Administrators Have No Place in the Bedrooms of Plan Members

When a pension plan member divorces his or her spouse, often the accrued pension benefits are the single largest family asset.  H0w a pension benefit is divided varies by jurisdiction, with some jurisdictions entitling the former spouse to all of the benefits accrued during the period of marriage.  What’s more is that some jurisdictions allow former spouses to “unlock” the divided interest prior to the member’s retirement, rather than requiring the monies to continue to be used only for pension benefits.

But what happens when a couple decides they want to access the accrued pension benefits and are willing to go through with a divorce to get access?  What if the couple just happens to reconcile shortly after the benefits have been transferred?  Can an administrator investigate and question the validity of the divorce?  Apparently not.

In 2009, Continental Airlines filed a lawsuit against nine of its pilots claiming that the pilots filed fake divorces in order to receive early distribution of their pension benefits.  Many of the pilots continued to cohabitate with their ex-spouses, and in many instances they did not inform any of their family or friends that they had gotten a divorce.  Continental sought restitution to the pension plan of the benefits that were distributed to the spouses on the basis that the divorces were “shams”.  The trial court dismissed Continental’s claim, holding that Continental did not have the right to investigate employees’ divorces in order to decide whether those divorces were authentic.

The 5th U.S. Circuit Court of Appeals recently dismissed Continental’s appeal of the lower court decision.  The Court of Appeal agreed with the lower court that the relevant legislation (ERISA) does not authorize an administrator to consider or investigate the subjective intentions or good faith underlying a divorce.  On the contrary, the legislation requires benefits be divided in satisfaction of a qualifying marriage breakdown order that has met the necessary prescribed criteria, of which the divorce being done in good faith is not a factor.  Therefore, the administrator could not interfere by investigating the bona fides of the divorces.  Only where a court finds that a divorce is, in fact, a sham could an administrator refuse to pay out the divided pension.

Counsel for the pilots are championing the decision as a victory for employee privacy rights, given the restrictions on administrator’s abilities to investigate plan members’ family relationships.

Social Media Use by Teachers and Students: OCT Recommends Limits

The Ontario College of Teachers has recently issued a professional advisory recommending strict limits on interactions between teachers and students through social media.  The advisory emphasizes that teachers are professionals, who are held to high standards of conduct, in both their professional and private lives.  Since inappropriate electronic communications with students – including those outside of school hours and unrelated to school matters – can lead to teacher discipline, and even criminal charges, the OCT recommends that teachers take certain precautions in their electronic communications, particularly through social media.  Among other guidelines, the advisory recommends that teachers:

  • not be “friends” with students on Facebook, refrain from “following” students on Twitter, and otherwise avoid personal connections with students on social media;
  • notify parents before using social media for classroom purposes; and
  • use appropriate privacy settings when using social media, to ensure that students may not access personal or inappropriate postings.

The recommendations are not surprising, given the high standards of conduct expected of teachers, and the perils teachers may face from inappropriate use of electronic media – as illustrated by the recent Ontario Court of Appeal decision in R. v. Cole.

Although specific to the educational context, the OCT’s professional advisory reflects the importance of addressing the impact which social media, and electronic media in general, can have in various settings.  Employers should consider whether the dynamics of their workplace justify guidelines or policies on the appropriate use by employees of social media, for example, in their interactions with each other or with customers, suppliers or other parties.

A link to the OCT’s professional advisory is here, and a related CBC article is here.

Case Report – Receipt of unsolicited e-mail not a “collection” under privacy statute

On May 14th, the Information and Privacy Commissioner/Ontario dismissed a privacy complaint by a university professor who alleged his university had improperly collected and used his personal e-mails for disciplinary purposes.

The complainant sent e-mails about a weekly event series from his personal account to a list of over 1000 individuals. The emails apparently contained statements that encouraged recipients to “send to friends.” The e-mails were received by one or more University administrators, who forwarded them to other administrators for “operational purposes.” The University ultimately imposed discipline on the complainant based on the content of the e-mails.

The investigator held that the University did not collect the unsolicited e-mails. He reasoned that the use of the terms “obtained and compiled” elsewhere in the Act indicate that the legislature contemplated means of coming into custody or control of personal information other than collection. He also reasoned that the requirement to give notice of collection suggests that collection requires something more active than demonstrated by the University.

Regarding the allegation of improper use, the Investigator held that the e-mails were used by the University for a purpose consistent with the purpose for which they were obtained or compiled:

In this case, the e-mails were obtained by the University on an unsolicited basis. In order to administer its operations effectively, a University is required to review and address correspondence, including e-mails that are received on an unsolicited basis. Based on the information before me, the University compiled the e-mails for the purpose of addressing issues related to the operation of the University. Accordingly, I am satisfied that the University obtained or compiled the e-mails for the purpose of the effective administration of the University.

The finding about unsolicited receipt of personal information is based on an interpretation of FIPPA, but is of relatively broad significance given the parts of FIPPA relied upon by the investigator are neither technical nor unique. The decision also raises a notable jurisdictional issue about records that are obtained for a non-employment related purpose and subsequently used for an employment-related purpose and FIPPA’s employment-related records exclusion.

University of Ottawa (Re), 2010 CanLII 30187 (ON I.P.C.)

Desert island privacy cases for employment lawyers

I presented at the Law Society of Upper Canada’s “Six Minute Employment Lawyer” conference today. It was a very good honour to be invited to this successful and long-running program. Thanks to the LSUC and also to Co-Chairs Christine Thomlinson (see her firm’s blog here) and Malcom McKillop.

I managed to catch a few presentations from other more senior members of our bar. Other blawgers were also well-represented. It was nice to see Michael Fitzgibbon, Stuart Rudner and Omar HaRedeye, albeit briefly. Omar, if you have a Twitter stream of the event, please link it in a comment below.

I did a presentation called “Desert island cases for employment lawyers.” If you like case lists, check out the slides below. Slides with notes are over at SlideShare.

Key issues in workplace privacy presentation

I spent most of the day today at the Canadian Institute’s Meeting Your Privacy Obligations conference. It was a very good show, and I managed to catch great presentations by Frank Work, Robin Gould-Soil (of TD Financial Group) and David Fraser. I did a “hot issues” style presentation on workplace privacy. Two thirds of the content is refined from the slides I posted yesterday, but there’s an additional part on background checks. Notes are in the slides over at Slideshare.

Social media and employee privacy presentation

I presented at Insight’s Social Media – Risks & Rewards conference this morning on two narrow issues related to employee use of social media technology and privacy – monitoring workplace systems for misuse (a favorite, as you know) and the right of an employer to control employee “off duty” publication. The audience seemed sophisticated, and I regret that I couldn’t stay. Thanks to the audience for the discussion and the organizers for the invite. Slides are below, with slides and notes over at Slideshare.

Workplace Privacy Presentation at the HRPA 20X Annual Conference and Trade Show

On January 27, 2010 I’ll be giving a presentation entitled “Everything You need to Know About Workplace Privacy” at the HRPA’s 20X Annual Conference and Trade Show.

I designed the presentation today around the following topics:

  • Employee privacy rights – the patchwork quilt
  • How to run an internet background check
  • Why and how your acceptable use policy needs to change
  • Yes, you can transfer that data to the U.S., but…
  • How to manage the risk of communicable diseases in the workplace

I’m looking forward to the opportunity to touch on these hot issues and have also left lots of time for questions. If you’re an HR professional who’s attending the conference please consider joining my session.

Case Report – Workplace surveillance system survives arbitral scrutiny

On July 4th, Arbitrator Craven partially upheld a policy grievance which challenged the expansion of an employer’s in-plant video surveillance system but nonetheless gave a strong endorsement to the employer’s purpose for using video surveillance.

The grievance was about the expansion of a system video cameras in a meat packing plant. The system featured un-monitored, high resolution cameras, some of which were fixed on work areas. It recorded digital images which were retained as long as disk space permitted and apparently not based on a fixed retention period.

Although there was some ambiguity about the purpose of the system, Aribitrator Craven ultimately found that the purpose of the system was, “to investigate plant security, industrial discipline and food safety incidents that come to the Employer’s attention by other means than monitoring the video in real time or viewing or sampling the recordings.” He held this investigatory purpose was legitimate. He also made clear that the employer was not using the cameras to “systematically collect information about employees or to identify occasions for discipline.”

Arbitrator Craven’s distinction between using cameras to support an investigation and using cameras to monitor is strong. He suggests that an investigatory purpose is more likely to be upheld as a legitimate exercise of management rights and less likely to be objectionable because of its intrusiveness. On the intrusiveness issue, he explains:

Indeed, it is a misnomer to describe what the camera system does as ‘observation’ at all. It merely optically, mechanically and electronically collects, transmits and records digital information which does not constitute ‘observation’ until a human observer views the displayed or recorded images. If the cameras continued to operate but no-one viewed the images, we might still describe what was happening as ‘surveillance,’ but surely not as ‘observation.’ It is the potential for observation, not its inevitable realization, that underlies the weak analogy between camera and supervisor. (Compare the characterization of electronic surveillance as ‘inhuman’ (page 30) and indeed ‘fundamentally anti-human (page 29) in Re Puretex Knitting Co. Ltd. and Canadian Textile and Chemical Union (1979) 23 L.A.C. (2d) 14 (Ellis).)

As the Union presents its case, the main argument to the intrusiveness of the video surveillance sys-tem is its capacity for monitoring employees, whether in real time or by systematic subsequent review of the recordings. I accept the Employer’s evidence that it does not monitor employees.

Arbitrator Craven focuses on the use of the cameras rather than their mere presence. Not surprisingly then, he was uncomfortable about the lack of:

  • policy-based restrictions on the use of data (i.e. about the risk of “scope creep”);
  • the absence of a formal data retention rule; and
  • (most interestingly) the absence of rules governing union access to data.

Based on a separate finding that the employer had breached a technological change provision in its collective agreement by not engaging in discussions with the union when it expanded the system, he ordered the employer to meet with the union to engage in discussions, implying that the parties should deal with his concerns by way of mutual agreement.

Cargil Foods, a Division of Cargill Ltd. v. United Food and Commercial Workers International Union, Local 633 (Privacy Grievance), [2008] O.L.A.A. No. 393 (Craven) (QL).

Case report – Condonement means employer barred from investigating computer misuse

On September 24th the Office of the Information and Privacy Commissioner for British Columbia held that the University of British Columbia violated the British Columbia Freedom of Information and Protection of Privacy Act by conducting a “reasonable grounds investigation” of an employee’s personal computer use.

The employee, an engineering technician, had a history of productivity problems. Although the University adduced evidence that it was managing the
employee’s performance, the complainant countered with evidence that he used his computer for non-work-related purposes openly and that and that the University tolerated this. The University’s acceptable use policy also allowed for “incidental personal use” within some restrictions.

The University decided to investigate the employee’s computer use after receiving a complaint about the his untimely service. It started by collecting the log file that listed websites visited. This showed a significant number of non-work-related websites, so the University then used software (spyware) to collect data that allowed it to identify the period of time the grievor spent on non-work-related sites. The spyware also captured screen shots in two minute intervals and, as a result, captured the employee’s personal correspondence, his bank account number and other information about his personal finances.

The adjudicator held that the University was not authorized to collect the log file, the more detailed information collected by the spyware and the screenshots. Her decision is significant for three reasons.

First, the adjudicator applied the contextual necessity test recently articulated by Commissioner Loukidelis in Order F07-10 (my report here). In this test, necessity is assessed in the entire context and in light of the privacy-protective purpose of the Act. In discussing this test, the adjudicator held that an employer must not necessarily exhaust all less intrusive means of meeting a legitimate objective to meet the necessity test, but that this is one factor to consider in the analysis.

Second, the adjudicator’s reason for finding that the collection of screen shots was violative rules out the collection of screen shots as an investigatory tool unless the content of the websites is the basis for the investigation – e.g. for pornography investigations. She said:

Information which reveals the complainant’s specific activities on non-work related websites is not, in this case, directly related to UBC’s human resources activities. As UBC notes, this is not a case involving an allegation that an employee accessed inappropriate material on the internet. The specifics of the complainant’s banking transactions, or his personal correspondence, are not relevant to any program or activity of UBC’s. The GESS Report, therefore, has some information that is relevant to managing the complainant’s employment, and some information which is not.

Third, in finding it was not necessary for the University to collect the log data and information about the amount of time the employee spent on non-work-related sites, the adjudicator relied heavily on the University’s permissive approach to personal use. In light of this approach, she held that the next necessary and reasonable step would have been to put the employee on notice of his misconduct rather than conduct surreptitious surveillance.

It is difficult to understand how the surreptitious collection of information about an employee’s internet use can be necessary in the absence of any attempt to question the employee about his activity, especially when the supervisor was aware of that activity and the complainant knew the supervisor was aware of it.

While it would be easy to frame this case as a message to employers about the harms of condoning personal use, there may be more to it than first meets the eye. This is because the foundations of workplace computer use are arguably changing. Not only are the internet applications used in day-to-day living more pervasive, the rise of “Web 2.0” is starting to blur the line between personal use and business use. One may also argue that employees in some sectors (especially professionals) are spending more and more of their waking day working. So can the reasonable employer afford to do anything but condone personal use? And what does this do to the idea, accepted widely in the existing case law, that an employee should have no expectation of privacy on a work computer system? This case may signal a next wave in workplace monitoring litigation in which some of these questions will be raised and answered.

University of British Columbia (Re), 2007 CanLII 42407 (BC I.P.C.).