Teresa Scassa - Blog

In an interesting decision from the small claims court of Quebec, Google has been held liable for violating the plaintiff’s privacy rights after an image of her sitting on her front steps appeared on Google Streetview.

In Grillo v. Google Inc., the plaintiff, Ms Grillo, testified that she had decided to sit on her front steps briefly one day, while on vacation. She was checking her messages on her smart phone, when she noticed the Google Car driving by, with its mounted camera. It was not until five months later that she first went online to look for her house on Streetview. She was shocked to see herself sitting barefoot and wearing a loose, sleeveless top which revealed part of one of her breasts. Also visible in the image was her car, with the licence plate unblurred, and the civic number of her house.

The plaintiff testified that she was a very private person, and, in fact, had chosen to live where she did because it was a relatively private and untraveled area of the city. After she found the image on Streetview, she testified that she was the butt of a number of jokes at the bank where she worked; her partially exposed breast was particularly commented upon by her co-workers. She testified as to her sense of shame and embarrassment. She immediately complained to the Office of the Privacy Commissioner of Canada, which suggested that she contact Google in order to have them remove the images. She claimed that she tried to do this, using the features available on the Streetview site, but without success. Shortly afterwards, she claimed to have sent two copies of a letter to Google – one to its offices in Washington D.C., and one to its corporate headquarters in California, setting out her concerns, and specifically requesting that her licence plate information be removed. Google claimed never to have received either copy of this letter. Approximately two years later, Ms Grillo sought the assistance of a lawyer, and sent a letter to Google demanding that “all photographs of our client, her breast, her car’s license plate and her civic address” be blurred or removed. The letter also claimed damages in the amount of $45,000. A short time after this letter was received, Google notified Ms Grillo’s lawyer that the images had been blurred.

Ms Grillo initiated a law suit against Google to recover damages related to the display of the images. However, perhaps because she was unrepresented at this point, she initiated her action in Quebec’s small claims court. Because this court has jurisdiction only over claims of $7000 or less, she limited her damage claim to this amount. In terms of the damages she claimed to have suffered, she noted that she had been mocked and humiliated at work, and had left her job at the bank as a result. She had also been on an extended period of sick leave prior to resigning her position – this was due to depression for which she was receiving care. She emphasized that she was a very private person who preferred her anonymity, and who had made choices about where to live and what kind of online activity to engage in (or not) with a view to this desire for privacy and anonymity.

The legal basis for the claim of violation of privacy rights in this case is found both in the Civil Code of Quebec and the Quebec Charter of Human Rights and Freedoms. The Civil Code sets out a right to privacy and identifies a series of acts that are considered to violate that right. One of these is the use of a person’s name or image without their consent for any purpose other than the legitimate information of the public. The Quebec Charter also sets out a right to privacy and to human dignity.

The leading case in Quebec on the right to privacy as it relates to the use of a person’s image is Aubry v. ÉditionsVice-Versa. In this case, the Supreme Court of Canada awarded damages after a magazine published a photograph of a young woman sitting outside on her front steps. The photograph had been taken without her knowledge or consent. Drawing on this decision, Justice Breault explained that a photograph taken of a person in a public space in Quebec could not be circulated without that person’s consent unless the public’s legitimate right to information prevailed over the right to privacy. He noted that in Quebec, the freedom of expression did not trump privacy rights; the two considerations must necessarily be balanced.

In this case, Google argued that Ms Grillo had been sitting on her front steps in plain view of her neighbors or of any passersby. Since she was in public view, it argued, she had no right to privacy. Justice Breault disagreed. He rejected the idea that there was a strict dichotomy between public and private spaces. In this case, he noted that Ms Grillo lived on a quiet street, and that the relative level of privacy on that street was something that was of importance to her. Further, she was not engaged in any sort of public activity: she was on vacation, sitting outside her home. She was entitled to expect that her privacy and her right to control her image would not be infringed by the taking and distribution of a photo without her consent.

Google also argued that Ms Grillo was not identifiable from the photograph because her face had been blurred. However, the court found that the other details in the photograph made her identifiable, and that these other details were, as a result, also “personal information”. Justice Breault noted in particular that the photograph showed her car licence plate, and her house number – details Google admitted had been missed by its blurring algorithm.

Finally, Google argued that the dissemination of the photograph without Ms Grillo’s consent could be justified as it was for the “legitimate information of the public”. In this respect, it argued that its Streetview service was of broad use and interest to the public. Justice Breault rejected “social utility” as a basis for justifying a breach of privacy. It was not enough to argue that Streetview in general served a useful public purpose; it was necessary to show that there was a dominant public interest in the circulation of the plaintiff’s image – an interest that would outweigh the plaintiff’s privacy interest. The court found that no such public interest existed in this case. Thus, Justice Breault concluded that the plaintiff’s right to privacy had been violated.

In considering the amount of damages to award, Justice Breault found that Ms Grillo had not adequately established the extent to which her image had actually been viewed by members of the public. He assumed that the number of viewers would be relatively low, and limited mainly to friends and co-workers. He also found that she had not established a causal relationship between the dissemination of her image on Streetview and the depression that she had suffered. He noted that she had produced no witnesses as to the state of her health. Justice Breault also found it significant that she had waited two years between the time she had discovered the image and the time that she had sent the lawyer’s letter to Google. He noted that the images had been blurred immediately after Google’s receipt of the letter, suggesting that she could have mitigated any harm she suffered by acting much sooner. Nevertheless, Justice Breault accepted that she had been deeply shocked by the publication of the image and that she had been hurt as well by the comments of her co-workers. He awarded her $2250 in damages, along with costs of $159.

Do you have a reasonable expectation of privacy in the data recorded by your car’s airbag sensing diagnostic module (SDM)? Did you even know your car has an SDM? Two recent court cases highlight important privacy issues related to this technology – and by extension to technology embedded into other consumer products that is capable of recording user information.

Both R. v. Hamilton from the Ontario Supreme Court and R. v. Fedan from the BC Supreme Court are cases involving automobile accidents where police extracted, without a warrant, data recorded on the “black box” associated with vehicle airbag systems. These little ‘black boxes’ are referred to alternatively as sensing diagnostic modules (SDMs) or airbag control modules (ACMs). The devices are installed in cars along with the airbag system. Their recording function is triggered by the sudden deceleration that precedes the deployment of the airbags, and they typically record only a few seconds of data leading up to impact.

It is a violation of s. 8 of the Canadian Charter of Rights and Freedoms for police to conduct a search without a warrant in circumstances where there is a reasonable expectation of privacy. Thus, a key issue in these airbag cases was whether there was a reasonable expectation of privacy in the SDM data, and, in consequence, whether the police should have obtained warrants prior to seizing the devices and extracting the data.

The two courts reached opposite conclusions on this issue. Justice MacDougall of the Ontario Supreme Court found that the accused had a reasonable expectation of privacy in the data, and that his Charter rights were violated when the data was extracted without a warrant. This court found that the SDM was similar to a computer that recorded information about its user. By contrast, Justice Kloegman of the British Columbia Supreme Court found that there was no reasonable expectation of privacy in the SDM data.

The BC Court found that the driver had no reasonable expectation of privacy in the recorded data largely because he did not know that his car was equipped to record such data. As Justice Kloegman explained: “SDMs are a relatively new feature of motor vehicles and it is unlikely that the majority of drivers even know their vehicle is equipped with one or what it does.” (at para 22). In fact, the judge was prepared to distinguish Hamilton on this point – in Hamilton, the accused was an off-duty police officer who knew about such devices, and therefore could be found to have a reasonable expectation of privacy. However, for the court to base a reasonable expectation of privacy on whether or not a consumer realizes that the product they have purchased is recording data about their use of it is hugely problematic, particularly as we move into an era where more and more of our consumer items are “smart”. A reasonable expectation of privacy in recorded data should not depend upon whether the individual knew that their car, fridge, phone, thermostat, or any other consumer item was programmed to record data about their use of the device. One might even argue that the lack of awareness that one’s use of consumer devices leaves a data trail should result in an enhanced expectation of privacy.

The court in Fedan also criticized the finding of the court in Hamilton that the SDM was a kind of onboard computer, thus aligning it with other computing devices in which a reasonable expectation of privacy has been found by the courts. In rejecting the analogy to a computer, Justice Kloegman observed that when there was a triggering event, the SDM would “capture five seconds of data regarding speed, brakes, and seatbelts.” (para 23) She then stated that this was “information generated by the vehicle, not the driver.”(para 23) This too is reasoning about which ordinary individuals should be concerned. This is not data about the vehicle in the abstract (grey, Volvo, 2010); rather, it is data that reveals how the driver was interacting with the vehicle at the time of the accident. The information is clearly information about the driver – as the court in Hamilton found.

In spite of the conclusion by the BC court that the information at issue was not about the driver, the judge did admit that the “driver’s actions in operating the vehicle will cause the SDM to engage.” (at para 23) Nevertheless, she found that this did not engage a privacy interest since “those same actions would likely be visible to the public eye.” (at para 23) This conclusion is based on older case law that finds that there is no reasonable expectation of privacy in events that take place in public view. However, in technology context, there is a much more nuanced understanding of what is publicly perceptible and what is not. Accidents can occur anywhere and in any conditions. In many circumstances, there will be no witnesses. Even where there are witnesses, eyewitness testimony is notoriously unreliable – and it is considerably less precise than technological records. Eyewitnesses, for example, will not be able to provide the very precise details recorded by an SDM regarding the speed of the vehicle, the extent of braking. It is worth noting that the court in Hamilton, found, by contrast that the data in an SDM “is of a qualitatively different type than what an observing member of the public could reasonably observe.” (at para 58)

The starkly different decisions in Hamilton and Fedan illustrate that there are privacy issues here that have yet to been conclusively resolved. The issue of the reasonable expectation of privacy in SDM data is one that is worth following as cases from other provinces in Canada start to emerge. The implications of judicial approaches go well beyond on-board vehicle data recorders and may extend to a wide range of consumer devices equipped with devices that can record even small snippets of data.

The Quebec Court of Appeal has released its decision in Trudeau c. AD4 Distribution Canada inc., a case that balances the freedom of expression with the protection of privacy and dignity. This is an increasingly important theme in privacy case law in Canada; it was at the heart of a recent Supreme Court of Canada decision, albeit in a different context.

In Trudeau, the appellant, Stéfanie Trudeau had launched a law suit against the defendant film company after they released a pornographic film that featured a caricature of her in her professional capacity as a Montreal police officer. She had sought an injunction to prevent the distribution of the film, as well as damages in the amount of $100,000. The film produced by the respondents was titled “728 Agente XXX”. It was described as a parody inspired by the conduct of police at the time of the 2012 Quebec student protests. Although the filmmakers did not use her name in the film, and did not hire an actress who resembled her, the character in the film wore her police badge number 728. The number was not chosen at random; the appellant had become notorious following the student protests. The Quebec Superior Court noted, in its decision, that Agent 728 had become famous almost overnight when a video of her pepper-spraying demonstrators circulated widely in both mainstream and social media. Her badge number was also featured a later point in time in a video shown on mainstream and social media that depicted her forcible arrest of a man caught drinking in public in the Plateau area of Montreal. She was at one point suspended from the police force and an internal inquiry was held.

Ms Trudeau claimed that the film violated her right to privacy and her dignity (protected under sections 4 and 5 of Quebec’s Charter of Human Rights and Freedoms), and that they had usurped her name and image in the making of the film. The trial judge had rejected these arguments. On September 12, 2014, the Quebec Court of Appeal upheld this decision. The Court of Appeal agreed with the trial judge that there had been no usurpation of the appellant’s name or image – her name was not used in the film, and the actress who portrayed agent 728 did not resemble her. Although her badge number was used, and although her badge number could be linked to her through the extensive media coverage of the events leading to her notoriety, the Quebec Court of Appeal agreed with the trial judge that this was not enough to give rise to liability. It had to be shown not just that there was a link, but that any link between the appellant and the film violated her right to privacy or her dignity. The trial judge had found that her badge number was not part of her private identity, but rather was part of her public persona as a law enforcement agent. As a result, the caricature or parody in the film was not about her personally, but about her public persona – one that had engaged in highly publicized and controversial acts. The Court of Appeal agreed that her actions as a police officer could legitimately be the object of caricature and critical comment. According to the Court, the right to make a parody such as the film in question falls within the respondents’ freedom of expression. The Court accepted that there are limits on the extent to which a public figure can be subject to parody, but that these limits were not exceeded in this case. Here, according to the Court, the ordinary citizen would not believe that it is the appellant herself that is depicted, in any personal way, but only an effigy. The court found the parody to be so unrealistic that it could not diminish the appellant, in her personal capacity, in the mind of the public.

The appellant also argued that the fact that the film was pornographic was itself a violation of her dignity. The Court of Appeal disagreed, noting that the case did not involve the use of an actual photograph of the appellant in a pornographic context without her consent. The Court confirmed that the pornographic nature of the film did not remove it from the category of parody or caricature – a form of commentary that is protected by the freedom of expression.

A year ago in November, the Supreme Court of Canada struck down Alberta’s Personal Information Protection Act (PIPA) on the basis that it violated freedom of expression guaranteed by s. 2(b) of the Canadian Charter of Rights and Freedom. It did so by not appropriately striking the balance between the rights of striking works to express themselves in the context of a labour dispute and the privacy rights of others. In Information and Privacy Commissioner of Alberta v. United Food and Commercial Workers, Local 401, an adjudicator under PIPA had ruled that the Union’s practice of taking photographs and videotapes of people crossing its picket line during a labour dispute – and of using some of the footage on its website – contravened the data protection legislation. (The case is discussed in more detail in an earlier blog post here). The Union countered (ultimately, successfully) that to require it to seek consent to the collection and use of this personal information would infringe its rights to freedom of expression.

Where legislation violates a Charter right, a court has various options. Here, both the Information and Privacy Commissioner of Alberta and the Attorney General of that province had asked the Court to strike down the legislation if it were found unconstitutional, rather than to perform judicial surgery on it. The Court agreed this was the better option, writing: “Given the comprehensive and integrated structure of the statute, we do not think it is appropriate to pick and choose among the various amendments that would make PIPA constitutionally compliant.” (at para 40). The Court added a one year period in which the declaration of the legislation’s invalidity was suspended. This would allow the law to remain operative in the province, giving the legislature what was clearly thought to be ample time to introduce the amendment or amendments necessary to bring the statute into compliance with the Charter.

A one-year suspension of invalidity might suffice where a government is functioning as its citizens have a right to expect. However in an age of increasingly dysfunctional governments the Charter remedy of striking down entire statutes with a one-year suspension of invalidity may be a riskier gambit. It has certainly proved to be so in this case. Recognizing that it cannot get amendment’s through by the November 15 deadline set by the Supreme Court of Canada, the Alberta Government as now asked the Court for an extension. The Court is likely to grant the extension – to do otherwise would result in a state of chaos in Alberta as far as private sector data protection is concerned.

Update Note:  On October 30, 2014 the Supreme Court of Canada agreed to a six month extension to the suspension of invalidity.

The public-oriented goals of the open government movement promise increased transparency and accountability of governments, enhanced citizen engagement and participation, improved service delivery, economic development and the stimulation of innovation. In part, these goals are to be achieved by making more and more government information public in reusable formats and under open licences. The Canadian federal government has committed to open government, and is currently seeking input on its implementation plan. The Ontario government is also in the process of developing an open government plan, and other provinces are at different stages of development of open government. Progress is also occurring at the municipal level across Canada, with notable open data and/or open government initiatives in Vancouver, Toronto, and Ottawa (to give a few examples).

Yet open government brings with it some privacy challenges that are not explicitly dealt with in existing laws for the protection of privacy. While there is some experience with these challenges in the access to information context (where privacy interests are routinely balanced against the goals of transparency and accountability (and see my posting on a recent Supreme Court of Canada decision on this issue), this experience may not be well adapted to developments such as open data and proactive disclosure, nor may it be entirely suited to the dramatic technological changes that have affected our information environment. In a recent open-access article, I identify three broad privacy challenges raised by open government. The first is how to balance privacy with transparency and accountability in the context of “public” personal information (for example, registry information that may now be put online and broadly shared). The second challenge flows from the disruption of traditional approaches to privacy based on a collapse of the distinctions between public and private sector actors. The third challenge is that of the potential for open government data—even if anonymized—to contribute to the big data environment in which citizens and their activities are increasingly monitored and profiled.

I invite you to have a look at this article, which is published in (2014) 6 Future Internet 397-413.

On June 13, the Supreme Court of Canada released its much awaited decision in Spencer v. The Queen. The core issue in this crucially important privacy case was whether there was a reasonable expectation of privacy in Internet Service Provider (ISP) subscriber information linked to a particular Internet Protocol (IP) address. Although privacy experts have for some time considered this question to be a no-brainer, the federal government had stubbornly held to the position that customer name and address information, viewed in isolation, was the kind of data in which none of us has a reasonable expectation of privacy.

Concurrent with the deliberations of the Supreme Court of Canada in Spencer were debates in the House of Commons and in Committee over the Conservative government’s controversial Bill C-13. This Bill will further pave the way for government authorities to gain easy and warrantless access to subscriber information. Among other things, the Bill gives ISPs immunity from any liability for handing subscriber information over to police without notice to or consent from their customers, and upon a simple request for this information to be shared.

Even prior to Bill C-13, provisions in both the Personal Information Protection and Electronic Documents Act (PIPEDA) and the Criminal Code had been argued to grant permission to private sector companies to share personal information with authorities, at the request of those authorities, without a warrant and without notice or consent to the affected customers. The application of these provisions had led to numerous Charter challenges in the lower courts, and these courts were divided as to the interpretation these clauses should be given. Essentially, although the anonymous IP address could reveal a trail of internet-based activities, Crown lawyers argued (and some courts accepted) that the police were ultimately only seeking a simple name and address – information in which there could be little expectation of privacy – and no warrant was required.

The Supreme Court of Canada itself had been a bit iffy when it came to informational privacy. A number of split decisions in the past years showed a lack of consensus on key privacy issues, and some recent decisions were not particularly privacy-friendly. In 2004, a narrow majority of the Supreme Court of Canada found that infra-red technology used by police in fly-overs to measure the heat signature of houses was not privacy invasive, because it did not lead to precise inferences about activities taking place in the house (notwithstanding the fact that the police used the technology to draw inferences regarding the presence of a grow-ops the accused’s home). There was genuine concern that this approach placed an artificial distance between the individual and the information that could be gleaned about their activities through technology. This concern was augmented by the Court’s 2010 decision in R. v. Gomboc, where 4 of the judges found that a very precise recording of daily patterns of electrical use in a home “reveals nothing about the intimate or core personal activities of the occupants. It reveals nothing but one particular piece of information: the consumption of electricity.” (at para 14). This approach, which distanced particular pieces of information from the inferences that could be drawn from them, and that minimized the importance of the decontextualized information, was a matter of great concern to privacy advocates.

This is why the Court’s unanimous decision in Spencer v. the Queen is so important, and why so many privacy advocates awaited it with both anticipation and dread. It is perhaps fortuitous that the backdrop to the Supreme Court of Canada’s deliberations in Spencer was one of ongoing disclosures by Edward Snowden of intrusive and warrantless government surveillance of the online activities of individuals in Canada and elsewhere, and the heated debates over the Conservative government’s latest attempt to facilitate police access to information about Canadians’ online and mobile activities.

The Court in Spencer dismissed the approach that separated the name and address information from the information gleaned from the IP address. Justice Cromwell wrote: “the subject matter of the search is the identity of a subscriber whose Internet connection is linked to particular, monitored Internet activity.” (at para 33). He found as well that anonymity is an important dimension of privacy – one that is “particularly important in the context of Internet usage.” (at para 45) Noting that there is an almost unavoidable tracking of individual activity on the Internet, Justice Cromwell wrote:

The user cannot fully control or even necessarily be aware of who may observe a pattern of online activity, but by remaining anonymous — by guarding the link between the information and the identity of the person to whom it relates — the user can in large measure be assured that the activity remains private. (at para 46)

According to the Court subscriber information links certain types of information to identifiable individuals, and is thus revelatory of a great deal more information than simply a name and address. This in turn triggers a strong privacy interest.

On the issue of the provisions of both PIPEDA and the Criminal Code that permit companies to voluntarily share personal information with law enforcement officials, the Court ruled that these provisions do not override a reasonable expectation of privacy. Since a request by police for subscriber identification engages this privacy interest, it amounts to a search for which a warrant is required. The permissive provision in PIPEDA depends upon police having a lawful authority to obtain the information sought – if a warrant is required, then a request absent a warrant is not made with lawful authority. The Court also ruled that s. 487.014 of the Criminal Code merely confirms existing police powers to make enquiries, but does not give them any authority to circumvent requirements to obtain a warrant.

This decision is extremely important, and should prompt a reconsideration of parts of Bill C-13. Some caution is nonetheless warranted. The Court noted that the reasonableness of a person’s expectation of privacy in their subscriber information in the hands of their ISP may depend upon the wording of their Terms of Service and their ISP’s privacy policy. Essentially, if these documents state that the ISP will hand over customer data to police upon their request; this will undermine the reasonableness of any expectation that this information will remain protected. In an age of consumer helplessness in the face of lengthy, impenetrable and take-it-or-leave it terms of service, it is important to press ISPs – and other service providers – to respect basic privacy values.

The British Columbia Supreme Court has certified a class action law suit against Facebook for breach of privacy rights protected under B.C.’s Privacy Act. In doing so, it dismissed Facebook’s application to have the court decline jurisdiction to hear the case.

The claim in Douez v. Facebook, Inc. relates to Facebook’s Sponsored Stories “product”. Sponsored Stories permits paid advertisers to use the names and likenesses of users of Facebook, alongside information about their product and service and their trademarks. The resulting “Sponsored Stories” are then sent to the contacts of the person featured in the ‘story’. The court found that between September 9, 2012 and March 10, 2013, 1.8 million B.C. residents were featured in Sponsored Stories. Individual Facebook users are given no notice of the fact that they are featured in a Sponsored Story. The class Plaintiff Douez argued that the use of the names and images of herself and other Facebook users from B.C. violated s. 3(2) of the Privacy Act, which provides:

3. (2) It is a tort, actionable without proof of damage, for a person to use the name or portrait of another for the purpose of advertising or promoting the sale of, or other trading in, property or services, unless that other, or a person entitled to consent on his or her behalf, consents to the use for that purpose.

Facebook argued that all of its users must accept its terms of use and privacy policy in order to use the site. In this way, it obtains the express consent of users to have their names and images used in Sponsored Stories. It also put forward a secondary argument regarding implied consent.

The focus of Facebook’s application to have the Plaintiff’s certification application dismissed was an argument based upon the lack of jurisdiction of the B.C. Supreme Court over the matter. Facebook argued that its Terms of Use, to which all users must consent, contains a forum selection clause that provides that disputes will be heard by the courts of California. Justice Griffin of the B.C. Supreme Court noted that the choice of jurisdiction clause was found near the end of exceeding long terms of use, making it relatively obscure. She distinguished an earlier Ontario case, Rudder v. Microsoft Corp which upheld a choice of jurisdiction clause in an online consumer contract on the basis that the claim in that case was one of breach of contract. The plaintiffs in Rudder therefore relied on the terms of the contract on the one hand, and claimed not to be bound on the other. She also distinguished the more recent BC Supreme Court decision in Century 21 Canada Ltd. Partnership v. Rogers Communications Inc., which also held that the parties were bound by online terms of use, on the basis that both were “sophisticated commercial parties who employ similar terms of use themselves and who had conceded the reasonableness of the terms of use at issue.” (at para 45).

Justice Griffin found that the plaintiff had shown strong cause for the court not to enforce the forum selection clause. She noted that the B.C. Privacy Act gave exclusive jurisdiction over claims arising under that Act to the B.C. Supreme Court. As a result, a California court could not have jurisdiction over such a claim. She took note as well of the “cultural differences in the ways various jurisdictions think of a right to privacy”, suggesting that a court in California might not interpret the right of privacy in the Privacy Act in a manner consistent with Canadian approaches to privacy. She concluded that “the availability of a statute-based claim in the court’s own jurisdiction, which confers exclusive jurisdiction on that court, can on its own be a basis for overriding a forum selection clause, but also can support two other “strong causes” for not enforcing a forum selection clause, namely, juridical advantage and public policy.” (at para 93). According to Justice Griffin, a court in California would have no jurisdiction over a Privacy Act claim, such that enforcing the forum selection clause would rob the plaintiff of her recourse. Further, she found that the protection of privacy was a matter of important public policy. She also noted that “with the creation and growth of the internet the potential implications for a loss of privacy are greater than ever. The difficulty in proving quantifiable damage remains great for an individual whose privacy is lost, but the social harm can be monumental if the loss of privacy includes publicity over the internet with its almost infinite reach and timelessness.” (at para 104). In addition to these reasons for not enforcing the forum selection clause, Justice Griffin found that it would cause much less hardship overall for Facebook to defend itself in B.C. than for the plaintiff and her witnesses to travel to California to plead their case.

Justice Griffin also certified the class proceeding. The relevant class is:

All British Columbia Resident natural persons who are or have been Members of Facebook at any time in the period from January 1, 2011, to May 30, 2014 and:

(a) who at any time during this period registered with Facebook using either their real name or a portrait that contained an identifiable self-image or both;

(b) whose name, portrait, or both have been used by Facebook in a Sponsored Story; and,

(c) who do not seek to prove individual loss as a result.

It is clear that a central issue in the law suit will be whether users consented, via Facebook’s Terms of Use to their names or images in Sponsored Stories.

Note that a similar class action law suit in the United States related to Facebook’s Sponsored Stories resulted in a $20 million settlement agreement in 2013.

Canada’s federal Conservative government has nominated Daniel Therrien as the next Privacy Commissioner of Canada. If this appointment is approved by resolution of the Senate and House of Commons, he will take over the position that was held until recently by two-term Privacy Commissioner Jennifer Stoddart.

Mr Therrien is lawyer and a career civil servant who has held many different posts. He currently holds the position of assistant deputy attorney general for public safety, defence and immigration. Mr. Therrien is not widely known in the privacy law field. In its information provided at the time of his nomination, the government notes that he “co-led the negotiating team responsible for the adoption of privacy principles governing the sharing of information between Canada and the U.S. under the Beyond the Border Accord.”

The NDP has already indicated that it will not support the nomination. The CBC reports that the NDP has expressed concerns that Mr Therrien has worked to closely on developing policies or legislation which he would have to oversee as Privacy Commissioner.

Since Jennifer Stoddart’s departure in December 2013, the Office of the Privacy Commissioner of Canada has been led by Chantal Bernier, who had previously served as Assistant Privacy Commissioner.

Jennifer Stoddart, who was highly regarded both nationally and internationally, was a strong leader, an innovative thinker and a strong voice for privacy. She leaves very big shoes to fill.

On April 24, 2014 the Supreme Court of Canada handed down a decision which at least touches upon the thorny question of what constitutes “personal information”. This question is particularly important to governments that are contemplating the proactive release of government data under commitments to open government. The issue is far from academic, as federal, provincial and municipal governments in Canada have all taken steps in this direction. Indeed, the Ontario government has just signaled its own commitment to open government, which will include proactive disclosure of government data.

Most public sector data protection laws in Canada define “personal information” as essentially information about an identifiable individual. This means that “personal information” is more than just information that actually identifies an individual (their name or social insurance number, for example) but also includes any other information that, if linked with other available information, could lead to the identification of a specific individual. Thus, a government contemplating the proactive disclosure of data sets under an open data program, would have to ensure that the data sets were free not just of individuals’ names and identification numbers, but also free of data that could be linked back to specific individuals. This can be more challenging than one might think, particularly as we live in an environment where more and more data is becoming easily available from both public and private sector sources, and where search engines, algorithms and computing power make mining and matching information increasingly fast, inexpensive and easy.

The case – Ministry of Community Safety and Correctional Services v. Information and Privacy Commissioner (Ontario) – involved an access to information request made by a journalist to the Ministry of Community Safety and Correctional Services. The journalist sought the disclosure of the number of registered sex offenders in Ontario who lived within each postal code forward sortation area (the area designated by the first three digits of a postal code). The journalist did not seek access to this information by full postal code, presumably because this finer level of detail might lead to the identification of those individuals, particularly where there were relatively few residences associated with a particular postal code. While Ontario maintains a sex offender registry, the locations of the registered sex offenders are not public information. The register is intended primarily for use by law enforcement officials. The journalist planned to create a map which would allow the public to see a more generalized geographic representation of where registered sex offenders in Ontario were living. The Ministry refused to disclose this information on the basis that it could lead to the identification of specific individuals. It argued not just that the information could not be disclosed because it fell within the definition of “personal information” but also because its release would interfere with law enforcement, endanger the life or physical safety of the individuals, and might hamper the control of crime (by making sex offenders less likely to comply with the registration requirements out of fear of identification). All of these bases are exceptions to disclosure of information under the provinces Freedom of Information and Protection of Privacy Act (FIPPA). The Ministry’s refusal was appealed by the journalist to the Office of the Information and Privacy Commissioner, which ordered that the information be disclosed. The Commissioner’s decision was upheld by the courts all the way up to the Supreme Court of Canada, which also upheld the order to release the information sought by the journalist.

The Supreme Court considered three issues: the level of deference due to the decision of the Information Commissioner, whether access was ordered for purposes inconsistent either with FIPPA or with the law governing the sex offender registry, and whether the Commissioner’s interpretation of the scope of the law enforcement exceptions to information disclosure was appropriate. Yet underlying these issues was a key question which itself was not in dispute before the Court. This was whether the information sought constituted personal information – in other words, information about an identifiable individual. The approach of the Commissioner to this question was not part of the appeal, yet once it was accepted that the information sought was not personal information, it would be difficult to find that any of the harm-based exceptions to disclosure would apply – no matter what interpretation they were given – because information that could not lead to the identification of specific individuals would be highly unlikely to cause them harm and, in theory at least, less likely to deter them from complying with the registry requirements.

In refusing to disclose the information, the Ministry had argued that the information being sought was personal information because it could be linked with other available information in order to re-identify individuals. This issue of the potential for re-identification is central to the question of whether information qualifies as a personal information, and in the context of open data, it will be crucial in decisions about whether certain data sets may be proactively disclosed. It is important to note that the Commissioner in this case observed that the Ministry had not advanced any cogent evidence of the potential for re-identification. This point was picked up by the courts below, and the Supreme Court of Canada agreed. Writing for the Court, Justice Cromwell noted that “the Commissioner determined that the Ministry did not provide any specific evidence explaining how the Record could be cross-referenced with other information in order to identify sex offenders. We find this to be a reasonable determination.” (at para 60) Indeed, very little specific evidence was provided, and the court dismissed more general literature on re-identification as “unconvincing and generic scholarly research on ‘identifiability’.” (at para 60) The Court also agreed with the Commissioner’s rejection of the Ministry’s assertions that more information might someday be available on the Internet that could, if matched with the sex offender data, lead to identification. Justice Cromwell stated: “it must be stressed that the Ministry only referred vaguely to the unpredictability of internet developments and did not provide any specifics about how identification could occur.” (at para 61).

The case involved a dispute over the release of data in the context of a specific access to information request. Yet there are lessons here for those tasked with identifying data sets for proactive release for the purposes of open data. These might be summarized as follows:

• The definition of “personal information” under access to information and data protection laws in Canada tends to be broad and will include information about an identifiable individual. Thus it is important to consider not just whether there are specific personal identifiers in the data set, but whether this data could, if matched with other available data, lead to the identification of specific individuals.

• In considering the likelihood of re-identification, it would seem that the balance between the goals of transparency and accountability and those of privacy protection do not require ‘worst case scenario’ or extreme hypothetical speculation. In the access to information context, the department or agency in question would bear the burden of justifying a refusal to disclose, and justification must be more than assertions. Presumably the same standard would apply to proactive disclosure. The law does not require excessive caution.

• In considering the possibility of re-identification, it might also be appropriate to consider how sensitive the personal information would be if re-identification were achieved. In Ministry of Community Safety, the information at risk of disclosure through re-identification was highly sensitive – the location of registered sex offenders. Presumably this might give some an incentive to attempt re-identification, perhaps warranting greater caution in the decision about whether to release the information. Nevertheless, the Commissioner, and ultimately the courts, still required some evidence that re-identification was possible.

A recent decision from the Federal Court of Canada squarely addresses the issue of copyright trolls and the impact they may have on ordinary Internet users. It also highlights the importance of public interest advocacy in a context that is rife with economic and power imbalances.

The Internet is widely used as a source of content – whether it is in the form of film, music, text or visual works. While there is a great deal of content available both free and for a fee from authorized distributors, other content is shared without the consent of copyright holders. Where unauthorized distribution takes place, copyright may be infringed – but of course whether there has been actual infringement by the downstream user may depend upon a range of considerations.

Copyright owners – particularly those in the film and music industries – have for some time now been decrying the widespread unauthorized sharing of content over the Internet. They have also adopted a variety of strategies to impede these activities. These have included suing file-sharing services such as Napster, Grokster or Pirate Bay, with a view to having them shut down, public education campaigns, and threats of legal action or actual law suits against individual downloaders of protected content. It is with respect to this latter category of action that the label “copyright troll” has been used.

In Voltage Pictures LLC v. John Doe and Jane Doe, Prothonotary Aalto of the Federal Court considered an application for an order to compel Internet service provider TekSavvy to disclose the identities of individuals linked to some 2000 IP addresses that in turn had been associated with illegal downloading of Voltage’s copyright protected films. An earlier Federal Court of Appeal decision in a case involving music downloads had outlined the circumstances in which such an order might be granted, taking into consideration the necessary balance between the applicant’s rights and the privacy rights of the individuals linked to IP addresses. Voltage argued that it had met all of the requirements of this test.

The Samuelson-Glushko Canadian Internet Policy and Public Interest Clinic, more commonly known as CIPPIC, intervened in this case in the public interest. CIPPIC’s intervention was particularly important given that there was really no other available party to speak out for the interests of the still anonymous Internet users whose identities might be disclosed were an order to be issued. It is clear as well from reading Prothonotary Aalto’s reasons, that CIPPIC’s submissions had a significant impact on the outcome.

The decision begins with a quote from a U.S. case which speaks of the rise of “copyright trolls”, and it is clear that the spectre of such trolls looms over the Federal Court’s decision. The concept of “trolls” has become common in both patent and copyright litigation. In the copyright context, a troll is a plaintiff who files “multitudes of lawsuits solely to extort quick settlements”.[1] Trolling is a business model in its own right – suits are launched not so much in order to deter or to compensate for the harm caused by infringement; rather, trolling generates revenue by compelling individuals to settle for sums that are lower than the cost of obtaining legal advice and pursing a defence to the threatened action. As Prothonotary Aalto noted in his extensive reasons, copyright trolls have been active in other jurisdictions, and courts in both the U.K. and the U.S. have striven to find an appropriate result that protects individuals while recognizing the rights of copyright owners to bring legal action.

Prothonotary Aalto’s decision is, in fact, an exploration of the issues raised and an attempt to find an appropriate balance between the rights of individuals to pursue their online activities without having their identities disclosed to third parties, and the rights of copyright owners to sue for infringing uses of their works. He begins his reasons by considering the test for a Norwich Order laid out by the Federal Court of Appeal in BMG v. John Doe, another case which required the court to balance privacy interests against the rights of copyright holders. Although in Voltage, CIPPIC argued that the threshold for the application of this test was too low, and that parties seeking disclosures of the names of individual Internet users should have to make out a prima facie case of infringement, rather than just a bona fide (good faith) claim, Prothonotary Aalto found that the test set out by the Federal Court of Appeal was both appropriate and applicable. He also found that Voltage had met the prescribed test, ruling that “the enforcement of Voltage’s rights as a copyright holder outweighs the privacy interests of the affected internet users.” (at para 57) He noted, however, that the test left room to consider and to moderate the impact of the order on privacy rights.

There was no evidence in this case that Voltage was a copyright troll. Indeed, Prothonotary Aalto found that Voltage had met its burden of showing that it had a genuine copyright infringement case and that a court order to compel TekSavvy to release the contact information of some of its customers was the only reasonable means of establishing the identities of the alleged infringers. However, he acknowledged evidence and argument by CIPPIC to the effect that there might be technological flaws in the methods used to link IP addresses to downloading activities, such that some IP addresses may have been identified in error. He also accepted that some of the downloading activity might be justifiable under one defense or another. More importantly, perhaps, he was sensitive to the evidence supplied by CIPPIC of copyright troll activities in other jurisdictions and of the concerns of courts in those jurisdictions regarding such practices.

Ultimately, Prothonotary Aalto’s decision seeks to balance the intellectual property rights of the copyright owner with the privacy rights of individuals who might be identified as a result of a court granting a Norwich Order. In his view, it is only in a case where there is “compelling evidence of improper motive on behalf of a plaintiff in seeking to obtain information about alleged infringers” that a court would be justified in refusing to grant such an order. (at para 133) Nevertheless, the court has the authority to place terms and conditions on the grant of the order, and these terms and conditions can protect the privacy of individuals by ensuring that their personal information is not shared or misused by a company that seeks this information for improper purposes, such as copyright trolling.

In issuing the Norwich Order in this case – which compels TekSavvy to furnish the information sought, Prothonotary Aalto placed significant limits on the order. In the first place, Voltage is ordered to compensate TekSavvy for its legal and administrative costs in compiling the requested information. A copy of the court’s order must accompany any correspondence sent to TekSavvy customers by Voltage as a result of the sharing of the customer information. Any such correspondence must also “clearly state in bold type that no Court has yet made a determination that such Subscriber has infringed or is liable in any way for payment of damages.” (clause 8 of the order) This is to avoid the type of demand letter seen in copyright troll cases in other jurisdictions where letters sent to individuals convey the impression that conclusions have already been reached on issues of infringement. As an additional safeguard, Prothonotary Aalto ordered that a draft of any such letter must be reviewed by the Case Management Judge appointed to oversee the process before it is sent to any individuals. The order also provides that the personal information shared by TekSavvy as a result of the order must be kept confidential by Voltage and must not be shared with anyone else – including the general public or the media -- without the court’s permission.

The decision in this case is a welcome one. It reflects a serious effort to ensure fairness and balance between the parties. It provides the applicant with the means to obtain the information it needs to pursue copyright infringement claims; at the same time, it imposes restrictions designed to ensure that the personal information is not used improperly to generate revenue well in excess of any damages suffered by the rights holder by pushing individuals into settlements in order to avoid the costs and stresses of threatened litigation. The decision is a direct result of public interest advocacy and a reminder of the important role played by organizations such as CIPPIC.

It is worth noting that the 2012 amendments to the Copyright Act included changes to the statutory damages provisions in that statute. These provisions allow plaintiffs to opt for a fixed amount of damages in cases of infringement – in other words, to be compensated without having to establish any particular losses. The 2012 amendments drastically reduced the amount of statutory damages that can be awarded against individuals whose infringing activities are essentially non-commercial. This takes away the ability for plaintiffs to stack statutory damages in suits against individual downloaders in order to arrive at the ridiculously high (and ultimately punitive) damage awards that we have seen in the U.S. in lawsuits against students or other private individuals whose downloading was simply for their own consumption. The message from Parliament is clearly that this type of conduct, while still infringing, should not be be exploited by rights holders either to “send messages” or to provide a new business model based on serial demand letters to large numbers of vulnerable individuals. The decision by Prothonotary Aalto is in keeping with this message. While copyright owners are entitled to enforce their rights through the courts, the courts must ensure that “the judicial process is not being used to support a business model intended to coerce innocent individuals to make payments to avoid being sued.” (at para 35)