News

Personal Apple ID used to de-activate work phone, making evidence unavailable, and termination of employee reversed

In a BC case of interest which recently came to the editors’ attention, District of Houston v. Canadian Union of Public Employees, Local 2086,an employer’s investigation in to allegations of workplace misconduct was partially foiled by its policy (or lack thereof) regarding the use of work phones for personal purposes. The employee, Standbridge, was given a new work iPhone after his previous one malfunctioned. When the phone was set up, the manager who provided the phone used an Apple ID provided by Standbridge, which resulted in personal pictures and other data being downloaded onto the new phone from iCloud. The manager knew this, and thus did not keep a record of the Apple ID or password. Standbridge claimed that he had told the manager that the Apple ID and password belonged to his wife, though the manager denied this.

Later, Standbridge was accused by several female employees of inappropriately following them to worksites and taking pictures of them with his phone. Standbridge denied this and provided his phone to another manager, Glavin, for inspection, along with the password to open it. Glavin looked at some pictures on the phone but then left it on his desk while at meetings, and when he returned the iPhone had been remotely wiped. It emerged that Standbridge’s wife had learned that the phone was being accessed (though it was not clear she understood why), and because her own personal data was accessible on it, she remotely wiped the phone. Standbridge asked her to provide the Apple ID and password but she refused to do so.

Standbridge was terminated for interfering with the investigation, but was reinstated by the labour arbitrator. The employer had prevented him from being present while some of his personal data was accessed, and some accommodation for protection of his personal information should have been provided—particularly where there was no policy forbidding the mixing of work and personal information on devices, and that up until then it had been a common practice of the employer’s. Evidence substantiating the inappropriate photo-taking, if any, had been destroyed, and the allegations could otherwise not be sustained.

“pics or it didn’t happen”

The presumed ubiquity of social media, or perhaps more accurately of constantly-accessible digital photography, formed a small role in a decision by the Immigration and Refugee Appeal Board in Osman v Canada (Citizenship and Immigration). The appellant was appealing a decision which refused to approve a permanent resident application made by her spouse. Her appeal was also unsuccessful, largely on the basis on the conclusion that she had misrepresented facts in her application (most notably, that her spouse was also her first cousin). The Appeal Board also formed the view that the marriage was not a genuine one, but rather one made only for the purposes of facilitating the immigration application. There were a number of reasons supporting that conclusion, one of which was the absence of photographs:

[32] The Appellant and Applicant did not include any post-wedding photos with their application or for the IAD appeal. Given today’s technology, I expect a young couple (in their early 20s) to take many photos together during their honeymoon phase. When asked why they did not present such photos for the appeal, the Applicant testified that they did not take any photos at that time but did not provide a reason for not doing so.

Employer policies and further research called for

In 2017-2018, the Labour Program of Employment and Social Development Canada conducted a comprehensive review of Part III of the Canada Labour Code, sets out minimum labour standards for workplaces in the federally regulated private sector. That review led to a series of amendments, but five key issues were not resolved, and so the Minister of Employment, Workforce Development and Labour appointed an independent Expert Panel on Modern Federal Labour Standards to consult, research, and provide advice to the Minister. The December 2019 report is the culmination of the Expert Panel’s work and contains the results of the consultations, research, and recommendations. Of particular interest is the discussion there of a potential “right to disconnect”. As the Report of the Expert Panel on Modern Federal Labour Standards puts it:

In today’s world of work, mobile technologies and other factors, such as alternative work arrangements, the 24/7 economy, gig work and organizational cultures have blurred the boundaries between what it means to be "at work" and not "at work". In this context, should limits be set on work-related e-communications outside of work hours in the federally regulated private sector? If so, how should this be done and why?

The Expert Panel did not recommend that there be, at this time, a statutory right to disconnect, but did conclude, in Chapter 4: Disconnecting form work-related e-communications outside of work hours, that serious issues were raised and needed to be resolved.

“Part III of the Code does not currently directly address limiting work-related e-communications outside of regular working hours in this way, and no provinces or territories provide such a legal right.” The Expert Panel acknowledges that the concept of what it means to be “at work” has been blurred by mobile technologies and globalization, and that with “the transition from an industrial society to a service-based society, and the increasing accessibility of information and communication technology tools, work is no longer always tied to a physical location.”

There were many consideration that the played into Expert Panel’s recommendation. These included recognition of the necessity of a “flexible workforce that is available around the clock” to remain competitive in some cases, and awareness that some industries and organizations have a workplace culture of constant availability and connectivity. In addition, they took account of the fact that there can be some trade-off involved, in the sense that despite the potential downsides of constant connectivity from the point of view of an employee, it can also accommodate time zone difference, give employees control over their work hours, and facilitate “on-call” work. They noted as well that such connectivity created equity issues, and therefore some scope for tension: women statistically take on more non-work-related activities outside of working hours, which can limit their ability to respond to requests outside of those hours, which in turn could have a negative impact on competitiveness, promotions, and so on.

The Report notes that workers increasingly use technology to set up flexible work arrangements to create a more satisfactory work-life balance, but on the other hand, “engaging in e-communications for work purposes outside of work hours has been associated with poorer employee recovery from work and increased work—life interreference, high levels of burnout and increased health impairments”.

The Expert Panel discusses some of the difficulties with France’s “right to disconnect”, including that it does not have a legal definition of “right to disconnect” which has led to ambiguity in what that right actually entails. Germany adopted a self-regulatory model that leads to more “tailor-made solutions” and provides the example of the German Labour Ministry coming to an agreement with its own works council to ban communication with staff outside work hours, except in emergencies, and protects employees from reprisals for not responding to such communications. Volkswagen implemented a policy that stops Blackberry servers from sending emails to employees covered by a collective bargaining agreement form half an hour after standards hours until half an hour before they begin work.

Three general themes were at the centre of the Expert’s panel: flexibility, compensation, and management. Ultimately, the Expert Panel did not recommend implementing a statutory right to disconnect at this time. They concluded:

The Panel believes that a statutory right to disconnect would currently be difficult to operationalize and enforce. Part III already provides entitlement to overtime for services required by the employer beyond certain hours of work. Part III also provides some restrictions around the duration of work. These provisions, in part, help to provide a framework to address the negative aspects of this issue. Nevertheless, the Code does not define what is deemed work. Given the blurring of boundaries described above, the absence of such a definition generates ambiguity about what work is for employers, employees and labour standards officers responsible for enforcing labour standards.

Nonetheless the Report acknowledged that a real issue arose, and therefore made four recommendations: 1) that the employers subject to Part III consult with their employees or their representatives and issue policy statements on the issue of disconnecting; 2) that a statutory definition of “deemed work” be included in Part III; 3) that Part III provide a right to compensation or time off in lieu for employees required to remain available for potential demands from their employer; and, 4) that further research be done on the issue.

Manitoba Law Reform Commission releases discussion paper examining electronic augmentation for taking of affidavits and other documents

The Manitoba Law Reform Commission has released a discussion paper entitled Bridging the Gap for Remote Communities: Electronic Witnessing of Affidavit Evidence. The Commission’s project originated back in 2017, when members of the Manitoba bar brought to its attention the fact that people living in the province’s more remote communities often have trouble accessing a person who is qualified to take the swearing or affirmation of affidavits. While the Manitoba Evidence Act provides for a fairly broad variety of “authorized individuals” who may take affidavits, the preliminary evidence gathered by the Commission indicates that people living in some communities nonetheless are not able to find an “authorized individual” locally. Such people must incur the time and expense to travel to a more populated/urban area, which both creates delays in all manner of legal proceedings and transactions, and presents as a potentially significant access to justice issue.

The main issue is that the relevant statutory language has been interpreted in Manitoba, as in most provinces and other common law jurisdictions, to require that affidavits be sworn in the presence of the “authorized individual,” and thus the use of electronic means is not permitted. In the only relevant Canadian case to date, First Canadian Title Co v. Law Society of British Columbia, the court decided against a motion to allow the execution of a land title instrument via video link. As the Law Commission report explains:

…the court acknowledged concerns raised by the Ethics Committee of the Law Society of British Columbia about an overly broad interpretation of the presence requirement allowing for witnessing of documents remotely such as, how to ensure the affiant understands the content of the affidavit, ensuring the signature is genuine, proper identification of the affiant and concerns about changes to the document between the signature of the affiant and of the witness.

In a survey of the relevant law and practice in various Canadian and foreign jurisdictions, the Commission took note of Bill 161, currently before the Ontario legislature, which does two things: 1) makes the requirement of physical presence before the authorized individual explicit; but 2) creates the potential for exceptions to this requirement, to be added in regulations after the bill is passed. Remarks by the Attorney General of Ontario indicate that the government’s attention is to authorize electronic commissioning and notarizing. Further, the Law Society of Alberta has created a pilot project called the “TreeFort Platform” which would allow for secure online meetings between lawyers and clients at which documents could be executed and certified. Also, the US state of Virginia has brought in legislation allowing for electronic notarization via video- and tele-conferencing and digital signature technology.

The Commission has identified a number of issues for discussion, on which it is seeking feedback by February 20, 2020, including:

1. Should The Manitoba Evidence Act be amended to remove the physical presence requirement in certain circumstances as is proposed by Ontario’s Bill 161?
2. If the Act is amended to enable electronic notarizing or commissioning of affidavit evidence, should standards be set to regulate those providing such services similar to the “standards of notarization” enacted in Virginia?
3. What safety measures should be required to ensure the privacy and security of documents being witnessed electronically and to respond to the concerns in First Canadian Title Company Ltd. such as the integrity of the document and ability to verify the signatory’s identity?
4. What criteria should be used to determine what software is allowable? Should such criteria be established by regulation?
5. What other issues relating to privacy and security may arise?
6. If the Manitoba Evidence Act should be amended to allow for affidavits to be taken using video-conferencing technology, should it be restricted to certain populations or certain situations?
7. Should a person witnessing the signing of an affidavit using video-conferencing technology be required to be physically present in Manitoba?
8. Should the affiant be required to be physically present in Manitoba when appearing before a witness using video-conferencing technology?

Pseudonymous posters given adequate notice of the claim via email and via website messages

The Ontario Superior Court of Justice has granted summary judgement in a defamation case against a number of unnamed, pseudonymous authors of internet postings. In Theralase Technologies Inc. v. Lanter, the plaintiffs were a pharmaceutical company and two of its senior employees. They alleged that a number of postings made on an online discussion website, Stockhouse.com, were defamatory of them and are summarized by the judge:

[31] Generalizing for introductory purposes, the postings assert that Theralase management are untruthful and unprofessional, the corporation is operating unlawfully and improperly from the investors’ perspectives, and the personal plaintiffs are unprofessional, incompetent managers who have committed criminal acts. Ms. Hachey is also the subject of at least one misogynistic post that is particularly disgusting.

The postings were made by ten different accounts. Prior to commencing the action, the defendants were able to obtain an order requiring Stockhouse to provide information about the individuals behind the pseudonyms. Stockhouse was able to provide email addresses for all but one of them, but said technical problems prevented them from providing further information. The plaintiffs then sent libel notices and requests for identification to each of the email addresses and obtained an order permitting service of the plaintiffs’ claim by email and private message on the Stockhouse platform. A number of the email addresses generated error messages, suggesting the accounts were no longer in operation, and one of the defendants did respond and was identified. The plaintiffs then brought a motion for default judgement against the still unidentified defendants.

The court was then required to consider whether it could grant summary judgement against a currently unidentified person. The caselaw on the point is scant as only one Ontario precedent could be found:

[13] In Manson v John Doe, 2013 ONSC 628, 114 OR (3d) 592, the defendant was an anonymous blogger on a website owned by Google. Google advised the plaintiff that it had sent the plaintiff’s motion seeking the identity of the defendant to the defendant by email and that the defendant had responded indicating that he was seeking legal counsel. Ultimately the plaintiff was provided with the defendant’s email address although it could not determine his name.

[14] Goldstein J. wrote:

[20] There are few things more cowardly and insidious than an anonymous blogger who posts spiteful and defamatory comments about a reputable member of the public and then hides behind the electronic curtain provided by the Internet. The Defendant confuses freedom of speech with freedom of defamation. There are, undoubtedly, legitimate anonymous Internet posts: persons critical of autocratic or repressive regimes, for example, or legitimate whistleblowers. The Defendant is not one of those people. The law will afford his posts all the protection that they deserve, which is to say none.

[15] In the result, Goldstein J. granted judgment against the defendant who was identified only by a user name or pseudonym. There is no discussion in the case report as to whether the lack of the defendant’s actual name was considered to be an impediment to the court’s jurisdiction.

The court then reviewed caselaw from the United Kingdom, another jurisdiction in which most judgements are made in personam. The principal authority for permitting a default judgement against an unnamed defendant was found in Cameron v. Liverpool Victoria Insurance Co Ltd., [2019] UKSC 6, [2019] RTR 15, a UK supreme court decision that held that such an order can issue in certain cases:

[22] In Cameron, the Supreme Court found that it is not enough to refer to a defendant by reference to a past act, such as a hit-and-run accident, because the prior act provided no basis to identify the particular person who is the defendant. However, the court concluded that where a form of service is utilized that can reasonably be expected to bring the proceedings to the attention of the defendant, there was no reason in principle to limit the court’s ability to grant judgment against the unidentified defendant.

[23] I agree with the reasoning in Cameron and adopt the Supreme Court’s framework. Provided that the form of service utilized can reasonably be expected to bring the proceedings to the attention of a specific, identifiable defendant, the court has jurisdiction over that person however he or she may be identified. The test of reasonableness will be influenced by the circumstances of the case. Where, for example, people are hiding behind internet anonymity to make allegedly defamatory comments on a website, service through the website using the coordinates and the identifiers that the users themselves provided to the website operator strikes me as both reasonable and just. If notice does not reach the users, it is because they choose not to access the accounts from which they made their comments or the email addresses that they provided to the website operator. Where there is evidence that a person is actively evading service, such as by shutting down a previously active email address or website account after learning that an action exists, correspondingly less certainty of service may be required as long as it remains conceptually possible. See also: Cameron at para. 25.

The court reviewed the manner in which the plaintiffs’ claim was communicated to the defendants, both through email and through the messaging function of Stockhouse.com. Such communication was likely to bring the claim to the attention of the defendants and they failed to respond or file a defence.

The judge acknowledged that there will likely be significant challenges in enforcing the default judgement, but it did not influence the determination of whether default judgement could be obtained. In the result, the court entered summary judgement against the unnamed defendants, assessed damages against each of them and issued an order for costs on a substantial indemnity basis.

Hard-to-find terms of use unenforceable and arbitration clause was of no effect

A US appeals court summarily dismissed an appeal related to the browsewrap terms of use agreement in a mobile gambling app. In Wilson v. Huuuge, Inc., the app developer was appealing a decision of a district court that refused to enforce an arbitration clause in the terms of use for the app.

The plaintiff brought a suit as an intended class action, alleging that the app and its developer violated Washington state gambling and consumer protection laws. The defendant brought a motion trying to have the action stayed and requiring the plaintiff to arbitrate any dispute. The app's terms of use contained an arbitration clause, but the district court found that these terms (or the terms of use, generally) were not brought to the user's attention either in fact or constructively. The developer did not require users to affirmatively acknowledge or agree to the terms of use before downloading, installing or using the app.

The United States Court of Appeal for the Ninth Circuit colourfully described the positioning of the terms of use:

Once a user has downloaded the app, the user can play games immediately. During gameplay, a user can view the Terms by accessing the settings menu. The settings menu can be accessed by clicking on a three dot “kebob” menu button in the upper right-hand corner of the home page (Figure D).

If a user clicks on the button, a pop-up menu of seven options appears (Figure E). The fifth option is titled “Terms & Policy” and reveals the Terms, including the arbitration agreement.

To enforce an arbitration agreement under US federal law, the person asserting the agreement must prove there exists a valid agreement by reference to ordinary contract law. The court wrote:

As we have acknowledged many times, although online commerce has presented courts with new challenges, traditional principles of contract still apply. A contract is formed when mutual assent exists, which generally consists of offer and acceptance. Like many states, Washington does not allow parties to shirk contract obligations if they had actual or constructive notice of the provisions. In the context of online agreements, the existence of mutual assent turns on whether the consumer had reasonable notice of the terms of service agreement. [references omitted]

The court found that it was a "browsewrap" agreement and amusingly described the adventure that may be required to encounter the terms of use in the app:

… When downloading the app, the Terms are not just submerged—they are buried twenty thousand leagues under the sea. Nowhere in the opening profile page is there a reference to the Terms. To find a reference, a user would need to click on an ambiguous button to see the app’s full profile page and scroll through multiple screen-lengths of similar-looking paragraphs. Once the user unearths the paragraph referencing the Terms, the page does not even inform the user that he will be bound by those terms. There is no box for the user to click to assent to the Terms. Instead, the user is urged to read the Terms—a plea undercut by Huuuge’s failure to hyperlink the Terms. This is the equivalent to admonishing a child to “please eat your peas” only to then hide the peas. A reasonably prudent user cannot be expected to scrutinize the app’s profile page with a fine-tooth comb for the Terms.

Accessing the terms during gameplay is similarly a hide-the-ball exercise. A user can view the Terms through the “Terms & Policy” tab of the settings menu. Again, the user is required to take multiple steps. He must first find and click on the three white dots representing the settings menu, tucked away in the corner and obscured amongst the brightly colored casino games. The “Terms & Policy” tab within the settings is buried among many other links, like FAQs, notifications, and sound and volume. The tab is not bolded, highlighted, or otherwise set apart.

Huuuge argues Wilson’s repeated use of the app places him on constructive notice since it was likely he would stumble upon the Terms during that time period. However, just as “there is no reason to assume that [users] will scroll down to subsequent screens simply because screens are there,” there is no reason to assume the users will click on the settings menu simply because it exists. The user can play the game unencumbered by any of the settings. Nothing points the user to the settings tab and nowhere does the user encounter a click box or other notification before proceeding. Only curiosity or dumb luck might bring a user to discover the Terms.

At the end of the day, Huuuge took a risk and lost:

Instead of requiring a user to affirmatively assent, Huuuge chose to gamble on whether its users would have notice of its Terms. The odds are not in its favor. Wilson did not have constructive notice of the Terms, and thus is not bound by Huuuge’s arbitration clause in the Terms. We affirm the district court’s denial of Huuuge’s motion to compel arbitration.

The appeal was dismissed.

A privacy violation can be “highly offensive” and actionable even if it is fleeting and causes no harm

The dangers inherent in electronic medical records were made apparent in Stewart v. Demme, on the one hand an application for certification of a class action, and on the other an application for summary judgment dismissing the claim. The two defendants in the case were Demme, a nurse, and the hospital at which she had formerly been employed. Over a period of ten years, she stole 23,932 Percocet pills. The method by which she did so was at the heart of the issue of the Plaintiff’s certification as a class action.

In order to acquire the drugs, Demme accessed the individual health records of over 11,000 patients of the hospital. In some cases, she was able to make use of the patient’s paper file, but in many others she used the Meditech database which digitally accessed patients’ records and displayed them on a screen. In either case, she used the information in order to access the hospital’s Automated Dispensing Unit (“ADU”), in order to have a Percocet pill dispensed. Demme testified that in the early years of her thefts she would look to see if the patient was pre-prescribed Percocet and, if not, would move on to another patient. Eventually, however, she began to click on random patients whose names appeared on the ADU screen list as a method of dispensing the pill.

Once these thefts were discovered, the Hospital sent a letter to every patient whose file or digital record was accessed by Demme to provide herself with Percocet, leading to the proposed class action lawsuit. The class sought to be certified to bring actions for intrusion upon seclusion and for negligence, while the defendants resisted both claims. In the end the class was certified to pursue the intrusion upon seclusion claim, but the application judge concluded that a negligence action could not succeed and granted summary judgment in that regard.

In each patient’s file, Demme accessed their information for less than a minute from the same ADU machine (as recorded by the ADU logs). “In effect, Ms. Demme scrolled down the patient list, stopped at any given patient’s name, and clicked on the box designated for the medication that she desired.” Her only motivation for improperly accessing any patient’s records, whether a paper file or a digital one through the ADU, was to obtain drugs (para 16): that is, although she might incidental see private medical information, that was not her goal, nor indeed likely to occur given that she would not want to keep a record open very long. In addition, there was no evidence that any patients’ medication was impacted by Demme’s use of their health records in this way. The purpose of ADU recording was to track the medicine stocks at the Hospital, and these records were not associated with any particular patient, and so when medication is dispensed through the ADU, it is not automatically recorded in the patient’s medical file. Further, the fact that the ADU had dispensed medication did not mean that it would be administered, so there was no evidence of any patient receiving Percocet who ought not to have. By the same token, there was no clear evidence that any patient had ever failed to receive Percocet when they ought to have.

It was largely for those reasons that the negligence action was dismissed: no damage could be shown, other than the purely symbolic harm of the privacy breach, which was not sufficient. However, the application judge did certify the class for a claim based on intrusion upon seclusion. That tort requires in part that there be intentional or reckless conduct by the defendant and that the defendant invaded, without lawful justification, the plaintiff’s private affairs or concerns. Those requirements were clearly met by Demme’s misconduct.

However, in Jones v Tsige, the Ontario Court of Appeal determined that “one who intentionally intrudes, physically or otherwise, upon the seclusion of another or his private affairs or concerns, is subject to liability to the other for invasion of his privacy, if the invasion would be highly offensive to a reasonable person”. Both defendants argued that the violation of the class members’ health records was de minimis and not highly offensive,and did not rise to the level required for it to: as counsel for the hospital put it, there was “a very large narcotics theft but a very small privacy invasion” (para 57).

The application judge acknowledged that Demme’s access to any individual file was fleeting, but held that that point should not be overemphasized: “interference with freedom of moment, just like invasion of privacy, must not be trivialized” (para 67). The nature and quality of the information at issue was also relevant: “other hospital procedures – surgery, chemotherapy, psychopharmalogical treatments, etc. – are bound to be rather less shared by patients with the world at large. The Hospital is a uniquely private and confidential institution” (para 66).

The judge did not that “While any intrusion – even a very small one – into a realm as protected as private health information may be considered highly offensive and therefore actionable, the facts do not exactly ‘cry out for a remedy’” (para 72). Nonetheless,

[79]…the Jones reasoning supports the proposition that an infringement of privacy can be “highly offensive” without being otherwise harmful in the sense of leading to substantial damages. The offensiveness is based on the nature of the privacy interest infringed, and not on the magnitude of the infringement.

Accordingly the class was certified.

Internal flight not feasible where privacy can be readily breached

The state of technology, and its implications for being located against one’s will, were at issue in X (Re) , a decision of the Refugee Appeal Division of the Immigration and Refugee Board of Canada. The case was an appeal from the Refugee Protection Division (“RPD”), which determined that the applicant was neither a “convention refugee” nor a “person in need of protection.” The Appellant was from a district in Punjab, India and had been a supporter and member of the SAD (Amritsar) political party since 2009. His father was also a long-time supporter of the party. Because of that political activity the applicant had been physically attacked by police, and the Appeal Division concluded that Congress party members could be a threat to him in Punjab, and especially in his home district. One issue in the decision, however, was whether he could be safe elsewhere in India: that is, whether he had an Internal Flight Alternative (“IFA”). The test for an IFA is that 1) there must be no serious possibility of the Appellant being persecuted in the part of the country identified as an IFA, and; 2) the conditions in that part of the country must be such that it would not be objectively unreasonable in all the circumstances, including those particular to the Appellant, for him to seek refuge there (para 42).

In the first prong, the appellant essentially argued that the high degree of information technology advancements in India, combined with the deficient privacy and personal information protection, meant that third parties would be able to locate him. The Appellant referred to the Aadhaar number and card, which is a twelve digit unique identity number assigned to residents of India based on their biometric and demographic data. The Appellant provided evidence that the card was increasingly being required for services, that the data was being misused, and that the cardholder’s personal information was not kept private or protected. As a result,

[60]…just about anyone could access this personal information through corrupt means and for a small amount of money, and the Appellant would be located because he will need to use his Aadhaar card wherever he relocates to.

In addition:

[62] The Appellant also submits that a person can be located in India even more simply through social media such as Facebook or electronic surveillance, without having to go through the police. He further argues that the state has its own system of electronic surveillance, called the CMS and which is described at Tab 10.6 of the latest NDP. Therefore the state could locate the Appellant should they want to by intercepting his electronic communications. Tab 10.6 is also cited to refer to the Crime and Criminal Tracking Network and Systems (CCTNS) which is used as a network of information for the police, and the fact that the tenant verification system has been made even easier by providing online forms and applications for free for landlords who are required to register their tenants.

[63] In essence, the Appellant is saying that through the high degree of information technology advancements in India, coupled with deficient privacy and personal information protection, he could be located by third parties, not necessarily the police, making an IFA impossible.

As a result, the Appeal Board determined that an IFA was not available to the Appellant and so, based on that and the serious possibility of persecution if he relocated to Delhi or Mumbai, or elsewhere in India, he was found to be a Convention refugee.

Customer disputes interest the public

With its decision in Raymond J. Pilon Enterprises Ltd. v. Village Media Inc., the Ontario Court of Appeal decided a point concerning the “Prevention of Proceedings that Limit Freedom of Expression on Matters of Public Interest (Gag Proceedings)” portion of the Ontario Courts of Justice Act. Those particular rules – otherwise known as the Anti-SLAPP provisions – state their purpose as:

(a) to encourage individuals to express themselves on matters of public interest;\

(b) to promote broad participation in debates on matters of public interest;

(c) to discourage the use of litigation as a means of unduly limiting expression on matters of public interest; and

(d) to reduce the risk that participation by the public in debates on matters of public interest will be hampered by fear of legal action.

The respondents had made a Facebook post about their experience with a Canadian Tire store operated by the appellant. The respondents had successfully brought a motion to have the appellant’s legal action against them over the post dismissed, but the appellant argued on appeal that the Anti-SLAPP provisions did not apply: the issue was, they argued, simply a private dispute between a customer and a store, which was not a “matter of public interest”. The motions judge had disagreed, holding that it related “to the issues of customer service and shopping experience at a major retail store”, raised “the question of the appropriateness of a store manager involving the police in such a matter”, and was “cautioning potential customers of the Canadian Tire in Timmins about the treatment they may receive at that store” (para 4). The Ontario Court of Appeal found no error in these conclusions, and therefore upheld the decision, rejecting the appeal.

Greater rather than less security provided by electronic cards

On December 24, 2019, for the first time, the Ontario Labour Relations Board in Toronto and York Region Labour Council,permitted the use of electronic membership evidence for a representation vote. The displacement application for certification was brought by United Steel, Paper and Forestry, Rubber, Manufacturing, Energy, Allied Industrial and Service Workers International Union (United Steelworkers) under the Labour Relations Act, 1995, S.O. 1995, c.1, as amended (the "Act"). Before the votes could be counted, the Board had required submissions as to whether the proof of membership requirement – normally satisfied by the presentation of physical membership cards – could in this instance be satisfied by electronic evidence of membership instead. Given the method used to obtain that evidence in this case, the Board concluded that the evidence could be used.

The Board noted that their Rules of Procedures were silent on this particular issue, merely requiring that proof of membership needed to be submitted, without specifying its form. The Rules provided that “‘membership evidence’ includes written and signed evidence that an employee is a member of a trade union or has applied to become a member”, but that did not preclude the possibility of such evidence being electronic.

The Board relied heavily on the security features of the electronic membership evidence in this case as part of its reason for allowing it. These features, the decision notes at para 13, included that:

1. The United Steelworkers’ (“USW”) electronic membership cards were created using Adobe Sign software. The electronic cards are identical to the USW’s physical membership cards and contain the same fields to be completed by an applicant for membership.
2. The USW’s Organizing Coordinator, Darlene Jalbert (the “Organizer”), provided each applicant for membership with a hyperlink to a blank membership card.
3. The applicant for membership opened the hyperlink, sent to them by the Organizer, which directed them to the blank membership card webpage.
4. The applicant for membership filled in the mandatory fields (i.e. company name, date, email address, and signature).v
5. The applicant for membership signed the electronic membership card using the Adobe “draw” function using either a mouse on non-touch screen devices or their finger or stylus on touch-screen devices.
6. Once the mandatory fields were filled in and the electronic membership card had been signed, the applicant for membership received an automatically generated email with a request to confirm his or her identity. The applicant for membership verified his or her identity by clicking on the hyperlink contained therein.
7. After the applicant for membership’s identity was verified, the Organizer received an automatically generated email with the signed electronic membership card. The email contained a hyperlink for the Organizer to counter-sign the electronic membership card. The Organizer counter-signed the electronic membership cards using the same process described in paragraph v above.
8. Once the electronic membership card was signed by the Organizer, both the Organizer and the applicant for membership received an email with the fully completed and signed electronic membership card.
9. Signed electronic membership cards are encrypted and cannot be modified. The Adobe Sign system generates a unique transaction ID for each electronic membership card that provides for a digital certification of authenticity. This certificate of authenticity can be viewed by opening a copy of the signed PDF in Adobe Reader or Adobe Acrobat.

The Board noted that this was arguably stronger protections than would be provided by physical cards, since they provide the same information (e.g. name of individual, employer name, date and contact details), but unlike a paper membership card, the electronic membership card is encrypted and cannot be modified, and there is a certificate of authenticity and an “audit trail”.

The Board also noted that the use of electronic membership evidence was not opposed in this case, and it was possible that they could reach a different decision in future in a case where there was such opposition. However, they also concluded by observing that:

21 The acceptance of electronic membership evidence should come as no surprise to the labour relations community as this Board continues to take steps that embrace technology in furtherance of the purposes of the Act… While each technological advancement carries its own risks, it has been the Board’s experience that the enhanced accessibility and efficiencies outweigh these risks.