Arbitrator declines to find a privacy violation for inquiry made of employee’s second employer

As the gig economy rises, work for more than one employer is becoming more common, and work across multiple employers has been common in the health care sector for some time. What, then, is an employer to do if its employee has taken sick leave but may be working for their other employer? Can the employer simply ask the other employer if the employee is at work?

There are some discipline cases in which unions have not challenged such questioning and others in which employers have asked for employee consent to make the inquiry. Last July, Arbitrator Brian Sheehan of Ontario entertained and dismissed what I believe to be the first privacy breach allegation on point, though he did so in quite a qualified manner.

The employer’s inquiry was apparently based on a mere suspicion. Mr. Sheehan explained, “For Ms. Valentin, the grievor’s relatively significant level of absenteeism, in addition to Ms. Valentin’s perception that there was a pattern of the grievor being absent from work on days before or after her scheduled days off was suspicious.”

To aggravate the situation, when the employer called the other workplace it received the information it was seeking plus some editorial – that the grievor’s “attitude stinks.”

Mr. Sheehan nonetheless declined to find a privacy breach. He said:

As to the Union’s privacy argument, factually, I do not find that claim  particularly compelling. Based on the Employer’s understanding of the facts as of September 2014, it had, in my view, a reasonable basis to investigate the grievor’s work history at Villa Leonardo.  The Union’s primary complaint was that the Employer should have initially sought to obtain the information from the grievor.  On this point, while as previously noted the grievor was fairly forthcoming with respect to her work history at Villa Leonardo, she was in fact mistaken as to her work history in relation to some of the days in question. At the same time, the Employer arguably should have followed the approach in the Province of Alberta, supra, case and sought the grievor’s consent to obtain the relevant documentation from Villa Leonardo.

At the end the day, however, the extent of the nature of the invasion of the grievor’s privacy relates to the Employer asking a third party the work history pertaining to the grievor. Seeking such information is definitively on the lower end of the spectrum of the privacy interests of an individual that warrant protection, and that interest is far removed from the surreptitious electronic surveillance that was in dispute in the cited Domain Forest Products, supra, and Ebco Metal Finishing Ltd., supra, cases. In this regard, any breach of the grievor’s privacy interest was, in my view, de minimis in nature; such that, I am not inclined to issue any sort of declaration or sanction.

This is best understood as a discouragement to employers, without an actual finding based on an application of the de minimis non curat lex principle: the law will not concern itself with trifles.

No arbitrator is bound to follow another arbitrator, but employers can take some comfort in this award. If they have a reason not to ask for consent (and are prepared to articulate it if challenged) they may decide to unilaterally seek information from another employer about whether an employee was or was not at work during a period of time. The risk of liability is low.

Toronto (City) v Canadian Union of Public Employees, Local 79, 2019 CanLII 78856 (ON LA).

NSCA says no expectation of privacy in address information

On January 28th the Nova Scotia Court of Appeal dismissed a privacy breach allegation that was based on a municipality’s admitted disclosure of address information to a related service commission so the service commission could bill for certain statutorily mandated charges. The Court held there was no reasonable expectation of privacy in the information disclosed, reasoning as follows:

Mr. Banfield’s information was not confidential, secret or anonymous. Neither did it offer a glimpse into Mr. Banfield’s intimate, personal or sensitive activities. Nor did it involve the investigation of a potential offence. Rather, it enabled a regulated public utility to invoice Mr. Banfield with rates approved under statutory authority for a legally authorized service that, in fact, Mr. Banfield received.  

Banfield v. Nova Scotia (Utility and Review Board), 2020 NSCA 6 (CanLII).

Notable snippet about the personal information concept in recent Ont CA search case

On January 13th, the Court of Appeal for Ontario held that a convicted appellant did not have a reasonable expectation of privacy in “what could be seen and heard on [his] property from his neighbour’s [property].”

The police trespassed on an neighbour’s rural property to conduct surveillance, and they heard gunshots and saw two individuals with rifles outside of the appellant’s house. Based on these observations, the police obtained a warrant to search the appellant’s house. They ultimately secured one or more convictions on drug and weapons charges.

The Court held, that in the context, it did not matter that the police were trespassing. (The gunshots were loud, and the appellant’s property was abutted by a public road in any event.) It also held that the police did not obtain “personal information,” reasoning as follows:

What triggered the application for the first warrant was the sound of the discharge of a firearm – something that could scarcely be concealed – coupled with visual observations of persons outdoors either firing a rifle or holding a rifle. These were bare observations of physical acts. There was no personal information obtained.

This illustrates how the personal information concept is not as simple, and perhaps not as broad, as one might think. The facts observed clearly allowed the police to infer what was in the house and obtain, on the reasonable and probable grounds standard, a search warrant. Nonetheless, the Court held that the observations did not invite a collection of personal information.

R v Roy, 2020 ONCA 18 (CanLII).

ONSC affirms damages award for “friend’s” leak of work schedule

On April 8th, the Ontario Superior Court of Justice affirmed a $1,500 damages award for a privacy breach that entailed the disclosure of information that the defendant received because she was the plaintiff’s social media friend.

The plaintiff and defendant were pilots who worked for the same airline. The plaintiff shared his work schedule with the defendant though an application that allowed him to share his information with “friends” for the purpose of mitigating the demands of travel. The airline also maintained a website that made similar information available to employees. The defendant obtained the schedule information through one or both of these sites and shared it with the plaintiff’s estranged wife.

There are a number of good issues embedded in this scenario. Is a work schedule, in this context, personal information? Does one have an expectation of privacy in information shared in this context? Does the intrusion upon seclusion tort proscribe a disclosure of personal information?

The appeal judgement is rather bottom line. In finding the plaintiff had a protectable privacy interest, the Court drew significance from the airline’s employee privacy policy. It said:

The policy of Air Canada, that must be followed by all employees, emphasises the privacy rights of the employees. This policy specifically prohibits any employee from disseminating personal information of another employee to third parties without express permission of the other employee. The sharing of personal information between employees is clearly restricted for work related purposes only. Permission to review and obtain this information is not given unless it is for work related purposes. If the information is reviewed and used for any other purpose, this results in conduct that constitutes an intentional invasion of the private affairs or concerns. In addition, I find that a reasonable person would regard this type of invasion of privacy as highly offensive and causing distress, humiliation and anguish to the person.

The defendant did not appeal the $1,500 damages award.

John Stevens v Glennis Walsh, 2016 ONSC 2418 (CanLII).

BCCA affirms its position on text message privacy

On April 11th, the Court of Appeal for British Columbia held that a defendant convicted of internet luring and sexual touching of a minor had a reasonable expectation of privacy in direct messages he sent to the complainant and others via a social media platform.

The trial judge had found no such expectation – a finding that rested in part on the nature of the messages. The trial judge held that the messages contained no personal information that the defendant had not posted in his public profile and were not sent to an intimate, trustworthy contact. The Court of Appeal viewed the messages differently – as “flirtatious” – and held that the trial judge rested too heavily on the “risk analysis” that characterizes American Fourth Amendment law. It reasoned:

While recognizing that electronic surveillance is a particularly serious invasion of privacy, the reasoning is of assistance in this case. Millions, if not billions, of emails and “messages” are sent and received each day all over the world. Email has become the primary method of communication. When an email is sent, one knows it can be forwarded with ease, printed and circulated, or given to the authorities by the recipient. But it does not follow, in my view, that the sender is deprived of all reasonable expectation of privacy. I will discuss this further below. To find that is the case would permit the authorities to seize emails, without prior judicial authorization, from recipients to investigate crime or simply satisfy their curiosity. In my view, the analogy between seizing emails and surreptitious recordings [as considered by the Supreme Court of Canada in R v Duarte] is valid to this extent.

In then end, the Court found a breach of section 8 but held the evidence was admissible after conducting its section 24(2) analysis.

The Court’s reasonable expectation of privacy finding follows its earlier similar finding in R v Peluco. For the context see this Law Times article.

R v Craig, 2016 BCCA 154 (CanLII).

 

 

SCC says the voluntary identification of an anonymous internet user is unlawful

Last Friday’s Supreme Court of Canada’s decision in R v Spencer renders it unlawful for a telecommunications service provider (or any other commercial actor) to voluntarily identify an anonymous internet user to help the police investigate crime.

Spencer is about the means by which police have investigated the trading of child pornography on the internet – i.e., by identifying objectionable online activity that is associated with an IP address and by asking the service provider who assigned the IP address for “subscriber information” that identifies the holder of the account to which the IP address was assigned. This legality of this means of investigation – enabled by service provider cooperation – has been heavily litigated; in 2012, the Court of Appeal for Ontario held that the police do not breach section 8 of the Charter by obtaining the identity of an anonymous internet user without judicial authorization because such a user has no reasonable expectation of privacy.

The Supreme Court of Canada has now unanimously reached the opposite conclusion. The Court stayed true to the case law that establishes that the protection afforded by section 8 of the Charter should not be debased by framing the activity that the proponent seeks to protect as criminal and therefore unworthy of protection. Although the police may have an entirely legitimate interest in pursuing criminal activity that we all can observe on the open internet, the issue according to the Court was (more neutrally) whether “people generally” have a right to use the internet anonymously.

The Court said “yes” and, in doing so, offered some principled support for online anonymity. It also said that the service provider’s contractual terms and the provision of the Personal Information Protection and Electronic Documents Act that allows for voluntary disclosures to law enforcement were both too ambiguous to weigh against a reasonable expectation of privacy finding.

The Court then held that police requests for subscriber information are not reasonable because they are not  “authorized by law.” Notably, the Court did not consider whether the search was authorized by the common law nor did it consider the interplay between section 8 of the Charter and the common law constraint on police action, which a majority of Court said is less constraining than section 8 in R v Kang-Brown (see para 56). To the contrary, the Court’s decision in Spencer appears to be heavily driven by the proposition that the police only have the power to ask questions “relating to matters that are not subject to a reasonable expectation of privacy.”

Spencer is a very significant decision on the reasonable expectation of privacy concept, internet anonymity and police powers.

R v Spencer, 2014 SCC 43 (CanLII).

No reasonable expectation of privacy in bad breath

On January 7th, the Ontario Superior Court of Justice overturned a trial decision that had recognized a Charter-protected expectation of privacy in the odour emanating from one’s breath. A doctor who had treated the accused following a motor vehicle accident told a police officer that the accused’s breath smelled of alcohol, following which the police obtained an warrant to seize a blood sample. The Court also noted that the doctor was not acting as a state agent in making his observation and reporting to the police.

R v Maureen Daly, 2014 ONSC 115 (CanLII).