March 14, 2012
The Ontario Court of Appeal recently recognized a new common law tort of invasion of privacy: “intrusion on seclusion” in the case of Jones v. Tsige.
This case involved a bank employee, Winnie Tsige, who unlawfully on 174 occasions accessed the personal bank information of another bank employee, Sandra Jones. Both were employed with the Bank of Montreal (BMO). Tsige was involved in a common-law relationship with Jones’ former husband and had been involved in a financial dispute with him at that time.
It turns out that Tsige had been accessing Jones’ financial information for personal reasons so as to confirm whether or not Jones’ former husband was paying her child support. Tsige acknowledged that she had no legitimate reason for accessing Jones’ personal account and that she knew her actions were contrary to BMO’s policies. BMO disciplined Tsige by suspending her pay for one week and denying her a bonus. Jones decided to sue Tsige in response to this unlawful breach of privacy.
The Court of Appeal acknowledged that though Ontario had not formally recognized a tort of invasion of privacy in the past; technological change and the egregious factual circumstances of this case necessitated the need for additional legal protection of an individual’s right to privacy.
The tort of intrusion on seclusion is made up of three principle components:
The Court of Appeal made it clear that a claim for intrusion upon seclusion will arise only for deliberate and significant invasions of personal privacy and that it does not require proof of economic harm. Furthermore, the Court of Appeal set an upper threshold for assessing damages at $20,000. Punitive and aggravated damages may also be awarded in especially egregious circumstances.
In this case, the Court of Appeal granted Jones a mid-range award, assessing the damages at $10,000. In awarding this amount, the Court of Appeal balanced Tsige’s deliberate and repeat invasions of Jones’ privacy with the fact that Jones did not suffer any public embarrassment or harm and took into consideration the fact that Tsige apologized for her misconduct.
This case makes it clear that employers need to establish clear privacy policies dealing with the protection of employee and/or third party private information collected or accessed by other employees. In addition, employers will need to develop action plans to deal with any breaches of privacy on the job by their employees. This type of proactive approach by employers will help make it abundantly clear that this type of behaviour is not tolerated and may help reduce an employer’s liability in the face of potential claims or allegations raised by customers, employees and/or other third party victims of such employee breaches.
Please contact Dale & Lessmann LLP at the number listed below for further information on how to ensure that your organization’s privacy policies are up to standard.