This post is written by Nathan Sutherland
Technology has transformed the way people work and technology in the workplace has created new challenges as courts and arbitrators try to balance the employer’s right to monitor employee electronic information or communications with employees’ privacy rights.
While not a new issue, this post will serve as a refresher about the considerations employers and employees should have in mind when assessing their respective rights with respect to this type of information.
As a general comment, there is no question that employees have a right to privacy in the workplace. In the context of unionized workplaces, this right has been recognized for decades, as reflected in a large body of arbitral jurisprudence related to employee surveillance and other issues (see e.g. Purtex Knitting Co. & Canadian Textile and Chemical Union, (1979), 23 L.A.C. (2d) 14). However, privacy interests in electronic information and electronic communications – as opposed to the privacy interest in one’s personal image – can be more difficult to define and apply.
Correspondingly (and not surprisingly), the decisions of arbitrators and the courts indicate that employees have a more limited right to privacy in the workplace than outside of it. As one arbitrator noted, “An employee’s right to workplace privacy must be weighed against the employer’s legitimate interests in the circumstances. The reality is that a loss of personal privacy is an inherent part of an employment relationship” (Ontario Power Generation v Society of Energy Professionals, 2015 CanLII 26177 (ON LA), para. 43).
In 2012, two decisions – one from the Ontario Court of Appeal and one from the Supreme Court of Canada – further defined the nature of employees’ privacy rights in the workplace, and have particular consequences for assessing the employees’ right to privacy in electronic information and communications.
In early 2012, the Ontario Court of Appeal recognized a common law right to personal privacy in Jones v. Tsige, 2012 ONCA 32. The Court of Appeal defined the tort of “inclusion upon seclusion” as the intentional intrusion, “physically or otherwise, upon the seclusion of another or his private affairs or concerns… if the invasion would be highly offensive to a reasonable person” (Tsige, para. 70). In that case the type of information at issue was banking information – one employee of the Bank of Montreal had used her position to access the banking information of a fellow employee of the bank 174 times. The Court concluded that the first employee had engaged in the tort of “inclusion upon seclusion” and awarded damages accordingly.
Later in 2012 the Supreme Court of Canada in R. v. Cole, [2012] 3 SCR 34, addressed the issue of whether an accused had a reasonable expectation of privacy in information stored on an employer-issued work computer. In that case the employee, a high school teacher, had stored child pornography on his work computer which came to light when a school technician was performing routine maintenance on the computer. The Court determined in that case that the employee did have a right to privacy in the work computer, and that in failing to obtain a search warrant before seizing the computer the police violated the employee’s Charter right to be free from unreasonable search and seizure.
What do these decisions mean today for an employee’s right to privacy and an employer’s right to access electronic information?
The balancing of the employer’s right to monitor or view email communications with the employee’s right to personal privacy over those same communications will vary with the circumstances of each case. As the Supreme Court stated in Cole, “Privacy is a matter of reasonable expectations” (Cole, para. 35). That is, the determination of an employer’s right to view or monitor emails, texts, or other types of electronic information stored on company servers, computers or mobile devices will depend on the employee’s “reasonable expectation of privacy” in the circumstances.
For instance, where the employer has established policies related to the use of work computers and work emails, there will be a reduced expectation of privacy. It is reasonable to expect that the employer can view information on work devices in order to ensure the employer’s policy is being complied with. Notably, in Cole the Supreme Court suggested that the school board that initially seized and searched the school teacher’s laptop had a right to do so – it was the police that had infringed the employee’s Section 8 Charter rights.
Similarly, the type of device in question and the information on it will help determine whether the employer acted reasonably in accessing it. In Association of Management, Administrative and Professional Crown Employees of Ontario (Bhattacharya) v Ontario (Government and Consumer Services), 2016 CanLII 17002 (ON GSB), para. 100), the Ontario Labour Board determined that an employer was justified in searching information on an employee’s portable storage device (a “USB key”). The Board noted that “the Complainant has a reasonable expectation of privacy… in some of the informational content of the USB key. That expectation attached only to the personal files, not to the work related files… His use of the [personal] USB key for work related purposes diminishes that expectation of privacy but did not extinguish it” (AMAPCEO, para. 130).
It seems likely that data stored on mobile devices would be viewed as attracting a greater privacy interest than some other types of devices such as work computers. While the Supreme Court in Cole recognized that work computers are often used for personal purposes, mobile devices – even when supplied by the employer – tend to be used even more so for personal, rather than work purposes: people today use them to send texts, store photos, music and other forms of personal information (often for less formal, non-work related communications), and access social networking sites, among other things.
For their part, employers should have well defined policies related to employee use of electronic devices in the workplace and electronic communications. Employees, on the other hand, should be aware that their communications – especially when stored on employer servers and sent from employer email addresses – will likely attract little if any privacy protection. Employee information stored on work or personal devices will have some privacy interest attach, but it will depend entirely on the circumstances of each case. The bottom line: both employers an employees should tread carefully.
For more information about employment law, please contact Nathan Sutherland.
#WorkLawWednesday: every second Wednesday, PL answers general questions about employment and human rights law. This is not intended to be legal advice and should not be relied on as legal advice.