Leave Not Granted in Application against Trustee in Bankruptcy on Allegation of Breach of Privacy
The value of evidence arising from blog posts and YouTube videos was considered in Re Netlink Computer Inc. Netlink had been a company selling computers and related equipment until it went bankrupt in 2017. The Trustee in Bankruptcy had, in the course of the bankruptcy proceedings, sold Netlink’s assets, but this had given rise to some online controversy. In particular, a blog post had appeared on a site called “privacyflyby.com”, written by Travis Doering. The blog post alleged data breaches in the sale, by the Trustee, of equipment owned by Netlink. That led to a former customer of Netlink’s, Kipling Warner, to seek leave to sue the Trustee, and indeed to commence a class action. Warner alleged that the Trustee was negligent in selling Netlink’s assets, breached its service contract with Warner, breached the Personal Information Privacy Act, SBC 2003, c 63 [PIPA], the Personal Information Protection and Electronic Documents Act, SC 2000, c 5 [PIPEDA], and the Privacy Act, RSBC 1996, c 373, and that the negligence of the trustee is in respect of a duty of care was owed to a class, for which Warner sought certification.
Warner claimed, on behalf of the class:
- Damage to credit reputation;
- Mental distress;
- Costs incurred in preventing identity theft;
- Costs incurred in paying for credit monitoring services;
- Out of pocket expenses;
- Wasted time, inconvenience, frustration, and anxiety associated with taking precautionary steps to reduce the likelihood of identity theft or improper use of credit information, and to address the credit flags placed on their credit files; and
- Time lost engaging in precautionary communications with third parties such as credit card companies, credit agencies, banks, and other parties to inform them of the potential that the Class member’s Private Information may be misappropriated and to resolve delays caused by flags placed on Class members’ credit files.
The issue before the Master was whether Warner had established a prima facie case against the Trustee. It did not, because of the frailties in the evidence presented.
In Warner’s own affidavit, he relied on a number of other sources, including a blog post and a YouTube video posted by two different people who said they had attended the sale. The Master pointed out that there was no explanation as to why those two people had not been asked to provide their own affidavits, and that the “double hearsay” of Warner’s report about what they had posted online was not admissible.
Further, although Warner swore in his own affidavit that he believed Doering’s statements in his privacyflyby blog to be a faithful and accurate account, he possessed no personal knowledge of any of the facts, and integrated elements of his own belief (that were not included in the Doering blog post) that amounted only to conjecture.
In addition the Master found unpersuasive the affidavit provided by Doering himself:
[49] Mr. Doering has a commercial interest in what he alleges to be the exposure of the Netlink data breach. In addition, Mr. Doering has limited direct knowledge of the facts forming the basis of the proposed action. The Doering Affidavit was not drafted for the purpose of being tendered as evidence in a court proceeding. Rather, it is a blog post with a jurat attached to it.
Ultimately the Master concluded that the low evidentiary threshold had not been met and denied leave.