No relief for victims of harassment – Ont CA

I’ve written here about the difficult position an employer/organization is placed in when its employees are harassed by “outsiders.” On July 20th the Court of Appeal for Ontario illustrated the difficulty by affirming a decision that denied relief from such harassment that a municipality (and its mayor) sought on behalf of the mayor, councillors and staff. The decision suggests that an employer’s duty to provide a safe and harassment free environment provides no basis for a civil remedy. 

Rainy River (Town) v. Olsen, 2017 ONCA 605.

ONSC affirms damages award for “friend’s” leak of work schedule

On April 8th, the Ontario Superior Court of Justice affirmed a $1,500 damages award for a privacy breach that entailed the disclosure of information that the defendant received because she was the plaintiff’s social media friend.

The plaintiff and defendant were pilots who worked for the same airline. The plaintiff shared his work schedule with the defendant though an application that allowed him to share his information with “friends” for the purpose of mitigating the demands of travel. The airline also maintained a website that made similar information available to employees. The defendant obtained the schedule information through one or both of these sites and shared it with the plaintiff’s estranged wife.

There are a number of good issues embedded in this scenario. Is a work schedule, in this context, personal information? Does one have an expectation of privacy in information shared in this context? Does the intrusion upon seclusion tort proscribe a disclosure of personal information?

The appeal judgement is rather bottom line. In finding the plaintiff had a protectable privacy interest, the Court drew significance from the airline’s employee privacy policy. It said:

The policy of Air Canada, that must be followed by all employees, emphasises the privacy rights of the employees. This policy specifically prohibits any employee from disseminating personal information of another employee to third parties without express permission of the other employee. The sharing of personal information between employees is clearly restricted for work related purposes only. Permission to review and obtain this information is not given unless it is for work related purposes. If the information is reviewed and used for any other purpose, this results in conduct that constitutes an intentional invasion of the private affairs or concerns. In addition, I find that a reasonable person would regard this type of invasion of privacy as highly offensive and causing distress, humiliation and anguish to the person.

The defendant did not appeal the $1,500 damages award.

John Stevens v Glennis Walsh, 2016 ONSC 2418 (CanLII).

Ontario arbitrator upholds discharge for Facebook postings

On May 15th, Arbitrator Trachuk upheld the discharge of a short service crane operator for posting disparaging and sexually explicit comments about a female coworker on his Facebook. The decision is fact specific and not surprising. Arbitrator Trachuk, however, does make the following statement about admissions and apologies (in the context of a social media offence) that is sensible and of note:

The union asserts that the grievor’s apology is another mitigating factor. The grievor did apologize to the company in his first meeting and offered to apologize to X. An admission and an apology are not exactly the same thing. An admission after a person has already been caught is not worth much. The grievor’s offense was visible on his Facebook for many people to see for many hours. Therefore, admitting he had posted the comments was not the act of accountability that it would have been if he had come in and confessed before anyone had complained. However, a person may still be truly sorry after he is caught, although such apologies usually appear to be self-serving. That is why a grievor who wants to persuade an arbitrator about his sincerity will testify. This grievor did not. The grievor’s admission and apology can only be considered minor mitigating factors due to their timing and the grievor’s failure to testify.

United Steel Workers of America, Local 9548 and Tenaris Algoma Tubes Inc. (15 May 2014, Trachuk).

Complaint challenging timidity of employer response to attack blog dismissed

On January 22nd, the Ontario Grievance Settlement Board dismissed a group complaint alleging that an employer failed to respond appropriately to a union blog that attacked members of management.

Vice-Chair O’Neil heard the complaint. The following is her description of the content of the blog:

The more objectionable posts in evidence allege managerial corruption or negligence, such as never seeing inmates or having “screwed up” the previous attendance management program. Others insult managers in general, using terms such as useless, pathetic, vindictive, morons and misfits. Cartoons and comments referred to attendance management procedures and imposition of discipline as “kangaroo courts”. Suspensions for excessive use of force were referred to as attacks on people just trying to do their best, and it was suggested that the safety of the staff was never a concern. Mocking allusions to acquiescing to being strip searched were used to describe those in the union accused of lacking courage to take action against policies the blogger did not like. Staff who took acting assignments and worked overtime were criticized as siding with management, and managers who work significant amounts of overtime accused of having social problems. Pay for performance was characterized as bonuses for screwing up, and it was suggested that the superintendent and deputies would get a higher percentage of pay for performance the more short-staffed the institution was.

Some, but not all of the blog’s authors were identifiable. Nonetheless, the employer chose to take a measured approach to dealing with the blog and did not discipline any perpetrators. Instead, it authored a joint memo with the local union president that encouraged respectful conduct and issued its own warning letter to those responsible for the blog. The blog then became password-protected, which members of the targeted management group did not feel was an adequate resolution. They complained.

In dismissing the complaint, Vice-Chair O’Neil said the following about an employer’s duty to respond to workplace harassment:

In respect of providing a harassment-flee workplace, it is important to acknowledge that it is not humanly possible to prevent all behaviour that amounts to harassment, defamation or disrespectful behaviour towards employees. There are very real limits to the power of an employer to anticipate and control such behaviour even in the workplace, let alone outside its physical bounds. In recognition of this reality, the law does not make the employer responsible for all actions of its employees that have a negative impact on other employees. In the area of harassment in the workplace, arbitral case law has generally found, in the absence of a contractual provision requiring it to take particular action, that an employer will not be held liable unless it has been negligent or fails to act.

Vice-Chair O’Neil held that the employer did not fail to meet any specific requirement of the applicable policy and otherwise acted within its discretion.

Lee v Ontario (Ministry of CommunitySafety and Correctional Services), [2013] O.P.S.G.B.A. No. 1 (G.S.B.).

Municipality breaches privacy statute by communicating via Facebook

Last September 27th, the Newfoundland and Labrador OIPC held that a municipality breached the Newfoundland Access to Information and Protection of Privacy Act because an employee, in the course of her duties, identified the Facebook accounts of two members of the public and messaged them through her own Facebook account.

The OIPC held that this use of Facebook led the municipality to engage in an improper use of personal information and breach its safeguarding duty. One problem, according to the OIPC, was the use of a means of communication not governed at all by the municipality:

Facebook is a social media website that is accessible from any computer or device which is capable of accessing the internet. In this sense, the use of Facebook by the Town employee may be akin to the removal of personal information from the Town office. This is further exacerbated by the use of the employee’s own personal account to engage in this communication. From this perspective, the information must be protected in the same manner as used by other public bodies which allow for the removal of personal information from their facilities.

The OIPC made clear, however, that communicating personal information through a Facebook account in a public body’s name is also inappropriate. It said:

For the various security and identification issues outlined above, there is no way to ensure that personal information is properly protected on these websites. If an individual requests that communications with a public body be carried out in this manner, the public body must first satisfy itself that the identity of the Facebook account holder is confirmed, and furthermore that express consent be obtained from the individual acknowledging that the privacy of the communication cannot be guaranteed.

The OIPC gives little reasoning about why communicating through a Facebook account in a public body’s name is less secure than communicating through other kinds of corporate email services, but the concept of channelling communications that include personal information through a consumer service like Facebook (which is neither designed as an email service nor targeted at business) raises obvious concerns.

Report P-2012-001 (27 November 2012, OIPC Newfoundland).

Social media and the law – three nuggets and one blawger’s tale #ALC2013

I’m posting this from beautiful Edmonton, where I presented at the Alberta Law Conference social media session together with Diane McLeod-McKay (Alberta OIPC, Director, Alberta PIPA) and Doug Jasinski (Skunkworks Creative Group). Thank you to our Chair and warm host, uber-librarian Shaunna Mireau (Field Law). It was a nice balanced session, with a little marketing and communication, a little core privacy and a little “other,” all of which came together nicely to give helpful picture to our lawyer audience.

I was the “other.” My slides are below and deal with (1) the “licensed communicator” concept for governing business use of social media, (2) the social media civil production cases and (3) preservation of social media evidence. I also (as asked) spoke a little about my own blogging experience, an enjoyable first.

Facebook’s Graph Search: New Privacy Concerns?

According to a CBC News article (here), early reviews of Facebook’s new Graph Search feature are raising privacy concerns.  The search feature appears to be eerily effective in mining Facebook users’ information in responding to search queries.

For employers who may be considering using social media to verify information about current or prospective employees, the depth of information revealed by Graph Search highlights the risk that obtaining information through social media could amount to an invasion of privacy, or conflict with human rights laws (see the Ontario Human Rights Commission’s policy on using Facebook information).  Employers should tread carefully before using social media to obtain information about current or prospective employees, since the resulting information (even if obtained inadvertently) could create unanticipated liabilities.