“Employee’s” signature accessible to public – NLCA

On June 3rd, the Court of Appeal for Newfoundland and Labrador held that the signature of an “employee” who authorized a vacation leave payout to a senior administrator at a college campus in Qatar was accessible to the public even though the individual was hired by Qatar, and not the College.

The matter turned on the meaning of “employee” under Newfoundland’s now repealed and replaced FOI statute, which at the time exempted all personal information from the right of access subject to an exemption for “information… about a third party’s position, function or remuneration as an officer, employee or member of a public body.” The Court held that the term employee is broad enough to include some independent contractors. It explained:

The statutory context and the purpose of the Act, however, would appear to limit including independent contractors only to those who, by virtue of their contract, are required to perform services for the public body in a manner that involves them as a functional cog in the institutional structure of the organization. It is those persons whose personal information about position and functions which can be regarded as employees and still promote the purpose and object of the legislation. To restrict the definition further would be to shield information about certain aspects of the public body’s operations and functioning from potential public scrutiny. To expand the definition further would equally not promote the object and purpose of the Act because it would allow for disclosure of personal information that does not elucidate the institutional functioning of the public body which is to be held accountable.

The Court’s affirmation of the public’s right of access here is no surprise. For one, the record suggested that the College and Qatar were common employers. More fundamentally, the privacy interest in the signature that would justify the outcome sought by the College was simply too minimal to give its interpretation argument principled force. In Ontario, signatures made in one’s professional capacity are not even considered to be one’s personal information.

College of the North Atlantic v. Peter McBreairty and Information and Privacy Commissioner of Newfoundland and Labrador, 2020 NLCA 19.

Notable snippet about the personal information concept in recent Ont CA search case

On January 13th, the Court of Appeal for Ontario held that a convicted appellant did not have a reasonable expectation of privacy in “what could be seen and heard on [his] property from his neighbour’s [property].”

The police trespassed on an neighbour’s rural property to conduct surveillance, and they heard gunshots and saw two individuals with rifles outside of the appellant’s house. Based on these observations, the police obtained a warrant to search the appellant’s house. They ultimately secured one or more convictions on drug and weapons charges.

The Court held, that in the context, it did not matter that the police were trespassing. (The gunshots were loud, and the appellant’s property was abutted by a public road in any event.) It also held that the police did not obtain “personal information,” reasoning as follows:

What triggered the application for the first warrant was the sound of the discharge of a firearm – something that could scarcely be concealed – coupled with visual observations of persons outdoors either firing a rifle or holding a rifle. These were bare observations of physical acts. There was no personal information obtained.

This illustrates how the personal information concept is not as simple, and perhaps not as broad, as one might think. The facts observed clearly allowed the police to infer what was in the house and obtain, on the reasonable and probable grounds standard, a search warrant. Nonetheless, the Court held that the observations did not invite a collection of personal information.

R v Roy, 2020 ONCA 18 (CanLII).

What’s significant about the Loblaw report

I finally got around to reading the @PrivacyPrivee report of findings on Loblaw’s manner of authenticating those eligible for a gift card. The most significant (or at least enlightening) thing about the report is that the OPC held that residential address, date of birth, telephone number and e-mail address were, together, “sensitive.” It did so in assessing the adequacy of the contractual measures Loblaw used in retaining a service provider for processing purposes. It said:

  1. The contract also provided guarantees of confidentiality and security of personal information, and included a list of specific safeguard requirements, such as: (i) implementing measures to protect against compromise of its systems, networks and data files; (ii) encryption of personal information in transit and at rest; (iii) maintaining technical safeguards through patches, etc.; (iv) logging and alerts to monitor systems access; (v) limiting access to those who need it; (vi) training and supervision of employees to ensure compliance with security requirements; (vii) detailed incident response and notification requirements; (viii) Loblaw’s pre-approval of any third parties to whom JND wishes to share personal information, as well as a requirement for JND to ensure contractual protections that are at a minimum equivalent to those provided for by its contract with Loblaw; and (ix) to submit to oversight, monitoring, and audit by Loblaw of the security measures in place.
  2. As outlined above, the additional ID’s requested by the Program Administrator were collected through a secure channel (if online) or by mail, verified and then destroyed.
  3. In our view, given the limited, albeit sensitive, information that was shared with the Program Administrator, as well as the limited purposes and duration for which that information would be used, Loblaw’s detailed contractual requirements were sufficient to ensure a level of protection that was comparable to that which would be required under the Act. Therefore, in our view, Loblaw did not contravene Principle 4.1.3 of Schedule 1 of the Act.

Residential address, date of birth, telephone number and e-mail address is a set of basic personal information. In analyzing it, one must recall the “contact information” that the Ontario Superior Court of Justice said was not “private” enough to found a class action claim in Broutzas.

Don’t be misled, though. The OPC made its finding because Loblaw was engaged in authentication, and collected a data set precisely geared to that purpose. The potential harm – identity theft – was therefore real, supporting finding that the data set as a whole was sensitive. Context matters in privacy and data security. And organizations, guard carefully the data you use to identify your customers.

Ont CA says doctor gross revenue information is not personal information

As reported widely, yesterday the Court of Appeal for Ontario affirmed an IPC/Ontario finding that gross revenue earned by Ontario’s top earning doctors was not their personal information.

There’s not much to the decision. (A number of the grounds for appeal were “optimistic.”) The decision illustrates that information must reveal something of a personal nature about an individual (in the relevant context) to be the individual’s personal information. In the doctors’ case, the link between gross income and the personal finances was not strong, as noted by the Court:

The information sought was the affected physicians’ gross revenue before allowable business expenses such as office, personnel, lab equipment, facility and hospital expenses. The evidence before the Adjudicator indicated, however, that, in the case of these 100 top billing physicians, those expenses were variable and considerable.

In another context, gross revenue information could be personal information. What is and is not personal information is a VERY contextual matter.

Ontario Medical Association v. Ontario (Information and Privacy Commissioner), 2018 ONCA 673.

Court affirms IPC decision on doctor payments

On June 30th, the Divisional Court affirmed an Information and Privacy Commissioner/Ontario decision that the amounts billed to OHIP by top billing doctors did not constitute the doctors’ personal information.

The Court’s decision is a standard of review decision – i.e., one that accepts the IPC’s decision as reasonable. Notably, the Court was influenced by an argument made by the doctors that (pre-expense) billing amounts do not fairly represent personal income yet could be misconstrued as such by the public. The answer to such arguments is an easy one for most FOI adjudicators and courts: provide an explanation to the public if you think you’ll be misunderstood. The Court didn’t say that in this case, but noted that the doctors’ argument was supportive of the IPC decision that their billing amounts were not revealing enough to be personal information.

Otherwise, the Court made short work of the doctors’ attempts to impugn the IPC’s reasoning and an argument that the IPC procedure gave rise to a reasonable apprehension of bias.

Ontario Medical Association v Ontario (Information and Privacy Commissioner), 2017 ONSC 4090 (CanLII).

The Australian “Ben Grubb” decision and its link to Canada

There’s been some talk about the Federal Court of Australia’s recent decision in the “Ben Grubb” case – Mr. Grubb being the journalist who requested and was denied access to certain data related to his mobile phone usage from his carrier. Although the data was linked to Mr. Grubb’s mobile phone usage, the Court held it was not “information about” Mr. Grubb and therefore was not “personal information” that Mr. Grubb could access under the Australia Privacy Act. The Court explained:

…in every case it is necessary to consider whether each item of personal information requested, individually or in combination with other items, is about an individual. This will require an evaluative conclusion, depending upon the facts of any individual case, just as a determination of whether the identity can reasonably be ascertained will require an evaluative conclusion.

In some instances the evaluative conclusion will not be difficult. For example, although information was provided to Mr Grubb about the colour of his mobile phone and his network
type (3G), we do not consider that that information, by itself or together with other information, was about him. In other instances, the conclusion might be more difficult. Further, whether information is “about an individual” might depend upon the breadth that is given to the expression “from the information or opinion”. In other words, the more loose the
causal connection required by the word “from”, the greater the amount of information which could potentially be “personal information” and the more likely it will be that the words
“about an individual” will exclude some of that information from National Privacy Principle 6.1

In other words, there must be more than a link between information and an individual for the information to be “personal” information. The information must also reveal something “about” the person in a way that engages a reasonable expectation of privacy. I am not sure whether this “guts” the rights provided by the Australia Privacy Act as reported, but this reasoning has been a feature of Canadian law, most notably supported in our Federal Court of Appeal’s Nav Canada case – an authority the Australian court relied upon in determining the outcome of Mr. Grubb’s access request.

Privacy Commissioner v Telstra Corporation Limited [2017] FCAFC 4 (19 January 2017).

Alberta CA comments on meaning of “personal information”

Whether information is “personal information” – information about an identifiable individual – depends on the context. The Court of Appeal of Alberta issued an illustrative judgement on April 14th. It held that a request for information about a person’s property was, in the context, a request for personal information. The Court explained:

In general terms, there is some universality to the conclusion in Leon’s Furniture that personal information has to be essentially “about a person”, and not “about an object”, even though most objects or properties have some relationship with persons. As the adjudicator recognized, this concept underlies the definitions in both the FOIPP Act and the Personal Information Protection Act. It was, however, reasonable for the adjudicator to observe that the line between the two is imprecise. Where the information related to property, but also had a “personal dimension”, it might sometimes properly be characterized as “personal information”. In this case, the essence of the request was for complaints and opinions expressed about Ms. McCloskey. The adjudicator’s conclusion (at paras. 49-51) that this type of request was “personal”, relating directly as it did to the conduct of the citizen, was one that was available on the facts and the law.

The requester wanted information about her property because she was looking for complaints related to her actions. The request was therefore for the requester’s personal information. Note the Court’s use of the word “sometimes”: context matters.

Edmonton (City) v Alberta (Information and Privacy Commissioner), 2016 ABCA 110 (CanLII).

Reasonable necessity not enough to justify collection under Ontario’s public sector statutes

Section 38(2) is an important provision of Ontario’s provincial public sector privacy statue. It requires institutions to satisfy a necessity standard in collecting personal information. Ontario’s municipal public sector privacy statute contains the same provision.

On May 4th, the Divisional Court dismissed an Liquor Control Board of Ontario argument that the Information and Privacy Commissioner/Ontario had erred by applying a higher standard than “reasonable necessity” in resolving a section 38(2) issue. The Divisional Court held that the Court of Appeal for Ontario’s Cash Converters case establishes just such a standard:

The LCBO relies upon Cash Converters to support its submission that the IPC erred in not interpreting “necessary” as meaning “reasonably necessary.” However, Cash Converters does not interpret “necessary” in this way. In fact, it suggests the opposite. Arguably, something that is “helpful” to an activity could be “reasonably necessary” to that activity. Yet, the Court of Appeal makes it clear that “helpful” is not sufficient.

It’s hard to fathom a legislative intent to prohibit a practice that is, by definition “reasonable.” If the LCBO seeks and is granted leave to appeal this could lead to an important clarification from the Court of Appeal on a strict interpretation of section 38(2) that has stood for some time. The LCBO practice at issue – which involves collecting the non-sensitive information of wine club members to control against the illegal stockpiling and reselling of alcohol – is a good one for testing the line.

Liquor Control Board of Ontario v Vin De Garde Wine Club, 2025 ONSC 2537.

BC commissioner uses fleet management complaint to answer BIG questions about PIPA

On December 19th, the British Columbia Office of the Information and Privacy Commissioner dismissed a complaint about the collection and use of vehicle location and operation data for the purpose of managing employee performance. In doing so, the OIPC opined broadly on the meaning of “personal information” and “work product information” and on the standard of reasonableness for collecting and using employee personal information under BC PIPA.

The case deals with an elevator company and its field mechanics. The mechanics objected to the company’s collection of data about service vehicle location and data about service vehicle operation – e.g., distance travelled, speed and incidents of harsh braking. The company argued this information is not regulated by BC PIPA at all because it is not “personal information” or, alternatively, is “work product information.”

The OIPC rejected the company’s primary argument and held that vehicle location and operation data is personal information. In doing so it rejected a narrow definition of personal information that requires personal information to be “about an identifiable individual” in that it reveals something private or intimate about the individual – a concept accepted in some case law and loosely related to the “biographical core” concept featured in Charter search and seizure jurisprudence. Instead, the OIPC said that information about an identifiable individual is personal information if it “is collected, used or disclosed for a purpose related to the individual.”

The OIPC also rejected the company’s alternative argument and held that vehicle location and operation data is not work product information. It reasoned that vehicle location and operation data is not “prepared or collected” by an individual in the course of work and that, generally, data that is automatically recorded “without directed conscious input by an individual” is not work product information.

While these principles favour privacy protection, the OIPC also demonstrated respect for employer interests in finding the company’s collection and use of employee personal information was reasonable for its purposes. The OIPC expressly rejected a four part reasonableness test (generally disliked by employers) in favour of a more flexible “reasonableness in all the circumstances” test:

The assessment of reasonableness will occur in the context of the established purposes for the employer’s collection, use or disclosure and thus should have some regard to that context. But the assessment may also address a number of other possible considerations.

As part of its reasonableness discussion, the OIPC also noted that an organization need not adopt the least privacy-intrusive alternative regardless of cost or consequences (though should be able to demonstrate that it has given “reasonable consideration” to less intrusive alternatives).

Schindler Elevator Corporation (Re), 2012 BCIPC 25 (CanLII).

Case Report – Court upholds arbitrator order that stops call centre from recording calls… with reservations

Today, the Supreme Court of Nova Scotia upheld a labour arbitrator’s order that required the Halifax Regional Municipality to cease and desist from recording calls to its call centre for quality monitoring, coaching and dispute resolution purposes.

In resolving the employer’s application for judicial review, Wright J. displayed a remarkably honest application of the “reasonableness” standard of review by disagreeing with the arbitrator’s weighing of management versus employee interests but nonetheless upholding his decision as reasonable.

Though it did not affect the outcome of the application, Wright J.’s more legally significant finding was on whether the employee voice recordings at issue were protected as “personal information” under the applicable privacy legislation. He stressed that the recordings captured non-sensitive employee work product and, in the context, this feature of the recordings was more significant than anything personal that the characteristics of an employee’s voice might reveal (such as age or race).

It cannot be over emphasized that the recording of calls made to the call centre agents on the Primary Line is of a non-personal nature. The call centre agents answer inquires from the public about various municipal matters. There is no component of personal information in that. It is not recorded information about an identifiable individual within the meaning of s.461(f). Rather, the content of the calls, as earlier noted, is about such routine inquires as transit service times, tax bills, by-laws, parking information and municipal services. In my view, the question of whether voice recording in the fact situation at hand constitutes “personal information” cannot be decided irrespective of the content of those calls. Here, the content of those calls is undoubtedly of a non-personal nature made in the course of the performance of the job duties of these employees.

Halifax (Regional Municipality) v. Nova Scotia Union of Public and Private Employees, Local 13, 2009 NSSC 283.