It hasn’t taken long for a court to apply the new tort of invasion of seclusion first recognized by the Ontario Court of Appeal in Jones v. Tsige January. While not providing a great deal of added nuance, the Small Claims Court’s decision in Connolly v. Telus Communications Co.,  O.J. No. 464, does provide some new insights. While providing little new insight into the substance of this new tort, the case is somewhat remarkable for its very subject matter.
First, it involves a lawsuit by an aggrieved Telus customer sued his mobile service provider over its perceived mishandling of the account registration process (the plaintiff had recently moved from Koodo, a Telus subsidiary, to the parent company). The complaint appears to relate to the perceived misuse of the plaintiff’s SIN during the sign up process, seemingly focused on the mandatory collection of SIN as part of the sign up process (paras 10-12; 27-28).
While the plaintiff failed to make out an ‘invasion of seclusion’ in this particular case, there appeared to be no hesitation in applying the tort to Telus’ conduct. This is somewhat noteworthy, as this is pure data protection activity and falls squarely within the regulatory scope of PIPEDA.
While in Jones the ONCA did not endorse the lower court’s argument that PIPEDA ‘occupies the space’ of commercial information regulation, the wrong in Jones was far outside the core concern of PIPEDA. The defendant’s misconduct in Jones was clearly of a personal nature and outside the scope of her duties as an employee of Royal Bank. The misconduct likely engaged RBC’s PIPEDA obligation to ensure adequate safeguards are in place protecting the personal information of its customers, but beyond that, there was nothing governing the defendant’s conduct directly, as it fell outside the scope of her RBC duties and PIPEDA does not regulate individual conduct. Connolly, however, represents a direct application of the tort to a core commercial data protection practice.