Individuals now have a legal weapon if their privacy is breached, thanks to a recent Ontario Court of Appeal judgment that created the right to sue for "intrusion upon seclusion."
As The Globe and Mail's Kirk Makin reported, the decision was prompted by a case involving a woman who had snooped into the banking records of a partner's ex-wife. The judges ruled that there was no pre-existing basis for the lawsuit, and so created a new legal tort.
"A claim for intrusion upon seclusion will arise only for deliberate and significant invasions of personal privacy," Mr. Justice Robert Sharpe wrote. "Claims from individuals who are sensitive or unusually concerned about their privacy are excluded."
To help readers understand the issue, we sent some of your questions to Toronto lawyer Scott Hutchison. Here are his answers.
What kind of burden of proof does a plaintiff need in order to sue someone under the "intrusion upon seclusion"?
Mr. Hutchison: The burden of proof, how convincing does the evidence have to be, is the usual standard in non-criminal cases – proof on a balance of probabilities. That is, if the plaintiff (the party making the claim) can show that their claim is more likely true ("50 per cent plus one"), they will succeed.
To be successful the plaintiff will have to prove that the misconduct of the defendant meets all three of the tests or elements necessary to make out an action based on intrusion upon seclusion. The three elements of the cause of action are
- An intentional act that physically or otherwise;
- Intrudes upon the seclusion of another or his or her private affairs or concerns;
- In a way that would be highly offensive to a reasonable person.
The court notes that in most cases damages (really a fourth element) will be modest. In the Jones v. Tsige case the court awarded $10,000. In some cases if the plaintiff could show they suffered greater actual measurable loss they might be able to recover more.
The third element is intended to make sure that the courts can protect against groundless or trivial cases brought by 'thin-skinned' plaintiffs who may be quick to take offence to petty or fleeting 'snooping' that is merely rude or offensive.
Is this the sort of legal remedy that could (or should) have been presented by Parliament?
Mr. Hutchison: It certainly could have been, and as the court notes, in some jurisdictions that is what has happened.
The common law causes of action – the rules about civil liability made by judges in the course of deciding cases – have historically evolved over time and expanded or modified the sorts of claims that the courts will recognize. The sort of incremental, evolutionary change in the law seen in this case is pretty typical of the sort of change made by courts rather than legislatures. Legislatures are, of course, free to change, expand, or completely extinguish the new cause of action if they disagree with the policies which caused the court to put in place the rule in this form.
Is this related to identity theft?
Mr. Hutchison: Not really. Identify theft involves both the intrusion and the use of information to wrongly appropriate an individual's identity with a view to committing fraud. Clearly that would be criminal and subject to a lawsuit in fraud and deceit for both the person whose identity had been wrongly taken as well as anyone who had been deceived by the false identity.
Is this strictly related to personal records through computers, or any sort of "snooping" on someone?
Mr. Hutchison: Any sort of 'snooping' that would be "highly offensive to a reasonable person" is captured. While computers offer greater opportunity for such intrusion (and the nature of computer forensics is such that snooping will often leave an electronic 'footprint') it is the intrusion that is actionable. Getting my doctor to disclose what's in my medical records, looking at my private papers when I'm out of the room, surreptitious video surveillance or similar conduct could potentially be captured if the other elements of the test could be made out.