Skip To Content

Recognition of new torts and other recent trends in privacy litigation (webinar)

Author(s): Adam Kardash, Emily MacKinnon, Mark Gelowitz, Robert Carson

May 18, 2022

Amid major privacy legislative reform efforts across Canada, including the introduction of severe penalties for non-compliance and the contemplation of a private right of action in the federal private sector privacy regime, many organizations are keeping a close eye on their litigation risk exposure. In May’s AccessPrivacy call, members of Osler’s industry-leading privacy litigation team Mark Gelowitz, Emily MacKinnon and Robert Carson joined Adam Kardash to discuss recent trends and key themes in recent privacy jurisprudence.

One emerging trend in this sphere is the courts’ recognition of new torts. The tort of intrusion upon seclusion, recognized in a 2012 Court of Appeal for Ontario case, arguably kicked off the last decade of action in this area, but plaintiffs have also made out two others in recent cases: public disclosure of private facts and publicity placing a person in a false light.

Courts’ treatment of these torts so far is not without controversy, but it reflects the importance of privacy interests in our increasingly electronic society, as well as the courts’ view of what privacy looks like in this new social context. Though these torts have not yet been applied in a business context, there is a risk that they could be; in particular, courts have commented that “private facts” within the definition of the tort could include, for example, health data and financial information.

Courts have also continued to serve their gatekeeping role in proposed data class actions, stressing the importance of plaintiffs leading evidence of harm  (or “some basis in fact”) in order to be certified. Some proposed class actions in the past were largely imported from the United States, receiving Canadian press attention despite not necessarily being a Canadian issue. However, the Canadian judicial focus on a need for certifiable evidence showing a common issue and supporting a plaintiff’s allegations has meant that data security incidents no longer automatically invite the risk of a class action. Plaintiffs’ lawyers have been repeatedly reminded they must examine the actual effect of such incidents on proposed class members before bringing such cases.

These trends, along with other factors the team discussed during the call, have led to more denials of class certification and, most recently, the Supreme Court of Canada’s denial of leave to appeal in the case of Kish v. Facebook.

Watch the full webinar