Organization stumbles into BYOD nightmare

Hat tip to investigation firm Rubin Thomlinson for bringing an illustrative British Columbia arbitration decision to my attention. The remarkable April 2019 case involves an iPhone wiped by an employee’s wife mid-investigation!

The iPhone was owned by the employer, but it set it up using the employee’s personal Apple ID. That is not uncommon, but the employer apparently did not use any mobile device management software. To enforce its rights, the employer relied solely on its mobile device (administrative) policy, which disclaimed all employee privacy rights and stipulated that all data on employer devices is employer-owned.

Problems arose after the employer received a complaint that the employee was watching his female colleagues. The complainants said the employee “might also be taking pictures” with his phone.

The employer met with the employee to investigate, and took custody of the phone. The employee gave the employer the PIN to unlock the phone, but then asked for the phone back because it contained personal information. The employer excluded the employee and proceeded to examine the phone, but did not finish its examination before the employee’s wife (who the employee had phoned) remotely wiped the phone and refused to restore it with backup data.

The employer terminated the employee for watching the complainants (though not necessarily taking their pictures) and for insubordination.

The arbitrator held that the employer did not prove either voyeurism or insubordination. In doing so, he held that the employer had sufficient justification to search the phone but that it could not rely on its mobile device policy to justify excluding the employee from the examination process and demanding the recovery of the lost data. Somewhat charitably, the arbitrator held that the employee ought to be held “accountable for failing to make an adequate effort to encourage his wife to allow for recovery of the data” and reserved his decision on the appropriate penalty.

The employer took far too much comfort from its ownership of the device. Given the phone was enabled by the employee’s personal Apple ID, the employer was faced with all the awkwardness, compromise and risks of any BYOD arrangement. Those risks can be partially mitigated by the use of mobile device management software. Policy should also clearly authorize device searches that are to be conducted with a view to the (quite obvious) privacy interest at stake.

District of Houston v Canadian Union of Public Employees, Local 2086, 2019 CanLII 104260 (BC LA).

For Rubin Thomlinson’s more detailed summary of the case, please see here.

 

 

In snooping investigations, disclose the logs

When an employer confronts an employee with an allegation of improper access to personal information, it is important to give the employee the event log data that proves the allegation. It may often be voluminous and difficult to interpret, but presenting a general allegation or summarizing events without particulars will give the employee a good reason to deny the allegation.

This is what happened in this very illustrative British Columbia case in which an arbitrator held he could not infer dishonesty from the grievor’s initial failure to admit wrongdoing because the grievor had not been given log data. Also, if an employee continues to deny responsibility, log data can be difficult to rely upon; even if it can be established to be authentic, there are issues about presenting log data in a meaningful and privacy-protective way. An early admission can go a long way.

Fraser Health Authority (Royal Columbian Hospital) v British Columbia Nurses’ Union, 2017 CanLII 72384 (BC LA).

Two presentations all about information

Here are two recent presentations that may be relevant to you – one on finding internet evidence that I presented last Saturday at our firm’s PD day and another from a few days earlier on privacy, data security and CASL compliance at financial services firms. If you work in management and something catches your eye that raises questions do get in touch.

 

Lawyer’s communications with witnesses to harassment privileged, privileged waived

In late June of last year, Arbitrator Moore held that communications between a lawyer retained to investigate a harassment complaint and various bargaining unit members were subject to solicitor-client privilege, but that the employer waived privilege by relying on the investigator’s conclusions in its discipline letter.

The employer used a very strong retainer letter that clearly established the investigator’s mandate was to gather facts and evidence for the purpose of providing legal advice. The letter (admitted into evidence by the Union without challenge) was sufficient to establish that the sought-after communications were privileged. Significantly, Arbitrator Moore held that communications with unionized employees undertaken for the purpose of providing legal advice can still be privileged communications:

Thus, I have not been referred to any authority that supports the proposition that employees, by virtue of being unionized, are to be regarded as third parties.  While the legal rights of unionized employees are certainly impacted by the exclusive representational rights accorded to unions by statute, and may be further altered by collective agreement provisions, the employees are, in my view, still fundamentally employees of the employer.Accordingly, I do not find the fact that the employees are unionized to be a relevant consideration.  It does not alter my conclusion that they are not third parties.  The communications between the lawyer and the employees, therefore, took place within the relationship between the solicitor and the client and fall within the scope of the privilege.

Arbitrator Moore also rejected a very bold argument from the union that arbitrators should apply a distinct concept of solicitor-client privilege that provides “practical labour relations results for the participants.” Arbitrator Moore reasoned that the license given to labour arbitrators was not so broad “as to abrogate a principle as fundamental and protected as solicitor-client privilege.”

Although the employer established solicitor-client privilege and did not seek to rely on the investigator’s report at arbitration, Arbitrator Moore held that it waived privilege by relying on the investigator’s conclusion in its disciplinary letter. The letter read as follows:

The investigator concluded that your  conduct towards the complainant violated  Metro Vancouver’s Workplace Harassment Prevention Policy and directly contributed to a detrimental  work  environment  for  the  complainant  while he  was  employed  by  Metro Vancouver. Specifically, the investigator found that you were responsible for creating a harassing and discriminatory posting about the complainant and placing it in the Coquitlam guard house. In addition, the investigator found that you made discriminatory and harassing statements about the complainant in the work place. The investigator also concluded that you were not fully forthcoming with him during the investigation process. We accept the investigators [sic] findings and conclusions regarding your conduct. We conclude that your behaviour has been both discriminatory towards the complainant and has also violated Metro Vancouver’s expectations of appropriate employee behaviour.

As effective as the employer’s retainer letter was at establishing privilege, the employer’s discipline letter was a clear invitation to a waiver finding. This employer’s efforts nonetheless leaves other employers with a good road map for investigating sensitive internal matters under the protection of solicitor-client privilege. The retainer letter used by the employer is included in the award. It is a good model.

Vancouver (Regional District) v Greater Vancouver Regional District Employees’ Union, 2015 CanLII 87692 (BC LA).

Arbitrator says privacy concern did not justify altering records, wiping phone

On July 2nd, Arbitrator Peltz affirmed the discharge of a university support staff employee who altered billing records for his employer-owned cell phone and later wiped the phone after being directed to retrieve it so it could be examined.

The grievor worked in the university’s technology transfer office in a position of trust. After the university confronted him about excessive personal use of his phone the grievor deleted parts of phone records that showed his calling history. These records were stored on a university shared drive and were therefore to accessible to other employees in the grievor’s department. The grievor said he did this because he was concerned about the disclosure of his call history.

The university discovered the alterations. It called the grievor to an investigation meeting in which it heard the grievor’s position and advised the grievor that he would be placed on paid leave pending an examination of his cell phone and computer records. The grievor went to his office to retrieve his phone. When he did not return his supervisor investigated and found the grievor wiping his phone. The grievor continued over over his supervisor’s direction to stop, responding “I’m just deleting my personal information.”

Arbitrator Peltz found the grievor’s alteration of records to be culpable. He commented:

It is one thing to say that digital privacy is now highly valued in Canadian society. It is something else to claim a unilateral self help remedy without even consulting the employer whose records are being altered.

Arbitrator Peltz also held that the grievor was insubordinate because he intentionally frustrated the university’s plan to conduct a reasonable search. He said that the university had a reasonable concern about “all the greivor’s communications” and that due diligence required a “complete review, excepting personal matters.” Some effort to minimize the impact of the search may have been required according to Arbitrator Peltz, but the grievor should have stated his privacy concern rather than take matters into his own hands by wiping his phone.

University of Manitoba v Association of Employees Supporting Educational Services, 2015 CanLII 49535 (MB LA).

Arbitrator says association has no right of access to harassment investigation reports

On July 15th, Arbitrator Sheehan held that a police association did not have a right of access to a harassment investigation report.

Arbitrator Sheehan held that the employer denied access for “reasonable cause” – the need to encourage witness candour – and therefore acted consistently with its collective agreement. He also dealt with the broader premise for the association’s case and, in doing so, questioned the a finding in which the OLRB held that a union’s representational role justified a similar right of access He said:

I have some difficulty with extrapolating the reasoning in those cases, as support for a much broader proposition that a union will necessarily be entitled to otherwise private/confidential information associated with a particular operational decision of an employer; simply on the basis that the information in question will be of assistance to the union to fulfill its duty of fair representation obligations. Or more particularly, that the union is entitled to such information on the basis it would be helpful to the union in assessing whether it would be appropriate, in the circumstances, to file a grievance.

There are numerous scenarios where the employer has information in its possession that may be quite helpful to the union, in terms of assessing whether there has been a violation of the collective agreement; and therefore, a basis to file a grievance. For example, in a job promotion dispute, the employer typically has information which may involve the confidential evaluations or interview/test results of the candidates. Such information would, obviously, be useful for the union to review in terms of whether in fact a grievance should be filed on behalf of a senior employee not awarded the position. In that sense, the union has an “interest” in the disclosure of the information. The duty of fair representation obligations resting on the union, however, does not transform that “interest” in obtaining the information into a “right” of disclosure, which would obligate the employer to comply with a request to disclose; solely to assist the union, in their assessment of whether there is a basis to file a grievance.

The disclosure of employer documentation arising out of a disciplinary investigation may likewise be of particular assistance to the union in terms of evaluating whether in fact there is a basis to assert a violation of the collective agreement.  Again, as has been previously discussed, if the request for the information should arise in the context of the adjudication of a grievance challenging the issued discipline, there would be a presumptive right (subject to a valid claim of privilege) for the union to obtain production of such arguably relevant documentation. It is, however, an entirely different proposition to suggest, that the employer prior to the filing of a grievance, is obligated to forward that information to the union; on the basis the information may be of assistance to the union, in its assessment of whether there is a basis for filing a grievance.

For similar reasoning see Arbitrator’s Lanyon’s decision in Mount Arrowsmith Teachers’ Association.

Halton Regional Police Services Board v Halton Regional Police Association, 2015 CanLII 47877 (ON LA).

Arbitrator awards privacy damages for implying an employee suffered from mental distress

On December 4th, Arbitrator Andrew Sims ordered the Edmonton Police Service to pay a grievor $5,000 in damages for breach of privacy.

The case arises out of the Service’s handling of an intense interpersonal conflict between the grievor, a police detective, and his staff sergeant. The conflict led to a formal review in which the reviewing investigator recommended the grievor’s transfer to a new unit due to interpersonal problems, the responsibility for which was borne by the grievor and others. Before the Service addressed the recommendation, however, the grievor and his staff sergeant had an altercation.

The altercation invited an immediate decision to pursue the recommended transfer. Although the formal review had raised no concerns about the grievor’s mental health, when superintendent met with the grievor to advise him of the transfer she became concerned about his mental health on account of his reaction.

The superintendent raised the need for a psychological assessment, which the grievor undertook grudgingly but voluntarily. While this assessment was pending the superintendent met with the department and implied that the grievor was mentally unwell, in essence conveying the same opinion that was the basis for the pending assessment. In the end, a psychologist determined the grievor was “psychologically intact and functional.”

Based on the following analysis, Arbitrator Sims ordered the Service to pay $5,000 in damages:

Had the Employer described to a work group a physician’s diagnosis of a co-worker, that it had obtained in its role as employer, disclosure would clearly be a breach of the employee’s right to privacy of their personal medical information.  To anticipate a diagnosis, based only on personal observations, however genuine the concerns,and to discuss that in public, is just as serious a breach of privacy.  Arrangements were underway to get the grievor assessed.  Implying anything as to his state of health pending that assessment was inappropriate and unnecessary. The decision was made to transfer the grievor based on the problems he was having with his Staff Sergeant and the Unit Review.  This was decided before the health concerns arose from the interview.  Given that, there was really no need to go into whether the grievor had health issues at all. The emphasis on the grievors “H.R. issues” had the effect of adding undue emphasis to the suggestion that the broader issues in the unit, which were serious in themselves, were due to the grievor’s health issues.  That too was unjustified given the more balanced assessment in the unit review itself.  The grievor’s reputation amongst his peers, his need and ability to interact with them in future, and his sense of employment security were all impacted by the excessive commentary during this meeting.  While I accept that the comments were made out of genuine (although to a significant degree unfounded) concern, they amounted to a breach of privacy and caused harm to the grievor’s privacy interests. Police officers are particularly dependent upon their reputation amongst their peers.  Any suggestion of mental problems or unreliability can seriously hurt their working relationships and their careers.  I find these breaches of privacy sufficiently serious to justify financial compensation which, based on a review of the authorities discussed above, I award at $5,000.

Edmonton Police Service v Edmonton Police Association, 2014 CanLII 73072 (AB GAA).

A broader implication of the SCC’s decision in Fearon

The Supreme Court of Canada issued R v Fearon on December 11th. A 4-3 majority held that the police can search a cell phone incident to arrest without a warrant but subject to various limitations prescribed by the Court. One always must be careful in drawing too much from the Court’s handling of a specific issue in a specific context, but the dialogue between the majority and minority about the mitigating effect of a computer inspection protocol is notable for organizations.

The majority allows warrantless searches, in part, based on a finding that the privacy impact of a cell phone search incident to arrest can be meaningfully mitigated by the application of a “tailored” inspection. Justice Cromwell explains:

First, the scope of the search must be tailored to the purpose for which it may lawfully be conducted. In other words, it is not enough that a cell phone search in general terms is truly incidental to the arrest.  Both the nature and the extent of the search performed on the cell phone must be truly incidental to the particular arrest for the particular offence. In practice, this will mean that, generally, even when a cell phone search is permitted because it is truly incidental to the arrest, only recently sent or drafted emails, texts, photos and the call log may be examined as in most cases only those sorts of items will have the necessary link to the purposes for which prompt examination of the device is permitted. But these are not rules, and other searches may in some circumstances be justified. The test is whether the nature and extent of the search are tailored to the purpose for which the search may lawfully be conducted. To paraphrase Caslake, the police must be able to explain, within the permitted purposes, what they searched and why: see para. 25.

This approach responds to the privacy concerns posed by the virtually infinite storage capacity of cell phones by, in general, excluding resort to that capacity in a search incident to arrest.  It would also provide these protections while preserving the ability of the police to have resort to basic cell phone data where this serves the purposes for which searches incident to arrest are permitted.

Given the Crown bears the onus of establishing a reasonable search incident to arrest, the majority makes clear that police must take “detailed notes” of their inspection process.

For the minority, the privacy interest in a cell phone is too great to permit any warantless intrusion. Justice Karakatsanis also calls the majority’s reliance on the mitigating effect of a tailored inspection protocol “complicated,” “impractical” and inviting of “after-the-fact litigation.”

Organizations have been reckoning with an expectation of privacy on workplace computers since the Supreme Court of Canada’s 2012 finding in R v Cole. I’ve argued elsewhere that, notwithstanding Cole, the standard for employer searches will likely remain reasonably permissive. The reasoning in Fearon can be used by employers to argue for a permissive search standard. Employers should be careful, however, to (1) document the purpose of their inspections and (2) follow a logical, documented inspection process. Justice Karakatsanis is correct; litigation about the manner in which a computer inspection has been conducted is too easy to foresee.

 R v Fearon, 2014 SCC 77 (CanLII).

 

Arbitrator orders damages for employer’s unauthorized call to personal doctor

On September 25th the Grievance Settlement Board ordered the province to pay $2,500 in damages for making an authorized call to an employee’s personal doctor. Vice-Chair Fisher based the award on the province’s failure to respond appropriately to the breach and evidence of mental distress:

However the Grievor is also entitled to a further remedy for this serious breach of the MOS. I am deeply troubled by the fact that Ministry apparently made no attempt to ascertain who in fact made this improper phone call. One would think that the Ministry would have some interest in trying to determine who in fact made such an inappropriate phone call, but apparently they did not.

The Grievor indicated that these series of events caused him distress and that he felt disgusted by the actions of the person whom made the call to his doctor without his consent. The Grievor is entitled to monetary damages for his distress. Although he did not receive any medical attention for this distress, it does not mean that his distress was not real.

The Union proved the call and not the identity of the caller, but the province did not take steps to rebut the inference that the call came from someone in its employ. The caller obtained information about appointments the grievor had attended from a medical secretary who was subsequently reprimanded for her breach.

Ontario Public Service Employees Union (Spicer) v Ontario (Labour), 2013 CanLII 72580 (ON GSB).

Arbitrator says that an employer owes an employee no duty to investigate reasonably suspected wrondoing

On December 21st, Ontario arbitrator Ian Anderson dismissed a termination grievance brought by an employee who was terminated for bringing personal computing devices into a high-security workplace and downloading significant volumes of unauthorized (and risky) software onto an employer’s network.

The outcome is driven by the facts, but Arbitrator Anderson did deal with an asserted employer duty to investigate suspected wrongdoing. He dismissed the union’s argument that the employer could not charge the grievor with the downloading offence given it did not investigate and discover the grievor’s downloading sooner, at the same time it discovered and disciplined the grievor with excessive internet use. Arbitrator Anderson said:

The Union suggests that an employer has a responsibility to investigate potential misconduct of which it has reasonable suspicion. Put differently, the Union suggests that in order to justify discipline delayed on the basis of earlier lack of knowledge of the alleged misconduct, there must previously have been no reasonable basis to suspect that misconduct.

The Union’s argument, as I understand it, is not restricted to circumstances that might give rise to estoppel. Absent some provision in the collective agreement, I do not agree that there is such a general duty of investigation on an employer. Nor, in my view, is this proposition supported by the cases relied upon by the Union.

General Dynamics Land Systems v National Automobile, Aerospace, Transportation and General Workers Union (Caw-Canada, Local no 27), 2012 CanLII 86240 (ON LA).