Employee Privacy: Company Policy Not A License to Intrude
There are many who believe that, in this day and age, conceptualizations of privacy have become almost fictitious. With the vast majority of Canadians claiming some form of an online presence, and more and more of our lives being uploaded to “the cloud”, it is a wonder how there are any lingering expectations of privacy at all. And yet, the Canadian judiciary continues to redefine and fortify the boundaries of our private lives, calling into question the legality of intrusions into our online worlds.
Perhaps the most recent, clearest example of this was in the Supreme Court of Canada’s decision in R. v. Cole. In this case, Mr. Cole was a public-sector employee employed by a school board. The school board provided Mr. Cole with a school board-owned laptop computer, and it was eventually discovered by a school board technician that Mr. Cole kept nude photographs of a student on this laptop. The laptop was subsequently turned over to police, who then searched the laptop’s entire hard drive – without a search warrant. The Supreme Court found that the search was illegal and that Mr. Cole had a reasonable expectation of privacy regarding the contents of the laptop as he had exclusive use of the laptop, had permission to use it for personal use, and there were no policies regarding the school board’s ability or intention to monitor or search the laptop.
The implications of this decision for employees are far-reaching and are still being considered, debated and reworked by our Ontario courts. At a base level, it appears that unless an employer expressly limit an employee’s expectation of privacy by introducing and consistently enforcing clear, unambiguous policies regarding the use of electronic devices, an employee will enjoy a reasonable expectation of privacy regarding the contents of employer-issued electronic devices.
This general principle was subsequently adopted by the Ontario private sector in the case of Jones v. Tsige, involving one private-sector employee accessing the bank records of another private-sector employee without consent. The latter employee sued the former, claiming for a breach of privacy. The Ontario Court of Appeal generally agreed, and in the process, created a new tort called “intrusion upon seclusion”. In upholding (and creating) this common law right to privacy, the Ontario Court of Appeal specifically commented on the accelerated pace of technological change and the necessity of preserving private spheres in the face of same
A recent labour arbitration decision out of Saskatchewan takes these principles several steps further. In SGEU v. Unifor, Local 481, the Saskatchewan Labour Relations Board found that employees have a reasonable expectation of privacy regarding personal emails, even where the employer’s policies state otherwise. In this case, SGEU terminated one of its employees for cause after a search through his emails (utilizing the SGEU.org domain) revealed that he was affiliated with a gang. The employee – through his union – grieved the dismissal, relying primarily on the R. v. Cole decision. SGEU defended the grievance by arguing that its policies made it clear that any and all messages sent through the SGEU.org domain were property of SGEU and that, as such, employee could not expect that their communications were confidential or private.
Notwithstanding these policies, the Board found that, ultimately, neither workplace policies nor ownership of the system were determinative of an employee’s expectation of privacy. That is, their mere existence does not bestow upon the employer a carte blanche to intrude upon an employee’s emails. Rather, and specifically on account of the ubiquitous nature of personal email, an employer may only search emails if it is reasonable to do so. In order for the search to be reasonable, it must be conducted in a reasonable manner and there could not have been any reasonable, less intrusive alternatives available to the employer.
Although the common law tort of privacy is still being developed and reconfigured by our judiciary, it is increasingly clear that the driving intent is to push back against the force of technological advances, which, if left unchecked, would all but obliterate the boundaries of our private lives. In employment law, this will become particularly relevant for employers who will not only be required to have clear policies in place regarding privacy and use of employer-provided technological devices, but will also need to think twice before utilizing the policy as a license to invade an employee’s privacy. On the other hand, employees may find themselves with a new ground on which to claim a constructive dismissal of their employment.
Also, check out terminationquestions.com and our Severance Pay Calculator.