Case Report – Raitt “lost recorder” judgement published

The Nova Scotia Supreme Court has published Moir J.’s decision on the lost digital recorder containing embarrassing comments made by Minister of Natural Resources Lisa Raitt. I was quoted by the National Post here, but really didn’t have much to say at the time. This is no criticism of the conclusion embodied in Moir J’s cursory (oral) judgement, but now that I’ve read it I confess to still having more questions than answers!

The scenario is made for a law school exam:

Conversation between MacDonnell and Raitt, Raitt a public figure
Recording made unknowingly and in presence of limousine driver
Recorder misplaced by MacDonnell in a bathroom
Recorder found and passed to reporter
Reporter contacts MacDonnell to advise of finding
MacDonnell says she’ll pick the recorder up, but doesn’t
Time passes
MacDonnell misplaces Ministry’s confidential documents and resigns
Raitt comes under scrutiny
Reporter listens to recording in the name of the public interest
Reporter gives notice of intent to publish recording

Ms. MacDonnell relied on a privacy and property based claim. Moir J. held that she had not established a case sufficient to restrain publication. Here is the core of his oral judgement:

I agree with the submission for the Herald that the recorded conversation was not private because some or all of it was heard by a department driver…

Here is where I see the restriction on prior restraint having some place in laws of invasion of privacy, if such a tort is to emerge. It is wrong to deprive the press, and the public it serves, of remarks made privately, but not confidentially in the sense of trade secrets or privileged communications, after those remarks became available because of poor record keeping or management.

Bailment and conversion are torts applicable to personal property rights. The digital recorder was personal property. There is no bailment, and can be no conversion, of pure information. Information is protected as intellectual property.

Here are my questions. Wasn’t the driver bound to secrecy? Was this fatal to the expectation of privacy claim? When should poor record keeping constitute abandonment? How critical was Ms. MacDonnell’s failure to pick up the recorder as planned? Did she tell the reporter not to listen? Would that have made a difference? Did the information at issue and the public’s interest in receiving it weigh in the balance? If so, to what extent. You can start to see how the parameters of a privacy claim are very complex.

Two other points. One, the judgement creates a hierarchy of concepts: privacy seems less important than privilege and trade secret protection. I recently blogged about the Daniel Potter case here. It does the same thing. Two, whether the property torts can be used to re-gain control of information is a big issue for employers. I’ve blogged about it here.

MacDonnell v. Halifax Herald Ltd., 2009 NSSC 187.

Today’s “e-mail law” presentation

I was at the Osgoode PDP Electronic Evidence seminar today. There were great presentations all around, and I’ve included my notes at this Twitter feed. I was very honoured to co-present with John Gregory, whose knowledge of electronic evidence issues is deep. Our presentation is really about the law of e-mail, with a mix of content on access to e-mail on corporate systems, e-mail production and e-mail admissibility and weight. Here are the slides.

We also provided a handout with case citations and a summary sheet on the CGSB Standard on Electronic Records as Documentary Evidence.

I hope this is useful!

When employees use business systems to communicate with their lawyers

I just read Universal Sales, Limited v. Edinburgh Assurance Co. Ltd., a November 2008 judgement of the Federal Court that deals with inadvertent disclosure of solicitor-client communications.

The case is about a transcript of a telephone conversation containing solicitor-client communications that was inadvertently produced to an opponent in litigation. The judgement has a nice summary of the law on inadvertent disclosure of privileged information:

As the Plaintiffs point out, the mere physical loss of custody of a privileged document does not automatically end privilege, especially in the context of modern litigation where large quantities of documents, such as the electronic production of a CD in this case, are exchanged between counsel and accidental disclosure is bound to occur from time to time.

In cases of inadvertent disclosure, the waiver question turns more on the conduct of the privilege holder after it discovers its disclosure and also on any special prejudice that might be faced by the recipient (e.g. by bona fide reliance that does not conflict with any professional duty to immediately seal the communication).

I found Universal Sales in preparing to make some comments on whether employees waive privilege when they communicate with their solicitors on employer e-mail systems at today’s Osgoode PDP program on electronic evidence. The question is whether the waiver is intentional as opposed to inadvertent and will turn on the facts. The most authoritative Canadian case on the issue is the Daniel Potter decision by Mr. Justice Scanlan of the Nova Scotia Supreme Court.

Scanlan J. found that the CEO of a company had not waived privilege by sending solicitor-client communications through his employer’s computer system. He did consider argument based on the employee privacy cases (see my last post), but held that solicitor-client communications deserve special treatment. He also noted, however, that Mr. Potter was CEO and had “day to day executive control over policies which may have threated his expectation of privacy.”

My view on the issue is (1) that Daniel Potter does not close the debate, (2) that Canadian courts will demand very special facts to find waiver because they are staunch defenders of solicitor-client privilege and (3) the occasions when it makes tactical sense to engage in a dispute over the waiver issue are likely rare.

Looking forward to speaking to this later this morning. I’ll live blog the event at #oseev and @michaluk_live.

See ya!

OBA’s “Hot Issues” seminar and employee computer monitoring

I delivered a presentation at the OBA’s “Hot Issues in Privacy Law” seminar this morning called “Employee Computer Monitoring: Wither the most certain management right of all?” Here are the slides:

I prepared a paper for the presentation that I’m trying to re-purpose, and am going to hold off on publishing it for now. I hope I can make it available in one form or another soon. [Addendum: Here’s a copy of my speaking notes, which contain some of the key ideas.]

I enjoyed attending the entire session. The issues kept coming back to data security, which makes sense given the costs and risks of data breaches. Coincidentally, I had a call right after I returned to the office on a breach. For what it’s worth, I don’t find a discussion of costs and risks very helpful in guiding clients through the decision making exercise. Instead, I guide them to make decisions with a view to writing the story that they can cling to however all the external (and uncontrollable) factors play out. But even if I play my role to its best, it still can leave clients with some agonizing decisions. So if there’s one thing I can echo from today’s seminar, investing in prevention is a great idea. Data breaches suck!

You can read what are essentially a copy of my notes for the morning here. Remember to read from the bottom up.

Enjoy!

SCC dismisses application for leave in challenge to bank investigation

One June 4th, the Supreme Court of Canada denied an application for leave to appeal the Ontario Court of Appeal’s decision in Royal Bank of Canada v. Ren. This January, Ontario’s top court affirmed the dismissal of a Charter application that claimed RBC violated section 8 of the Charter in investigating a case of mortgage fraud. My summary of the Ontario Court of Appeal judgement is here.

Case Report – BCCA dismisses claim about disclosure of student status

One June 3rd, the British Columbia Court of Appeal dismissed a breach of privacy claim brought by a former student of the University of British Columbia. The student claimed the University breached the British Columbia Privacy Act by alleging that its legal counsel told the media he was no longer a student. The Court held that the student’s action disclosed no reasonable claim because the information claimed to be private had been lawfully disclosed in two previous court decisions.

Mohl v. University of British Columbia, 2009 BCCA 249.

Information Roundup – 31 May 2009

Here are some tweets of substance in the last week.

RT @complexd Are Employees’ Personal E-Mail Accounts Off Limits? http://tinyurl.com/r2uv2o
Adams v Dell questions custodian based retention: http://bit.ly/8IX4t [Via @IntegreonEDD. Read with great interest!]
Government transparency and analytics: http://bit.ly/GBe8v (via @vendorprisey)
Good session so far at the Managing Your Privacy Obligations program. Check out @michaluk_live and #cimypo!
Liked “When Your Secret Questions Aren’t So Secret” http://bit.ly/oe3jj [Via @michaelzimmer]
Liked Hot Topics in Admin Law. Prof. Sossin was engaging! Have this http://bit.ly/Vj3Ty and this http://bit.ly/xTwoE on short reading list.
@pegduncan has turned my last tweet into a lovely Haiku! The tower creaks in the cool east wind. Ridable waves in Toronto.
RT @PrivacyLaw: “Private-sector privacy law debated in Manitoba” http://tinyurl.com/pbfxhk

This is coming to you from a Casey’s in Sault Ste. Marie. I’ve been doing a heap of travelling lately – all north-south. I’m working my way through the Casey’s menu one Coors Light at a time! No complaints, because I’m a Casey’s kind of guy. It’s also been nice to get familiar with the north, the highlight being a drive from Timmins to Kirkland Lake for a hearing, then onto North Bay for another. I miss the family like crazy, but slowly but surely am filling in my mental picture of our huge province and am doing rewarding work with good people along the way.

Hope the tweets are of interest!

Dan

Case Report – Ontario IPC says personal e-mails in control of City

People are abuzz about this April 9th order of the Information and Privacy Commissioner/Ontario in which Adjudicator Corban held that e-mails received by a solicitor employed by the City of Ottawa in his personal capacity were under the custody or control of the City and subject to public access.

The IPC rejected the City’s argument, which rested on a by-law that deemed personal e-mails to be transitory and subject to immediate disposal and the permission it had granted employees to use its computer systems for incidental personal use. The IPC said:

I accept that the City has no objection to the “incidental personal use of City assets such as computers” and the creation or receipt of personal e-mails by its employees. However, I am not persuaded that by allowing for personal usage and by addressing the disposal of such e-mails in its Records Retention By-law the City has given up its authority over personal e-mails stored on City servers…

In my view, the fact that the City has explicitly stated that employees are permitted to use the e-mail system for incidental personal use but that personal use of City computers may be monitored for unauthorized use by the City’s Information and Technology staff, supports a conclusion that the City does have the authority to regulate the treatment of those records even if it chooses not to do so.

This order is reminiscent of (though far less sexy than) the Bobbie Malmer case out of Kentucky. It is also consistent with the traditional view on control of information stored on corporate computer systems. Though the application of our commercial sector privacy legislation, PIPEDA, does not hinge on custody or control, the Federal Court recently found that personal e-mails were not subject to PIPEDA in Johnson v. Bell Canada.

I’ll be speaking about employer access to personal e-mails at a couple of upcoming seminars, including the OBA’s Hot Topics in Privacy Law. Access is a different issue than the control issue (an idea touched upon in this order), but is related and also bound up in developing expectations of privacy based on personal use. An extremely engaging issue right now!

[Addendum. Query whether this outcome is consistent with the purpose of freedom of information legislation? Should the concept of “control” be significantly narrower for the purposes of triggering a right of access than in other circumstances (e.g. for litigation or regulatory production requirements)?]

Order MO-2408 (9 April 2009, IPC/Ontario).

Case Report – Ont. C.A. allows criminal records check appeal about disclosure of withdrawn charges

Yesterday, the Ontario Court of Appeal held that a police service lawfully disclosed information about an individual’s withdrawn criminal charges in the course of administering background checks.

The applicant, a social services worker, was charged with four counts of sexual assault and four counts of sexual exploitation. At trial, the charges were withdrawn and the applicant entered a peace bond. The applicant was later denied a license for a group home, denied employment and terminated from employment, assumingly based on information provided after conducting a vulnerable persons search. In response, he brought a successful application for an order to have information about the withdrawn charges expunged from police records.

The Court of Appeal held that the applications judge erred to the extent that he found that the applicant did not give specific consent to the disclosure of the withdrawn charges. The Court held that consent to disclose this information could be inferred in the circumstances even though the written consent form did not expressly refer to withdrawn charges. This essential finding is illustrative but fact-based. More broadly, however, the Court also found that the consent was not invalid because it was coercive. It said the following about the fairness of background checks:

The fact that a person effectively must consent to a Vulnerable Persons Search in order to apply for certain types of jobs may be perceived as coercive and, in that way, possibly unfair. In regards to this alleged coercion, the affidavit evidence in this case indicates that these searches are necessary in order to give prospective employers involved with vulnerable persons all potentially relevant information about potential employees, within the bounds of the permissible disclosure of personal information under MFIPPA. Also, in a case where withdrawn charges which were false are disclosed, the potential employee has the ability to explain the circumstances to the proposed employer.

The Court also rejected arguments that the disclosure breached the applicant’s rights under sections 7 and 8 of the Charter.

This highlights the vulnerability of individuals in Ontario who are charged of criminal offences but not convicted given the recent finding by the Human Rights Tribunal of Ontario that the “record of offences” protected ground does not protect persons only charged with offences. See de Pelham v. Mytrak Health Systems, 2009 HRTO 172 (CanLII). [Addendum: A contact has told me the complainant in de Pelham has stated his intent to file an application for judicial review.]

Tadros v. Peel (Police Service), 2009 ONCA 442.

Managing your privacy obligations and my records retention and destruction presentation

I spent the last two days at the Canadian Institute “Managing Your Privacy Obligations” conference.

It was a very informative conference. with advanced content and discussion led by a faculty of many I admire. It was also a pleasure to finally meet and speak with fellow privacy law bloggers and contemporaries David Fraser and Brian Bowman. I took notes live on Twitter in a stream posted here. (Read from the bottom up.)

My own presentation was on the law of records retention and destruction. I used it as an opportunity to go a little beyond privacy and walk through all the legal and practical underpinnings of a retention rule. Here are my slides:

I’ll also offer a link to my paper, which I’d still characterize as a work in progress. If you have any comments or thoughts, please feel free to post them here or e-mail.

Thanks to the the Canadian Institute, conference organizer Sandra Bernstein and co-chairs David Fraser and Amanda Maltby. I was very pleased to be involved.