Workplace Investigations

Claim based on Intrusion on Seclusion

Intrusion on Seclusion

A private employer, and presumably the investigator, could be sued for breach of the expected privacy of an employee for reading an employee’s private files and email, text messages and similar electronic communications saved on the employer's cyber system, as reviewed here. The investigator who initiates such action certainly will do so with potential liability. Similarly, documents given to them by the employer which have been obtained in a manner contrary to reasonable expectations of privacy may lead to the same conclusion.

The damage claim may exceed the damage range offered in Jones and the cases following, as the termination of employment may be a consequence of such misadventure. Such a claim would not be limited to a notice period but rather would be fashioned as a tort remedy.

The Ontario Court of Appeal decision in Jones v Tsige defined the claim as follows:

The key features of this cause of action are, first, that the defendant's conduct must be intentional, within which I would [page262] include reckless; second, that the defendant must have invaded, without lawful justification, the plaintiff's private affairs or concerns; and third, that a reasonable person would regard the invasion as highly offensive causing distress, humiliation or anguish. However, proof of harm to a recognized economic interest is not an element of the cause of action. I return below to the question of damages, but state here that I believe it important to emphasize that given the intangible nature of the interest protected, damages for intrusion upon seclusion will ordinarily be measured by a modest conventional sum.
(d) Limitations

[72] These elements make it clear that recognizing this cause of action will not open the floodgates. A claim for intrusion upon seclusion will arise only for deliberate and significant invasions of personal privacy. Claims from individuals who are sensitive or unusually concerned about their privacy are excluded: it is only intrusions into matters such as one's financial or health records, sexual practises and orientation, employment, diary or private correspondence that, viewed objectively on the reasonable person standard, can be described as highly offensive.

[73] Finally, claims for the protection of privacy may give rise to competing claims. Foremost are claims for the protection of freedom of expression and freedom of the press. As we are not confronted with such a competing claim here, I need not consider the issue in detail. Suffice it to say, no right to privacy can be absolute and many claims for the protection of privacy will have to be reconciled with, and even yield to, such competing claims. A useful analogy may be found in the Supreme Court of Canada's elaboration of the common law of defamation in Grant v. Torstar where the court held, at para. 65, that "[w]hen proper weight is given to the constitutional value of free expression on matters of public interest, the balance tips in favour of broadening the defences available to those who communicate facts it is in the public's interest to know."

It would be prudent to tread very softly on personal information stored on the employee’s computer or that which is backed up on the company’s server.

Business communications would very likely be fair game.

A New Brunswick court considered the plaintiff's assertion that the employer's conduct in following her Facebook postings was actionable. The short answer to this assertion was that the apparent decision of the employee to set her settings as "public" could not allow for such a claim. 1 The same case, in a second hearing, determined the company's access to the plaintiff's icloud account, was actually the company's iclould account, that the access was limited to the search for one document and for a legitimate business purpose:

I also accept Ms. McKeeman’s evidence that she examined the photos for a lawful reason, i.e. to search for the photo which the disappointed client had requested.  I recognize that a search with the assistance of Ms. Cairns had been conducted earlier but I find that because it was the defendant’s iCloud account she was searching, on the defendant’s iPhone which she had no way of knowing was connected to the same iCloud account as Ms. Cairns’ personal iPhone, she was justified in examining what she believed were photos taken by Ms. Cairns in her capacity as an employee of the defendant in hopes of satisfying a disappointed client.

[25]   Moreover, at the time it was accessed by Ms. McKeeman and forwarded to her supervisor, Jean McLean, i.e. two weeks after this action was started, it was a document that Ms. Cairns was obligated to disclose to the defendant in her affidavit of documents. Considering the totality of the circumstances, then, I find that Ms. Cairns had no reasonable expectation of privacy vis a vis the defendant in respect to the medical note.

 [26]   Further, although the disclosure of the note to Ms. McLean was intentional, I find that given its contents and the defendant company’s disclosure obligations in the ongoing litigation to which it was relevant, that disclosure was both necessary and legally justified.

[27]   I therefore find that because the defendant company’s access to Ms. Cairns’ personal information was both unintentional and for a legitimate purpose, its accessing the iCloud account did not constitute an invasion of her private affairs without lawful justification.