Privacy During a Pandemic: Managing Increased Litigation Risk

Previous Dentons Data blog post have explained the application of privacy laws during this pandemic (see here and here) – hint: they still apply. This post builds on that and addresses the privacy litigation risks associated with any failures to comply with these laws, even – and especially – during this pandemic. We ask: What does COVID 19 mean from a privacy litigation risk perspective, and what can companies do to mitigate that risk?

The Litigation Landscape: Where were we before COVID-19?

Following the Court of Appeal for Ontario’s 2012 decision in Jones v. Tsige, establishing the tort of intrusion upon seclusion, there has been a proliferation of class actions relating to alleged privacy breaches.

Read More

No Vicarious Liability of Employers for Data Breach – A Good News Story from the UK

A continuing anxiety for Canadian business is their liability for the deliberate wrongdoing of an employee, who for reasons of his or her own, steals personal information and releases it publically. Employers with even the most robust of cybersecurity and privacy protections can still fall victim to a rogue employee.

There is currently no final decision in Canada on whether a corporation can be vicariously liable for the actions of a rogue employee who breaches the privacy of the company’s employees or customers. To date, that issue has been addressed only at the certification stage of class proceedings on a preliminary basis.

Read More

Four of a kind: Ontario Recognizes the Fourth Privacy Tort – False Light

In late 2019, the Ontario Superior Court recognized the tort of placing a person in a false light for the first time. This landmark decision completes the set of four privacy torts, which are now all recognized in Ontario, and has implications for businesses.

For background on the three other privacy torts, intrusion upon seclusion was recognized by the Ontario Court of Appeal in Jones v Tsige in 2012. Following this landmark ruling, in 2016 and again in 2018, the Ontario Superior Court recognized the tort of public disclosure of private facts.[1] Misappropriation of personality has been recognized in Ontario since the 1970s.[2]

Read More

At What Point Does the Failure of an Organization’s Security Safeguards Amount to Recklessness?

The tort of intrusion upon seclusion, as set out by the Ontario Court of Appeal in Jones v Tsige, requires the defendant’s conduct to be intentional, or, at a minimum, reckless. The question is: at what point does the failure of an organization’s security safeguards amount to recklessness? This was the question addressed by the Ontario Superior Court of Justice in the recent case, Wilson-Flewelling v Queensway Carleton Hospital, 2019 CanLII 65155 (ON SCSM) (“Queensway Carleton Hospital”).

The facts

The court heard that the Plaintiff, Ms. Wilson-Flewelling, had attended the defendant hospital (“Hospital”) to book a surgical procedure, that the Hospital’s medical office administrator had left a completed surgical booking package in the Hospital’s dedicated, locked drop box, and that the Plaintiff had unexpectedly received the package in the mail a week later.

Read More

Claims for Both Punitive Damages and Damages for Intrusion Upon Seclusion Survive

The Issue

Does entering someone’s house while he is out of the country and stealing his personal documents amount to conduct that is so reprehensible that it might warrant an award for punitive damages on top of damages for breach of privacy? This was the question addressed by the Ontario Superior Court of Justice in Furfari v Pedias, 2019 ONSC 4278 (“Furfari”).

The Facts

The Plaintiff, Mr. Furfari, had previously been friends with the Defendant, Mr. Pedias, and his brother Mario, who was the vice-president of the company that the Plaintiff had previously worked for, and which was now suing him in unrelated action.

Read More

Lack of Signature Block in Emails Fatal to Debt Enforcement

If you find work-related emails to be ubiquitous, you will likely find the same of signature “blocks”, setting out the sender’s name, position and contact information. Block signatures, however, have real legal impact. A recent British Columbia decision (Lesko v. Solhjell, 2019 BCCRT 941) on this point is instructive for any sender or recipient of electronic messaging related to a transaction.

The decision arose from a personal debt matter. At issue was whether emails and texts from the debtor contained an acknowledgment of liability. If not, the claim was statute-barred for tardiness since it was filed (just) over two years after the original demand for payment.

Read More

Use of AI Algorithm Triggers Lawsuit and Countersuit

As artificial intelligence (AI) becomes less of a curiosity and more of an everyday tool, disputes are increasingly arising over its operation and, when things go wrong, the question inevitably arises: whose fault is this and who’s liable? One high-profile example is the ongoing dispute between Hong Kong businessman Samathur Li Kin-kan and London-based Tyndaris Investments, in which Tyndaris is suing its client for $3 million in allegedly unpaid fees. In a countersuit, Mr. Li is claiming $23 million in damages allegedly resulting from Tyndaris’ use of algorithmic trading in managing his portfolio.

Tyndaris Case

The dispute centers around whether Tyndaris misled its client as to the AI’s capabilities, which means that the AI’s performance itself will be adjudicated.

Read More