.R.) 2002 BCSC 1344 (CanLII), (2002), 6 B.C.L.R. (4th) 135, 2002 BCSC 1344, relied on by the chambers judge in the quotation I have earlier included, that commercial transactions can benefit from an uninhibited exchange of legal opinions among parties allied in interest.

The Court also rejected claims of waiver based on the purchaser’s internal communications and based on “state of mind” issues pleaded in the defence.

Maximum Ventures Inc. v. De Graaf, 2007 BCCA 510.

OBA Summit Workshop on Employee Surveillance

I was happy to participate in a workshop on employee surveillance at today’s OBA Second Annual Privacy Summit together with Peigi Ross of Dunsmore Law and John Stout of Cavalluzzo Hayes Shilton McIntyre & Cornish. We discussed some of the nuances relating to the necessity standard, whether the standard is (or should be) the same for workplace and operational privacy issues, what recent Order F07-18 of the Office of the Information and Privacy Commissioner for British Columbia might foretell and other surveillance-related topics. My notes are cryptic, but contain some case references, so I’ve posted them here.

Case Report – Leave to appeal granted in breach of privilege case

On October 25th, the Ontario Superior Court of Justice (Divisional Court) granted leave to appeal on a narrow issue in a case in which plaintiff counsel was ordered to be removed as counsel of record in two related actions after it retained a former member of the defendant hospital’s executive team as an expert witness.

Patillo J. made the impugned order in June. He held that the plaintiff had received confidential information attributable to the defendant’s solicitor-client relationship and held that the plaintiff had not rebutted the inference that the defendant would suffer prejudice as a result of the breach. In considering the six factors going to remedy first articulated by the Supreme Court of Canada in Celanese, he held that the potential effectiveness of after the fact precautionary steps was not an appropriate factor to consider because plaintiff counsel had initiated contact with the hospital’s former employee without taking any precautionary steps.

The Divisional Court granted leave to appeal on this issue, stating the question for appeal as, “Before being removed from the record, are these plaintiff’s precluded from an opportunity to propose ‘other precautionary steps,’ after the fact, having obtained privileged information from defendants by the plaintiffs’ own actions.”

Miele (Litigation Guardian of) v. Humber River Regional Hospital, 2007 CanLII 448209 (Ont. Div. Ct.).

The property torts and disputes about business information

What happens when someone puts his or her electronic documents on another’s computer system, gets locked out and then wants the documents back?

This is a common problem today, and often arises in the context of departing employee disputes. It also engages one of the more interesting developing legal issues within this blog’s domain: do the traditional property torts – trespass, detinue and conversion – protect rights associated with intangible property?

While this could be the subject of a good paper, I’d simply like to point out a couple of developments South and North of the border.

In the United States, the New York Court of Appeals recently issued an opinion in Thyroff v. Nationwide Mutual Assurance Company in which it held that the tort of conversion should apply to intangible property – an insurance agent’s customer list in the circumstances in dispute.

There’s no judgement of equivalent strength in Canada yet, but the Prince Edward Island Supreme Court – Trial Division issued a decision in July called HZPC Americas Corp. that is consistent with the direction endorsed in Thyroff. (HZPC has not yet been published on CanLII.) In rejecting the defendant’s motion to strike a conversion claim, the Court challenged the traditional idea that an owner’s ability to control intangible property (including confidential business information) is not sufficient to justify application of the tort. It said:

The Defendants refer to infringement of intellectual property while the Plaintiff refers to conversion of commercial property interests. The Plaintiff’s claim is not based on infringement of a statutory right in intellectual property; but rather is classified by it as a proprietary right in commercial property. It is not necessary for the Plaintiff to plead or rely upon legislative provisions to pursue its claim based on a common law tort. The federal legislation can be viewed as providing additional benefits, and not exhausting a person’s civil remedies.

The Court quoted Professor David Vaver, who says that the traditional view is “pettifoggery” – a sure signal that there will be more on this issue to come.

Case Report – Court articulates framework for privacy tort

Although there have been previous cases that have recognized the common law tort of invasion of privacy in Ontario and a few recent cases in which Ontario courts have made strong statements in refusing to strike claims based on the tort, the confines of the tort have not yet been clearly articulated. On September 21st, Deputy Judge Criger issued a small claims court judgement in which she articulated a form of test that balances an individual’s expectation of privacy in personal information against any countervailing interests in the information’s collection use and disclosure. Here is her six-part test:

  1. Is the information acquired, collected, disclosed or published of a kind that a reasonable person would consider private?
  2. Has the Plaintiff consented to acquisition or collection of the information?
  3. If not, has the information been acquired or collected for a legal process or public interest reason? If so, what is that reason?
  4. Has the Plaintiff consented to disclosure or publication of the information?
  5. If not, has the information been disclosed or published for a legal process or public interest reason? If so, what is that reason?
  6. Is the legal process or public interest reason put forward for acquisition, collection, disclosure or publication one that a reasonable person would consider outweighs the interest of the individual in keeping the information private?

The case is about a plaintiff who told his aunt that he was HIV positive in confidence and the aunt’s subsequent disclosure of this information to his mother. Deputy Judge Criger held that the plaintiff had established a breach but did not prove his damages.

Caltagirone v. Scozzari-Cloutier, [2007] O.J. No. 4003 (Ont. S.C.J.) (QL).

UBC seeks review of spyware order

The Vancouver Province reports that the University of British Columbia has asked the British Columbia Supreme Court to review the Information and Privacy Commissioner for British Columbia’s September 24th order that was made in response to its reasonable grounds investigation into employee time theft (my report here).

The Province says material filed in court by the University says the order “denies the university the ability to investigate misconduct.” Indeed, one of the issues raised by the order is the level of scrutiny that is appropriate to apply to how an investigation is conducted when there are clear grounds for conducting it. Those with an interest in security will claim that once there are grounds for an investigation, an investigator needs sufficient flexibility to conduct a thorough investigation even if it involves “fishing.” Although it may be explained by the context – perhaps the IPC is only saying something about the stakes at play in a time theft investigation – the IPC’s order conflicts with this view. Thanks to Michael Geist for posting on this.

Garbage case touches on idea of practical obscurity

It’s at the obscure end of what I’ll cover on this blog, but the Alberta Court of Appeal’s October 18th decision in R. v. Patrick contains an intriguing debate about an individual’s expectation of informational privacy in garbage.

Conrad J., in dissent, held that the Calgary Police violated an accused individual’s section 8 Charter rights by seizing information…

  • mixed in with garbage…
  • in opaque garbage bags…
  • inside garbage cans…
  • that were placed in a receptacle without a lid…
  • on the accused individual’s property.

Good use of bullet points? They’re a cute prelude to the point Conrad J. makes about the accused individual’s expectation of privacy:

In this case, the appellant put his garbage out for municipal collection. Municipalities have an interest in the orderly collection and disposal of garbage. Citizens are forbidden from burning garbage in their homes and citizens pay taxes for this municipal collection service. A homeowner, such as the appellant, places his garbage out for collection on the understanding that his garbage will be treated in the same manner as his neighbour’s garbage – it will be picked up by the garbage collectors and placed inside a garbage truck where it will be mixed with other garbage. At this point, the homeowner’s privacy in respect of much of the information regarding his lifestyle and personal choices will be completely preserved because it will have become anonymous. Any privacy in garbage that identifies the homeowner directly, such as a discarded bank statement, will also be preserved, although not so completely, by the fact it is now contained within a vast pile of collected detritus that makes it almost impossible to find.

The last sentence in the above quote is significant because it endorses the concept of inaccessibility or practical obscurity of information: information can still be private (or one’s interest in keeping something private can subsist) even if it is exposed to unauthorized or limited authorized access. This concept may become more relevant given the prevalence of electronically stored information. For starters, think of the lost backup tape that can’t easily be restored and how a valid claim that the information on the tape is inaccessible might weigh against either a civil or statutory duty to warn. Accessibility may also be relevant in some disputes about waiver of a confidentiality interest or legal privilege.

Ritter J.A.’s majority judgement leaves Conrad J.’s practical obscurity point intact. Instead, and apparently taking judicial notice that garbage often goes to sorting facilities, he states, “With respect, I disagree with this assessment as it does not equate with the myriad of ways in which garbage is handled in Canada.”

e-Discovery Canada

I’ve added a “related links” section to my sidebar. So far there’s just one link, but its a notable one. The LexUM Laboratory is the University of Montreal’s justice system technology project that runs the CanLII national database of freely-available case law. The e-Discovery Canada website is another LexUM project that is maintained in collaboration with some members of the Canadian legal community who have taken a lead on e-discovery issues. This includes Peg Duncan of the Department of Justice, who keeps a digest of Canadian case law and rules that she last updated on October 12th. It’s a great list and has cases and rule citations that I haven’t reported on. News and links to key guidelines like the Sedona Canada Principles (now in draft/public comment form) are all posted there. Please check it out, and thanks Peg!

Case Report – Breadth of disclosure in criminal background checks unlawful

On October 5th, the Ontario Superior Court of Justice held that a police service unlawfully disclosed information about an individual’s withdrawn criminal charges in the course of conducting background checks.

The applicant, a social services worker, was charged with four counts of sexual assault and four counts of sexual exploitation. At trial, the charges were withdrawn and the applicant entered a peace bond. The applicant was later denied a license for a group home, denied employment and terminated from employment, assumingly based on information provided in criminal background checks. In response, he brought an application seeking an order to have information about the withdrawn charges expunged from police records.

The Court held that the police were authorized to collect and retain information about withdrawn charges and rejected the applicant’s (potentially disruptive) argument that retention of the records violated various Charter provisions. It did, however, hold that the applicant had not given his informed consent to disclosure. There was a dispute about whether the applicant actually signed any consents, but the Court held that the police service’s standard consent form was nonetheless insufficient to support disclosure of information about the withdrawn charges:

In this application, none of the relevant pieces of legislation were attacked and people unfamiliar with the legislation might be forgiven for being surprised at the breadth of information police services are authorized to maintain. I conclude, however, that the maintaining of information that charges have been laid, albeit subsequently withdrawn, is not in any way prohibited by legislation. On the other hand, I see nothing in any legislation which authorizes the release of information reporting that the subject of the inquiry was charged with sexual offences, which were subsequently withdrawn. The release form, which may or may not have been signed by Mr. Tadros, is not sufficiently specific in its terms to encompass this particular eventuality, and Mr. Tadros could be excused for assuming that at the time the application was made for the information, he had no record of any sort and need not be concerned about any adverse effect which might result on his employment prospects. There is a basic unfairness in the dissemination of this type of information as evidenced by the apparent effect it did have on his employment chances.

The breadth of information provided in Ontario criminal background checks has been the subject of significant criticism. For information on the policy-related significance of this judgement see “Criminal Background Checks – Balancing Public Safety, Security and Privacy” by John Swaigen.

Tadros v. Peel Regional Police Service, 2007 CanLII 41902 (ON S.C.).

Case report – Condonement means employer barred from investigating computer misuse

On September 24th the Office of the Information and Privacy Commissioner for British Columbia held that the University of British Columbia violated the British Columbia Freedom of Information and Protection of Privacy Act by conducting a “reasonable grounds investigation” of an employee’s personal computer use.

The employee, an engineering technician, had a history of productivity problems. Although the University adduced evidence that it was managing the
employee’s performance, the complainant countered with evidence that he used his computer for non-work-related purposes openly and that and that the University tolerated this. The University’s acceptable use policy also allowed for “incidental personal use” within some restrictions.

The University decided to investigate the employee’s computer use after receiving a complaint about the his untimely service. It started by collecting the log file that listed websites visited. This showed a significant number of non-work-related websites, so the University then used software (spyware) to collect data that allowed it to identify the period of time the grievor spent on non-work-related sites. The spyware also captured screen shots in two minute intervals and, as a result, captured the employee’s personal correspondence, his bank account number and other information about his personal finances.

The adjudicator held that the University was not authorized to collect the log file, the more detailed information collected by the spyware and the screenshots. Her decision is significant for three reasons.

First, the adjudicator applied the contextual necessity test recently articulated by Commissioner Loukidelis in Order F07-10 (my report here). In this test, necessity is assessed in the entire context and in light of the privacy-protective purpose of the Act. In discussing this test, the adjudicator held that an employer must not necessarily exhaust all less intrusive means of meeting a legitimate objective to meet the necessity test, but that this is one factor to consider in the analysis.

Second, the adjudicator’s reason for finding that the collection of screen shots was violative rules out the collection of screen shots as an investigatory tool unless the content of the websites is the basis for the investigation – e.g. for pornography investigations. She said:

Information which reveals the complainant’s specific activities on non-work related websites is not, in this case, directly related to UBC’s human resources activities. As UBC notes, this is not a case involving an allegation that an employee accessed inappropriate material on the internet. The specifics of the complainant’s banking transactions, or his personal correspondence, are not relevant to any program or activity of UBC’s. The GESS Report, therefore, has some information that is relevant to managing the complainant’s employment, and some information which is not.

Third, in finding it was not necessary for the University to collect the log data and information about the amount of time the employee spent on non-work-related sites, the adjudicator relied heavily on the University’s permissive approach to personal use. In light of this approach, she held that the next necessary and reasonable step would have been to put the employee on notice of his misconduct rather than conduct surreptitious surveillance.

It is difficult to understand how the surreptitious collection of information about an employee’s internet use can be necessary in the absence of any attempt to question the employee about his activity, especially when the supervisor was aware of that activity and the complainant knew the supervisor was aware of it.

While it would be easy to frame this case as a message to employers about the harms of condoning personal use, there may be more to it than first meets the eye. This is because the foundations of workplace computer use are arguably changing. Not only are the internet applications used in day-to-day living more pervasive, the rise of “Web 2.0” is starting to blur the line between personal use and business use. One may also argue that employees in some sectors (especially professionals) are spending more and more of their waking day working. So can the reasonable employer afford to do anything but condone personal use? And what does this do to the idea, accepted widely in the existing case law, that an employee should have no expectation of privacy on a work computer system? This case may signal a next wave in workplace monitoring litigation in which some of these questions will be raised and answered.

University of British Columbia (Re), 2007 CanLII 42407 (BC I.P.C.).