In a recent landmark decision in the case of Jones v Tsige, the Ontario Court of Appeal created a new cause of action—“intrusion upon seclusion”—based on invasion of personal privacy.
Sandra Jones and Winnie Tsige worked at different branches of the Bank of Montreal. They did not know each other. Tsige became involved in a common-law relationship with Jones’s former husband and used her computer at work to look at Jones’s personal banking information, transaction details and personal information, at least 174 times over four years.
Tsige admitted she wrongfully viewed Jones’s information in violation of BMO’s Code of Business Conduct and Ethics, and her professional responsibility. She explained she was involved in a financial dispute with Jones’s former husband, and accessed the bank accounts to determine whether he was paying child support to Jones. She apologized for her actions. BMO suspended her for a week without pay and denied her a bonus.
Jones did not accept that explanation and sued Tsige for damages of $70,000 for invasion of privacy and breach of fiduciary duty, and for additional punitive and exemplary damages of $20,000.
The motion judge’s decision
Jones brought a motion for summary judgment against Tsige. The motion judge dismissed the claim for breach of fiduciary duty. The motion judge also held that Ontario law does not recognize a cause of action for invasion of privacy, and dismissed Jones’s motion for summary judgment. He granted Tsige’s cross-motion for summary judgment and dismissed the law suit, awarding costs fixed at $35,000 against Jones who he said had pursued the litigation aggressively and didn’t accept reasonable settlement offers.
The Ontario Court of Appeal’s decision
Jones appealed to the Ontario Court of Appeal, presenting two issues: does Ontario law recognize a cause of action for invasion of privacy; and did the Motion Judge err with respect to costs?
The Ontario Court of Appeal considered whether common law recognized the right of action for invasion of privacy, and reviewed case law from Ontario and other jurisdictions.
The Court confirmed the existence of a right of action for “intrusion upon seclusion”. It felt strongly that the facts of this case cried out for a remedy.
The essential elements of the tort
The key elements of the cause of action for intrusion upon seclusion are:
• The Defendant’s conduct must be intentional, including reckless behaviour;
• The Defendant must have invaded, without justification, the Plaintiff’s private affairs or concerns;
• A reasonable person would regard the invasion as highly offensive, causing distress, humiliation or anguish.
The Court emphasized that a claim for intrusion upon seclusion will arise only for deliberate and significant invasions of personal privacy, including matters like one’s financial or health records, sexual practices and orientation, employment, or diary or private correspondence that, viewed objectively on the reasonable person standard, can be described as highly offensive.
It also stated that claims for the protection of privacy are not absolute and may provoke competing claims such as for the protection of freedom of expression.
The Court held that proof of actual loss is not an element of the cause of action for intrusion upon seclusion. Where a plaintiff has not suffered a provable pecuniary loss, the damages fall into the categories of “symbolic or moral”. The amount of these damages will be modest—up to $20,000. Jones was awarded $10,000.
Given that the Court of Appeal specifically listed intrusions into one’s employment as a matter that would be described as highly offensive, employers should be aware of their vulnerability and risk exposure to claims of this nature. Therefore, appropriate steps should be taken by employers to:
• Inform employees of potential liability to third parties and other workplace consequences they face for the deliberate invasion of personal privacy;
• Keep employees’ records, and information resulting from computer audits and related investigations secure, and limit accessibility to authorized persons;
• Better preserve and improve privacy standards within and outside the workplace, including those relating to the use of private investigators who investigate possible insurance or other fraud outside the workplace;
• Review and bolster policies relating to computer use, monitoring and access to employee work systems, and those limiting an employee’s expectation of privacy with a computer provided by the employer, and concerning bag checks, locker and desk searches, and GPS devices on employee vehicles.
It must be noted the new tort of intrusion upon seclusion only applies to “deliberate (including reckless conduct) and significant invasions in personal privacy” and at times there are lawful reasons for looking into personal records.