Skip to main content

Invasion of Personal Privacy Tort Comes to Canada

Thanks to our guest columnist and our friends at Blakes --

Written by Jacqueline D. Shinfield

In a significant decision by the Ontario Court of Appeal, (Jones v. Tsige, 2012 ONCA 32), the Court of Appeal recognized for the first time in the province of Ontario, a distinct right of action for invasion of personal privacy or “intrusion on seclusion”.

The facts of this particular case are important to consider in understanding the rationale that pushed the Court to recognize a cause of action for invasion of privacy, as the Court noted in its decision that “we are presented in this case with facts that cry out for a remedy”.

Both Jones and Tsige worked at different branches of the Bank of Montreal where Jones maintained her primary bank account.  The parties did not know each other but were indirectly involved in a triangle relationship as Tsige was involved in a common law relationship with Jones’ former husband.  Tsige, who was in a financial dispute with Jones’ former husband, used her workplace computer to access Jones’ personal bank account 174 times, to determine if Jones’ former husband was paying Jones child support.  By doing so, she was able to view transaction details, and Jones’ personal information including her birth date, marital status and address.  In should be noted that Tsige did not publish, distribute or record the information in any way.

As a result of these actions,Jones brought an action against Tsige asserting, among other things, that her privacy interest in her confidential information had been “irrevocably destroyed” and claimed damages for invasion of privacy.

In reaching its decision, the Court stated that it was appropriate to confirm the existence of a right of action for “intrusion upon seclusion”  and that the recognition of such a cause of action was consistent with the role of the Court to develop the common law in a manner consistent with the changing needs of society.  As such, the Court noted that it was within the capacity of the common law to evolve to respond to “the problems posed by the routine collection and aggregation of highly personal information that is readily accessible in electronic form”.

In recognizing the cause of action for intrusion of seclusion, the Court set out the four elements that must be demonstrated for a successful cause of action:

1.         an unauthorized intrusion;

2.         that the intrusion was highly offensive to a reasonable person;

3.         the matter intruded upon was private; and

4.         the intrusion caused anguish and suffering.

However, the Court also was cautious to limit the application of this tort to “deliberate and significant” invasions of personal privacy which involve one’s financial or health records, sexual practices and orientation, employment, diary or private correspondence that, when viewed objectively, can be described as “highly offensive”.  Notably, the Court indicated that proof of harm to a recognized economic interest was not an element of the cause of action, however, given the intangible nature of the interest protected, damages for the tort of intrusion upon seclusion will ordinarily be measured by a “modest conventional sum”.

The Court went on to fix a range of damages for these types of cases at up to $20,000 and placed the Jones v. Tsige case in the mid-point of the range and awarded damages to Jones in the amount of $10,000.

The case is significant for numerous reasons.  As a starting point, it establishes a common law claim for intrusion upon seclusion which is actionable even if no actual damages are suffered.  As such, actions now can be brought successfully against individuals for breaches of privacy.  Secondly, and perhaps more importantly, this case opens the door for class actions based on the cause of action of invasion of privacy given that there is no requirement for any person to suffer actual economic loss.  This may prove significant in data breach situations.  Lastly, from an employment law context, it will become increasingly more important for employers to have policies which expressly address an employee’s internet and e-mail usage at work and outline the employer’s monitoring rights in respect of this type of activity.

It would not be surprising if the decision is appealed, but until such time, the tort of “intrusion upon seclusion” is alive and well in Ontario.

Subscribe To Viewpoints

Author

Cynthia J. Larose

Member / Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.