Changes in technology are increasingly raising questions about workplace privacy. In the span of a single generation large parts of the world have moved to a previously unfathomable level of connectivity. With this same wave of advancing technology, the average employee’s life has become far more complex.
Whereas previously an office worker may have worked via handwritten or typed notes, many workers now have access to computers and phones. What’s more, these devices are almost permanently connected to the internet. This arrangement allows employees to access a great library of information but it also means that they are consistently generating and storing vast quantities of data.
This new normal leads one to wonder just how much data they are generating and how much of that data remains private. In the context of employment, a similar question arises with respect to the workplace privacy rights that apply to your data. To what extent are you guaranteed privacy as an employee who works and communicates with company equipment? Similarly, if there is no guarantee of privacy, what level of workplace privacy can an employee expect with respect to their data, e-mails, and browsing history?
Workplace Privacy Legislation:
Federally, the Personal Information Protection and Electronic Documents Act, 2000 (“PIPEDA”) addresses the protection of “personal information” in the context of “commercial activity”. In Ontario, the disclosure of personal health information is addressed by the Personal Health Information Protection Act, 2004 (“PHIPA”) which applies to “personal health information”. Similarly, the Municipal Freedom of Information and Protection of Privacy Act, 1990(“MFIPPA”), as well as the Freedom of Information and Protection of Privacy Act, 1990 (“FIPPA”) address the disclosure of “personal information” held by public institutions, municipalities, and other bodies such as school boards.
Aside from some protections that may exist regarding the disclosure of information under PIPEDA, the PHIPA, the MFIPPA, and the FIPPA, there are less concrete protections for the review of private information such as e-mails or texts that are generated on employer equipment in Ontario. As a result, legitimate questions arise about the e-mails, communications, or activities that you produce while at work.
In the employment world, employers sometimes operate under the assumption that since work is performed and generated on their dime and equipment, that they should have the unilateral right to access information that might be stored on their systems. Legally speaking however, this right is a little muddied.
What the Courts Have Said:
Canadian courts and arbitrators have made several pronouncements on the use of personal information and have in recent years supported a base level of protection for the privacy of employees. For instance, in 2012 the Ontario Court of Appeal in Jones v Tsige (2012) ONCA 32 recognized a wrong known as “inclusion on seclusion” when an individual decided to inappropriately view information related to her co-worker. In that case, both employees were employed with the same financial institution and the defendant breached her ethical obligations by viewing the private banking information of her co-worker.
In R v Cole (2012) SCC 53, the Supreme Court of Canada reviewed a case where a teacher’s school laptop had been seized and handed over to police based on the existence of stored pornographic material. Although largely based on the police’s actions, the Supreme Court found that the Principal had the right to seize a school computer based on their legislative obligations under the Education Act. The Supreme Court also stated that an employee’s expectation of privacy will depend on the “totality of the circumstances” including an assessment of the policies, practices, and customs at play in the workplace.
In R v Cole, the Supreme Court stated that workplace privacy was a matter of “reasonable expectations” and that such expectation would depend on a review of the subject matter, the employee’s direct interest in the subject matter, the employee’s expectation of privacy, and whether the expectation was reasonable.
Since the R v Cole decision, the “total circumstances” analysis has been applied in other cases, including in unionized workplaces where arbitrators have applied the test to a number of different scenarios, for example a review of USB sticks or e-mails sent between employees. In each case the ultimate decision about whether such a review of personal communications was justified and appropriate was dependent on the whole circumstances of the case.
Unfortunately, there is no easy answer to the question of whether employees have a reasonable expectation of workplace privacy. It’s safe to say that any expectation of privacy will be limited but the extent of that limited right will depend largely on the entirety of the facts, including the existing policies, procedures, and the customs that have been developed for that workplace.
If you have any questions about workplace privacy rights or the policies in your workplace, please feel free to contact the lawyers at Molyneaux Law to assist you in the navigation of these issues.
You may like some of our past blog posts:
DISCLAIMER: This blog is for educational and informational purposes only may not be typical and are not guaranteed. The accuracy of Moly Law Blog posts is not guaranteed, and laws may change from time to time. If you would like legal advice or have questions about your particular workplace problems, please contact a lawyer. Click Here to contact Hamilton labour, employment and human rights lawyers Sarah Molyneaux or Roberto Henriquez now. Contacting Molyneaux Law or using this website does not create a lawyer-client relationship. Your use of this website is entirely at your own risk.