Liability Possibilities for Third-Party Privacy Invasions in Agnew-Americano v Equifax Canada

Yona Gal, J.D., LL.MCyber Risks, Cyber Security, Privacy, Technology and Internet0 Comments

A company learns its cybersecurity is vulnerable to hacking but fails to implement preventative measures.  Hackers attack and access the private data of clients.  Can these clients sue the company for the tort of privacy invasion (“intrusion upon seclusion”) or can the company escape liability because it has only allowed a third-party invasion? The question turns on the definition of invasion.  As held in the leading case of Jones v Tsige, the tort of intrusion upon seclusion consists of three elements: Intentional or reckless conduct; That invades the defendant’s privacy; and The invasion must reasonably be regarded as highly offensive causing distress, humiliation or anguish. Does allowance of a third-party invasion meet the second requirement? In deciding which of two actions should proceed as a class action in Ontario, the Court in Agnew-Americano v Equifax Canada expressed preliminary support favouring the possibility of liability for third-party invasions.  The Court held claims that … Read More

Ontario Court Declines To Find that Twitter Posts Require Libel Notice

Andrew Ottaway, B.A. (Hons.), LL.B.Commercial Litigation, Cyber Risks, Defamation, Internet | Technology0 Comments

In Levant v. Day, 2017 ONSC 5956, the defendant was regular participant on social media.  The defendant posted numerous times on Twitter criticising a fundraising campaign by Rebel News.  The plaintiff is the principal of Rebel News.  The plaintiff brought an action seeking damages for defamation. The defendant brought a motion to dismiss the action under the section 137.1(3) of the Courts of Justice Act, which was implemented to prevent strategic lawsuits against public participation (the “anti-SLAPP” provisions).  As part of an anti-SLAPP motion, the Court considered whether there were grounds to believe the defendant had a valid defence.   The defendant argued, among other things, that the plaintiff had failed to deliver a libel notice. Section 5(1) of the Libel and Slander Act requires that a plaintiff has give notice to the defendant in writing within six weeks after the alleged libel comes to the plaintiff’s knowledge, specifying the … Read More

Insurance Coverage For Cyber Crime: The Brick v. Chubb

Robert Kalanda, B.A. (Hons.), J.D.Cyber Fraud, Cyber Risks, Cyber Security, Fraud, Fraud Recovery, Insurance, Internet Fraud, Summary Judgment0 Comments

In the recent case of The Brick v. Chubb Insurance, the Alberta Court of Queens Bench held that the plaintiff’s commercial crime policy did not cover the money lost by the plaintiff as a result of a social engineering fraud. The plaintiff had been contacted by unknown persons pretending to be one of the plaintiff’s service providers, and requested banking information from their accounts payable department, which ultimately led to the plaintiff changing their internal records and sending of payments to the fraudsters’ own account instead of their service provider. The plaintiff sought coverage for the losses, and the insurer denied coverage. The court noted that the policy only applied to fund transfers made “without the insured’s knowledge or consent”. The plaintiff argued that they did not consent, since their actions were induced by the fraudulent correspondence. The insurer argued that the policy did not require consent to be “informed” or otherwise … Read More

Supreme Court of Canada Upholds Worldwide De-Indexing Order Against Google

Robert Kalanda, B.A. (Hons.), J.D.Appeals, Brand Protection, Commercial, Commercial Litigation, Counterfeit Goods, Cross-Border Litigation, Cyber Risks, eCommerce | Online Retail, Information Technology, Injunction & Specific Performance, Intellectual Property, Internet | Technology, Of Interest to US Counsel, Technology and Internet0 Comments

The Supreme Court’s recent decision in Google Inc. v. Equustek Solutions Inc. has approved the use of a worldwide injunction directing Google to de-index the defendant’s website used to facilitate the sale of goods in violation of the Equustek’s intellectual property rights. Equustek obtained an interlocutory injunction against the website owner directly, however the defendant left Canada, refused to comply with the order, and continued to sell products on their website from an unknown location. To help prevent or reduce further ongoing harm, Equustek sought for Google to de-index the site, making it less likely that a potential purchaser will discover the infringing website. Google initially agreed to de-index the result from Canadian search results on google.ca, but refused to enforce this order worldwide. It was concerned that the Canadian courts were using Google to usurp the laws of other nations, particularly on free speech issues, and potentially would force Google … Read More

Supreme Court of Canada Narrowly Rules Facebook’s Jurisdiction Clause Unenforceable

Robert Kalanda, B.A. (Hons.), J.D.Commercial and Contract Litigation, Commercial Law, Commercial Litigation, Contract Disputes, Cross-Border Litigation, Cyber Risks, eCommerce | Online Retail, Information Technology, Internet | Technology, Jurisdictional Challenges, Technology and Internet0 Comments

Facebook, and most other large social media and internet companies, set out in their terms of use that users of their services must bring any litigation disputes in the jurisdiction of their choice. However, in Douez v. Facebook, the Supreme Court of Canada has recently held, in a 4-3 decision, that Facebook could not enforce that clause against the plaintiff, a British Columbia woman complaining that their use of her photo and name in advertising breached her rights under British Columbia’s Privacy Act. Notably, the Privacy Act specifically requires that any action under that statute “must be heard” by the British Columbia Supreme Court. The majority held that while a jurisdiction clause is ordinarily enforceable, it could not be enforced in this instance as doing so would violate public policy, since the quasi-constitutional rights the statute provides and the exclusive jurisdiction to BC courts it requires means that the statute ought to be interpreted … Read More

CASL Private Right of Action Suspended Indefinitely

Robert Kalanda, B.A. (Hons.), J.D.Commercial, Commercial Law, Commercial Litigation, Cyber Risks, Insurance, Internet | Technology0 Comments

In a recent press release, the Canadian government stated that they will be suspending the introduction of the private right of action set out in Canada’s anti-spam legislation (frequently referred to as CASL). The private right of action was meant to come into effect on July 1, 2017, but the government has suspended the implementation of this section to give a parliamentary committee more time to review the legislation and determine the best course of action to balance the protection of Canadian consumers against minimizing extra costs and unintended breaches by business owners. The legislation has received mixed reviews thus far. While undoubtedly a step forward in minimizing unwanted spam, many business owners have expressed concern that the definition of commercial activity are vague, the requirements for consent are onerous, and the penalties for even unintentional non-compliance are harsh. The private right of action (most likely to be done as class … Read More

Blockchain Technologies Create Novel Legal Issues

Robert Kalanda, B.A. (Hons.), J.D.Commercial, Commercial Law, Contract Disputes, Cyber Risks0 Comments

Blockchain technology is increasingly gaining traction in a variety of different markets and industries, including insurance, securities, and enforcing contracts, and with these new uses come new legal considerations. Blockchain is essentially a ledger, decentralized with copies maintained across numerous computers, which maintains records of transactions which can be added to in an automated and secure manner. Because the entire history of the validated blockchain ledger is incorporated into all subsequent versions of the ledger, it allows for easy verification of the completion and authenticity of a transaction, since the history of the fund or asset can be traced back to the beginning of the entire blockchain. It is also very resistant to fraud and hacking, since any attempt to create a fraudulent transaction the blockchain must simultaneously modify all previous versions of the blockchain on the majority of the computers running the ledger in order for the transaction to be validated. One of the … Read More

Superior Court Refuses to Strike Adware Breach of Privacy Claims

Robert Kalanda, B.A. (Hons.), J.D.Commercial, Commercial Litigation, Cyber Risks, Information Technology0 Comments

In Bennett v Lenovo, the plaintiff alleged breach of contract, breach of the implied condition of merchantability, the tort of intrusion upon seclusion, and breach of provincial privacy laws as a result of the factory installation of an alleged adware program “Virtual Discovery” on certain Lenovo laptops. The Court allowed the claim to proceed on three of the causes of action, dismissing only the breach of contract claim. The plaintiff asserted that the Virtual Discovery program intercepted a user’s internet traffic to analyze it and display targeted advertising to the user based on that analysis. The plaintiff claimed that these actions were a breach of his privacy, was a vulnerability that exposed his information to third party hackers, and caused the laptop to be unfit for any online use, as well as negatively impacting performance and battery life. The defendant asserted that the claims had no chance of success and should be … Read More

Federal Court Restricts Republication of Canadian Legal Decisions Under PIPEDA

Robert Kalanda, B.A. (Hons.), J.D.Civil Litigation, Commercial, Cross-Border Litigation, Cyber Risks, Jurisdictional Challenges0 Comments

In the recent decision of A.T. v. Globe24h.com, the Federal Court held that the respondent’s re-hosting of publically available Canadian legal decisions ran afoul of the Personal Information Protection and Electronic Documents Act‘s (PIPEDA’s) restriction on the collection, use, and disclosure of personal information without consent, prioritizing the personal information of individuals against the broad open court principle that would otherwise warrant the unrestricted publication of judicial decisions. The respondent operated a website out of Romania which focused on re-publishing judicial decisions which are already publically available through online services such as CanLII. The primary difference between the respondent and services like CanLII was that the respondent’s website was indexed such that its content would appear in search results on Google or other search engines, whereas decisions on CanLII are not indexed and would not appear on any search engine. Any person who collects, uses, or discloses personal information in respect of a … Read More

Business Dirty Tricks: Unfair Competition: Intentional Interference, Inducing Breach of Contract, Conspiracy and Defamation

David Alderson, LL.B, LL.M (Commercial and Corporate), Lawyer and ArbitratorAppropriation of Personality, Business Litigation, Business Torts | Economic Torts, Civil Litigation, Commercial, Commercial and Contract Litigation, Commercial Arbitration, Commercial Law, Commercial Litigation, Contract Disputes, Contract Termination, Cross-Border Litigation, Cyber Risks, Fraud, Injunction & Specific Performance, Intellectual Property, Of Interest to US Counsel, Partnerships and Shareholder Disputes, Passing Off, Trademark Infringement0 Comments

Sometimes businesses and their stakeholders act wrongfully in seeking to advance their interests and / or harm competitors. There are often reports of the “dirty tricks” used by those in business to seek to destroy, defeat or diminish the effectiveness of a competitor. These are often unethical tactics, but sometimes such conduct is also wrongful and has been recognized by the common law as actionable in the courts for damages or injunctive or other urgent equitable relief, or prohibited by a statute which provides for a civil monetary remedy or grounds for an injunction. These causes of action have been recognized and provide the basis of lawsuits for harm, loss and damage, and in suitable circumstances, grounds for an immediate injunction or mandatory order prohibiting the further commission of the wrongful acts. In short, wrongful intentional acts causing harm, loss or damage to businesses or their stakeholders may give rise to a cause of action in common law business torts (the so-called … Read More

Gilbertson Davis LLP Panelists at 2016 Cyber Insurance Webinar

Robert Kalanda, B.A. (Hons.), J.D.Cyber Risks, Insurance, Of Interest to US Counsel0 Comments

John Davis and Robert Kalanda, of Gilbertson Davis LLP, were co-presenters at The Knowledge Group’s recent Webcast ‘Cyber Insurance: Latest Developments in 2016‘, on March 21, 2016. The panel also included Barry Fleishman of Kilpatrick Townsend & Stockton LLP and Jamie Hull of Cassiday Schade LLP. The webinar focused on issues and developments of interest to both Canadian and United States businesses,  insurers, organizations,  claims professionals, adjusters, and risk managers who are involved with Cyber Insurance Coverages under Standalone Cyber and more traditional insurance policies, and  Cyber Risks, Data Breach, Information Security, Cybersecurity and Privacy issues. The panel discussed the judicial, legislative and regulatory developments as well as important considerations  bearing on Applications for Cyber policies, including identification and prioritization of risks and exposures, the impact of  conditions and exclusions, and the role of counsel as part of the data breach and Cybersecurity response team. John L. Davis is the Managing Partner of … Read More