• First Reference
  • About us
  • Contact us
  • Blog Signup 📨

First Reference Talks

Discussions on Human Resources, Employment Law, Payroll and Internal Controls

  • Home
  • About
  • Archives
  • Resources
  • Buy Policies
You are here: Home / Employee Relations / Privacy class action to proceed

By Adam Gorley | 2 Minutes Read July 22, 2014

Privacy class action to proceed

eye-privacyCanada will see its first class action lawsuit based on the new tort of invading another’s privacy, after a Bank of Nova Scotia employee leaked customers’ personal information to his girlfriend for personal gain. At least 138 customers were subsequently defrauded. Ontario’s Superior Court accepted that the employer was vicariously liable for the employee’s actions and certified the class of 643 customers whose files the employee had accessed and potentially leaked.

Intrusion upon seclusion

Intruding upon a person’s seclusion means intentionally or recklessly invading her or his private affairs without justification, causing the person distress, humiliation or anguish. This tort of intrusion upon seclusion is only a recent creation. In 2012:

The Ontario Court of Appeal reversed an established principle that there is no such thing as a tort of invasion of privacy… the Court decided that it was now appropriate to confirm the existence of a tort of invasion of privacy called ‘a right of action for intrusion upon seclusion.’

The customers didn’t argue that the bank itself intentionally leaked the information, but that the employee did, and the employer is responsible for the employee’s intentional wrong actions.

Vicarious liability

To be vicariously liable for an employee’s actions, the employer must tacitly condone the conduct by creating or enhancing the risk that it may happen. In this case, the bank admitted to “a complete lack of oversight” of employees’ access to customer personal and financial information.

The Superior Court didn’t have to determine whether the Bank of Nova Scotia was vicariously liable for the employee’s actions, only that it was not “plain and obvious” that the customers’ vicarious liability argument would fail in court.

Regardless of the outcome of the class action to come, the certification proceeding is instructive. Employers must implement sufficient safeguards to protect customer and employee personal information. Policy should prohibit the unauthorized access, use and disclosure of confidential information. Practice should allow only necessary access to confidential files.

Read the Superior Court’s decision in Evans v. The Bank of Nova Scotia, 2014 ONSC 2135 on CanLII.

  • About
  • Latest Posts
Follow me
Adam Gorley
Editor at First Reference Inc.
Adam Gorley is a copywriter, editor and researcher at First Reference. He contributes regularly to First Reference Talks, Inside Internal Controls and other First Reference publications. He writes about general HR issues, accessibility, privacy, technology in the workplace, accommodation, violence and harassment, internal controls and more.
Follow me
Latest posts by Adam Gorley (see all)
  • Can you implement a mandatory vaccine policy or ask employees if they have been vaccinated? - June 10, 2021
  • Do you know the latest on terminations? Find out at the Ontario Virtual Employment Law Conference - May 11, 2021
  • Announcing the 2021 Virtual Ontario Employment Law Conference - April 15, 2021

Article by Adam Gorley / Employee Relations, Privacy / Bank of Nova Scotia, class action, common law tort for invasion of privacy, confidential information, Data breach, data fraud, employment law, Evans v. The Bank of Nova Scotia, fraud, intrusion upon seclusion, invasion of privacy, Jones v. Tsige, lack of oversight, personal information, personal information protection, privacy, vicarious liability

Share with a friend or colleague

Get the Latest Posts in your Inbox for Free!

Electronic monitoring

About Adam Gorley

Adam Gorley is a copywriter, editor and researcher at First Reference. He contributes regularly to First Reference Talks, Inside Internal Controls and other First Reference publications. He writes about general HR issues, accessibility, privacy, technology in the workplace, accommodation, violence and harassment, internal controls and more.

Footer

About us

Established in 1995, First Reference is the leading publisher of up to date, practical and authoritative HR compliance and policy databases that are essential to ensure organizations meet their due diligence and duty of care requirements.

First Reference Talks

  • Home
  • About
  • Archives
  • Resources
  • Buy Policies

Main Menu

  • About First Reference
  • Resources
  • Contact us
  • 1 800 750 8175

Stay Connected

  • Facebook
  • LinkedIn
  • Twitter
  • YouTube

We welcome your comments on our blog articles. However, we do not respond to specific legal questions in this space.
We do not provide any form of legal advice or legal opinion. Please consult a lawyer in your jurisdiction or try one of our products.


Copyright © 2009 - 2023 · First Reference Inc. · All Rights Reserved
Legal and Copyright Notices · Publisher's Disclaimer · Privacy Policy · Accessibility Policy