Menu
Log in
Log in


News

  • 22 Aug 2019 11:04 AM | Deleted user

    Professor’s tweets held to violate arbitration settlement agreement, university relieved of obligation to provide payment

    In Acadia University v. Acadia University Faculty Association, the university had terminated Dr. Rick Mehta, a tenured professor, after there was controversy about various remarks he had made. The faculty association grieved the termination and the matter proceeded to a mediation, in which a confidential agreement was reached under which neither party admitted liability or culpability, and under which the university was to pay Mehta a specified amount. Despite the clear and strong confidentiality clause, Mehta began tweeting about the agreement within minutes of its conclusion, referring to himself as “vindicated” and making repeated references to “severance.” He was immediately advised by counsel for the faculty association to delete the tweets, but did not do so. At one point he deleted certain tweets but left others, and in a letter to the President of the university he threatened to release the agreement unless certain conditions were met.

    Arbitrator William Kaplan held that it was “quite clear” that Mehta had breached the settlement agreement multiple times; quite apart from breaching the confidentiality clause, he had not been “vindicated” and it was highly inaccurate to refer to the payment provided for in the agreement as “severance.” He ruled:

    Settlements in labour law are sacrosanct and given the repeated and continuing breaches, together with the absence of any mitigating circumstance or explanation, I find that the University is no longer required to honour the payment provision.

  • 22 Aug 2019 11:03 AM | Deleted user

    Hacker re-directs settlement funds paid by defendant, but defendant still on the hook

    In St. Lawrence Testing & Inspection Co. Ltd. v. Lanark Leeds Distribution Ltd., Deputy Judge Shane A. Kelford heard a civil dispute between two companies, the central issue in which he summed as follows: “The Plaintiff and Defendant were both innocent victims of a ‘cybercrime’ which resulted in the loss of funds which were paid by the Defendants to settle the Plaintiff’s claim. Both parties are innocent. Unfortunately, one of them must bear the loss.” The two companies had agreed to settlement terms to resolve a dispute about an unpaid invoice. Baker, a paralegal at the law firm representing St. Lawrence, sent the terms of settlement to Lanark via email; the terms included that Lanark would pay $7,000.00 into the law firm’s trust account at a Bank of Montreal branch in Cornwall, Ontario. Less than three hours later, a hacker had taken over Baker’s email account and was intercepting all emails between her and Lanark. The hacker sent revised settlement terms to Lanark, under which Lanark would send the funds to a different account at a credit union in Medicine Hat, Alberta, which was held by someone named “Richard Hoehn.” Lanark asked for a physical address for Hoehn, which the hacker provided, and the funds were sent. There were several exchanges of emails between Lanark and the hacker in which Lanark sought confirmation that the funds had been received, and (the judge surmised) the hacker stalled until the funds cleared the Medicine Hat account.

    When the fraud was discovered, it became clear that the hacker was unknown and that the funds were gone and probably unrecoverable. The law firm’s IT provider determined that the firm’s overall system had not been compromised, but just the email address of Baker, probably by way of a phishing attack or brute force (though she had a password in place that was “strong” by Microsoft’s standards). There was no evidence that the firm had been negligent in its IT security and the court held that Baker had acted reasonably and promptly once the fraud had been discovered, based on what she knew.

    The question that arose was: which party was responsible for the settlement funds? Deputy Judge Kelford reviewed the similar 2017 case of Du v. Jameson Bank, in which Du sued the bank for accepting a request to transfer funds from a hacker purporting to be Du. In that case, Du had signed an account-holder agreement with the bank in which he agreed that: the bank was not obliged to question any request that came from an email account which Du authorized; he was responsible for his own email security; and he was aware of the risk associated with email requests. Outside gross negligence by the bank, Du had given up any potential claim. Here, however, there was no such agreement in place. Lanark argued that, similarly to the bank in Du, it was entitled to rely on email from Baker, the law firm’s representative and had no reasonable basis on which to question the revised instructions regarding the funds. St. Lawrence argued that Lanark should have been suspicious of the same-day revision of the instructions, and that there was no evidence of negligence by St. Lawrence or the law firm.

    The court held:

    56. As noted at the outset of these reasons, the issue in this case can be restated as follows: Where a computer fraudster assumes control of Victim A’s email account and, impersonating Victim A, issues instructions to Victim B, who then transfers funds intended for Victim A (or a third party) to the fraudster’s account, is Victim A liable for the loss?

    57. In my view, the answer is “no”, unless:

    a. Victim A and Victim B are parties to a contract which (i) authorizes Victim B to rely on email instructions from Victim A and, (ii) assuming compliance with the terms of the contract, shifts liability for a loss resulting from fraudulent payment instructions to Victim A;

    b. There is evidence of willful misconduct or dishonesty by Victim A; or

    c. There is negligence on the part of Victim A.

    Deputy Judge Kelford continued:

    59. By way of further reasoning, I see no basis on which to distinguish the circumstances of the fraud in this case from those in which a home computer or business computer is “hacked”, giving a fraudster access to the owner’s email account. The fraudster then sends out an email to all of the “contacts” in the owner’s email address book, asking the recipient to wire funds (typically $1,000 to $5,000) immediately to a PayPal or similar account able to receive electronic funds transfers. Assuming that the computer owner took the reasonable and recommended security precautions for its email account, I see no basis on which the computer owner could be held liable to reimburse those individuals who unfortunately fall victim to the fraud.

    60. In reviewing legal commentary on computer fraud, this is clearly an area that would benefit from legislation to establish clear principles and guidelines for the allocation of liability in the event of computer frauds, which are increasing in number. In the United States, commentary with respect to the Uniform Commercial Code provisions dealing with wire transfer fraud suggests that in most cases, absent evidence of negligence or malfeasance by the “beneficiary” (receiving party), it is the “originator” of the transfer who is in fact dealing with the fraudster (albeit unknowingly), and is therefore in the best position to recognize potential indicia of fraud (i.e. such as changed or unusual payment instructions).

    61. As a general rule, equitable negligence principles seek, after the fact, to place responsibility for a loss on the party best able to prevent the harm.

    In the result, Lanark was ordered to pay the settlement funds but with no award of pre-judgment interest. Moreover, due to the novelty of the case, no costs award was made.

  • 30 May 2019 12:14 PM | Deleted user

    PIAC requested clarification that this right extends to former customers and purchasers of second-hand devices

    The Public Interest Advocacy Centre (PIAC) petitioned the CRTC for clarification of the device unlocking rules that are part of the Wireless Code. The ambiguity PIAC pointed to had to do with prior customers of telcos. In particular, they said:

    11. PIAC asked the Commission to clarify Rule F.1.(ii) of the Wireless Code such that all devices purchased prior to 1 December 2017 that are locked to a given WSP’s network should be unlocked upon request and at no cost, regardless of whether the device owner currently has, previously had, or never had an active account with the WSP (hereafter, PIAC’s proposed clarification).

    12. In PIAC’s view, the Wireless Code may be ambiguous in terms of who the device unlocking rules are intended to benefit. The Preamble to the Wireless Code states that any ambiguity is to be resolved in favour of customers. PIAC argued that this ambiguity should be resolved to clarify that a person does not need to have an ongoing service contract to have their device unlocked free of charge.

    The Code defines customers to be “Individuals or small businesses subscribing to wireless services, including account holders, device users, and authorized users.” The obligation to unlock devices relates to “customers” and the preamble of the Code says that any ambiguity is to be interpreted in favour of the “customer”. 

    The CRTC, in Telecom Decision CRTC 2019-169, declined to “clarify” or otherwise change the Code, noting that current customers have this right and former customers have other options available to them. Now that devices must be sold unlocked, the number of current or former customers who seek unlocking of devices is declining significantly.

  • 30 May 2019 12:12 PM | Deleted user

    Broad proposals more of an election platform than an action plan for digital issues

    In a speech at the Empire Club on May 21, 2019 (YouTube recording), Innovation Minister Navdeep Bains outlined a “Digital Charter” intended to guide future legislation and policy priorities in the areas of trust, data policy, privacy, misinformation and democracy. The Charter is based on ten principles, some of which have been further elaborated on in documentation linked from that page:

    1. Universal Access: All Canadians will have equal opportunity to participate in the digital world and the necessary tools to do so, including access, connectivity, literacy and skills.
    2. Safety and Security: Canadians will be able to rely on the integrity, authenticity and security of the services they use and should feel safe online.
    3. Control and Consent: Canadians will have control over what data they are sharing, who is using their personal data and for what purposes, and know that their privacy is protected.
    4. Transparency, Portability and Interoperability: Canadians will have clear and manageable access to their personal data and should be free to share or transfer it without undue burden.
    5. Open and Modern Digital Government: Canadians will be able to access modern digital services from the Government of Canada, which are secure and simple to use.
    6. A Level Playing Field: The Government of Canada will ensure fair competition in the online marketplace to facilitate the growth of Canadian businesses and affirm Canada's leadership on digital and data innovation, while protecting Canadian consumers from market abuses.
    7. Data and Digital for Good: The Government of Canada will ensure the ethical use of data to create value, promote openness and improve the lives of people—at home and around the world.
    8. Strong Democracy: The Government of Canada will defend freedom of expression and protect against online threats and disinformation designed to undermine the integrity of elections and democratic institutions.
    9. Free from Hate and Violent Extremism: Canadians can expect that digital platforms will not foster or disseminate hate, violent extremism or criminal content.
    10. Strong Enforcement and Real Accountability: There will be clear, meaningful penalties for violations of the laws and regulations that support these principles.

    Given that there is a short window before Parliament rises for the summer and with an election expected in October, the Digital Charter has been understood to be as much of an election platform as anything else. And, in many cases, the Digital Charter recites previous statements of principles made by the federal government. 

    In particular, the Minister in his speech and in subsequent documentation, has outlined significant changes to Canada’s private sector privacy law, the federal Personal Information Protection and Electronic Documents Act. This is described in “Strengthening Privacy for the Digital Age”, which does not lay out may specifics about privacy law reform, but includes a list of “possible options” and “considerations and questions” for each of them. Most significant, perhaps, is an intention to increase the Privacy Commissioner’s enforcement powers, though this also has few specifics.

  • 30 May 2019 12:11 PM | Deleted user

    Some causes of action viable, but application fails on commonality of claims across the proposed class

    The Ontario Superior Court of Justice has refused to certify a proposed class action against a casino that was a victim of a cyberattack that saw personal information of about 11,000 customers posted online. In Kaplan v. Casino Rama, the application mainly failed on the question of “commonality” among the proposed class members, but the judge commented upon other important elements of the case put before him.

    The facts are summarized by the judge:

    [1] Two and a half years ago, in November 2016, Casino Rama was targeted in a cyber-attack. An anonymous hacker accessed the Casino’s computer system and stole personal information relating to customers, employees and suppliers. When ransom demands proved futile, the hacker posted the stolen data on the internet. Just under 11,000 people had some personal information posted online.

    [2] The Casino contacted all appropriate authorities, took steps to close down the two websites that contained the stolen information, notified the thousands of customers, employees and suppliers potentially affected by the security breach and offered free credit monitoring services for one-year to many of them.

    [3] Fortunately, some two and half years later, there is no evidence that anyone has experienced fraud or identity theft as a result of the cyber-attack. There is no evidence that anyone has sustained any compensable financial or psychological loss.

    The plaintiffs sought certification in negligence, breach of contract, intrusion upon seclusion, breach of confidence and publicity given to private life. The judge concluded that the claims related to breach of confidence and publicity given to private life are “doomed to fail and should be struck.” It must be noted that this test is solely based on what is in the pleadings, rather than anything that is proven in law. 

    Interestingly, the judge did find that certain representations in the casino’s privacy policy could create contractual representations, the breach of which could create a contractual claim:

    [25] Breach of contract. Nor am I prepared to find that the breach of contract claim as pleaded is doomed to fail. I agree with the defendants that a company’s recitation of a privacy policy whose scope and content is determined solely by federal or provincial privacy law does not generate an enforceable consumer agreement. As recognized in John Doe and Broutzas, courts generally do not enforce agreements that simply repeat without more pre-existing statutory duties.

    [26] Here, however, there is more. The plaintiffs allege breach by the defendants of their own privacy policy (not just the one that was statutorily-mandated) and breach of “industry standards” whatever that may mean.

    [27] I am therefore inclined to find that the breach of contract claim discloses a viable cause of action under s. 5(1)(a) of the CPA. [footnotes omitted]

    For the breach of confidence claim, the Court concluded that a failure to secure the plaintiffs’ confidential and personal information was not a “misuse” of that information, so this claim was doomed to fail. 

    While some of the claims may have been viable individually, the Court concluded that there was no commonality that could permit the certification:

    [55] Section 5(1)(c) of the CPA requires that the claims or defences of the class members raise common issues. There is no dispute about the applicable law. For an issue to be common, it must be capable of being answered once for all class members. As noted in the leading class actions text:

    [I]f an issue can be resolved only by asking it of each class member, it is not a common issue …An issue is not “common” simply because the same question arises in connection with the claim of each class member, if that issue can only be resolved by inquiry into the circumstances of each individual’s claim … The fact of a common cause of action asserted by all class members does not in itself give rise to a common issue since the actual determination of liability for each class member may require individualized assessments.[37]

    [56] The problem here, with almost all of the PCIs [proposed common issues], is that there is no basis in fact for either the existence of the PCI or its overall commonality or both. Further, many of the PCI’s, particularly those that ask about duty of care or breach of a standard of care, require so much in the way of individual inquiry that any commonality is overwhelmed by the need for individualized assessments.

    With the explosion of privacy class action lawsuits following the Ontario Court of Appeal decision in Jones v Tsige, we are beginning to have a body of caselaw refining how courts will at least address certification questions, particularly where there has been no tangible harm to the individual proposed class members.

  • 30 May 2019 12:10 PM | Deleted user

    Man acquitted on parking ticket because electronic document from online “pay for parking” system not authenticated

    In City of St. John’s v. Sean Callahan, the accused had been issued a parking ticket under the relevant city by-law after his mobile home was alleged to have been parked illegally. The motor home had been parked in an area that was clearly indicated by signs to be the site of a “park and pay” mechanism; users were directed to download a parking app onto their phones. The trial judge noted that while the regime expected a certain level of technological sophistication from users, the process to be followed was clearly set out in the by-law and there was a phone number provided on the signage for people needing assistance. The accused testified that he simply did not appreciate the contents of the signage and had parked his vehicle at a parking pole that had no meter, which was permissible under the by-law.

    A city Parking Enforcement Officer had accessed the online parking system and obtained a list of vehicles that had paid for parking at the relevant time, and noted that the accused’s vehicle was not among them. At trial he produced a printed copy of this list, which was filed as an exhibit, but he gave no testimony about the online system or how it worked. This proved to be the fatal flaw in the city’s case. Judge Orr began by noting the requirements for prove as regards electronic documents:

    [9] In this case non- payment at the time the ticket was issued was admitted by Mr. Callahan. However I note that when a document is produced at trial, in this case the printed parking record, the prerequisite to its admission is authentication. Methods of authentication include viva voce testimony, common law rules and presumptions, or statutory instruments. (The Law of Evidence in Canada, Fourth Edition, p. 1243.) Parking Officer Brown did not testify as to how the electronic system worked how or on what system the records were stored or their accuracy. Besides Officer Brown’s evidence there was no other evidence called as to the systems integrity or how the records were stored, created and retrieved no technical evidence of any kind. There are no legislative provisions in the Bylaw itself or the Highway Traffic Act, The City of St John’s Act, The Provincial Offences Act or The Evidence Act that set out how evidence about the payment process and the retrieval of the record from its electronic data base can be admitted and interpreted.

    [10] In Criminal proceedings the admission of digital records is governed by 31.1-31.8 of the Canada Evidence Act. The statutory regime is set up primarily to deal with issues about the integrity of the computer system. It does not deal with the admissibility of the contents of electronic records. Instead it creates two pre-conditions that must be met, the authenticity rules and best evidence rules. Section 31.1provides that a person seeking to admit an electronic document must prove its authenticity by “evidence capable of supporting a finding that the electronic document is that which it purports to be.” Similarly, with respect to the best evidence rule there is a presumption created of system integrity that “there is evidence capable of supporting a finding that the system was operating properly”. This can be easily addressed; R. v. Nichols (2004) O.J. No. 6186 held that viva voce evidence from a system user can be evidence that meets the threshold for both issues and expert evidence was unnecessary. These sections are not part of the evidentiary rules adopted by the Summary Proceedings Act but they do encapsulate in most respects the common law rules that would apply. 

    Judge Orr then went on to express the need to balance functional practicality in the authentication of electronic evidence with the need to avoid over-expansive use of judicial notice:

    [11] Judicial notice by a court of facts without the requirement of proof is permissible only with respect to facts: 1) so notorious as not to be the subject of dispute among reasonable persons; or 2) capable of immediate and accurate demonstration by resorting to readily accessible sources of indisputable accuracy and may be noticed by the court without proof of them by any party. (R v Williams1998 CanLII 782 (SCC), [1998] 1 SCR 1128). Courts have identified the issue of judicial notice as having its own particular problem when dealing with information provided by new technologies. Expert evidence has increasingly but unevenly been held to be unnecessary to explain how technology and social media widely used by the general public and government agencies works. In R. v. Hamilton2011 ONCA 399 (CanLII), [2011] O.J. No. 2306, technicians were permitted to testify about the location of cell phones without being qualified as “experts”. On the other hand, in R. v. Peliech, [2012] O.J. No. 2467, a Mohan voire dire was held to explain how a widely used software program “Lime Wire” was used. Expert evidence implies that the witness has special knowledge. It seems clear that Courts should accept that technologies broadly used and understood by members of the public do not need expert proof to be accepted. At the same time, judges must exercise caution when taking judicial notice of notorious facts and relying on internet sources of “indisputable” accuracy, such as Google Maps. In R. v. Calvert, [2011] ONCA 379, the trial judge reviewed a Google Map on his own initiative to ascertain the distance between the scene and the police station. This was held to be permissible; however, the closer the judicially noted matter is to the central issue, the stricter the requirements of indisputability and notoriety.

    [12] A Court should adopt a functional approach to new technologies and conduct trials effectively and realistically. At the same time when the technology is being relied on to establish an offence even as minor an offence as the breach of a By Law there needs to be a level of confidence in the evidence presented that would justify entering a finding of guilt.

    [13] In this case, there is no proof authenticating the parking record. The evidence of the Parking Enforcement Officer did not provide any detail or information to establish the reliability or authentication of the parking record. Consequently given this gap absent the creation of a legislated rule the City’s evidence of non- payment is inadmissible.

    The City having failed to prove non-compliance with the by-law, the accused was acquitted.

    In our view, this otherwise low-stakes case hits a number of interesting points regarding the admissibility and use of electronic evidence. We are past the point where expert evidence is always required in order to authenticate electronic documents, since it is well within the capacity of lay witnesses to testify as to the practical functionality of various kinds of computer systems. As Justice Paciocco has noted, it is not necessary that witnesses understand the entire inner workings of any kind of machine in order to be able to testify as to how they work (see Justice David M. Paciocco, “Proof and Progress: Coping With the Law of Evidence in a Technological Age” (2013) 11 Canadian Journal of Law & Technology 181). Pragmatism is key. On the other hand, while judicial notice is available in some respects, it should be used cautiously. Equally interesting is Judge Orr’s suggestion that the technical requirements for adducing electronic documents, which are set out in the federal and provincial evidence statutes, can be assimilated into the common law for the purposes of cases brought under the Summary Proceedings Act.

  • 30 May 2019 11:48 AM | Deleted user

    Parents in child support proceeding duel over justiciability of cryptocurrency assets

    In M.M.D. v. J.A.H., a child support proceeding, the Applicant mother argued that the Respondent father had more income available to him to support their child than was indicated by the evidence he had led thus far. Specifically, she alleged that he had a large amount of equity in Bitcoin investments (over $9 million), the details of which he was failing to disclose. The judge agreed with the mother that it was clear that the father had more income than he was claiming for particular tax years but refused to impute income to the father from the Bitcoin investments, given the complexity of the asset and lack of evidence. The mother was awarded an interim payment from the father to retain an expert to analyze the Bitcoin assets. Regarding disclosure of evidence of the Bitcoin, the judge noted:

    [138] The Respondent has investments in cryptocurrency with a value of $9,502,416 as at February 8, 2019. He asks that only redacted documents related to this investment be produced to the Applicant and filed with the court.

    [139] The Respondent states there is a substantial risk that production of information could lead to attacks and give third parties the ability to access and perhaps steal these assets.

    [140] I have no expert evidence on this issue. It is clearly a volatile, emerging, intangible source of wealth which the courts will have to grapple with more frequently in future.

    [141] For purposes of this case, I find there is no prejudice to the Applicant if she receives the disclosure of the Respondent’s cryptocurrency assets in redacted form. There is a greater risk of prejudice to the Respondent if he is required to produce them in an unredacted form which could compromise the security of this substantial asset.

  • 15 May 2019 12:29 PM | Deleted user

    Class action for breach of copyright over obituaries and attached photos successful at Federal Court

    In Thomson v. Afterlife Network Inc., Thomson was the representative plaintiff in a class action claiming that obituaries and photographs authored and taken by Thomson (and others in the class) that had been posted online to various funeral homes and newspapers, were taken from the internet without permission and reproduced by Afterlife for profit. The suit alleged copyright infringement and infringement of moral rights of the members of the class, as the Terms of Service on Afterlife’s website stated that Afterlife owned the copyright in the website contents. 

    Thomson’s father passed away in January 2017, at which point she authored an obituary that, along with a photo of her father, was published by a funeral home with her permission. A year later she discovered that Afterlife displayed the obituary and photograph on their website, without her permission, and provided options to buy flowers and virtual candles. Thomson submits that Afterlife caused viewers of their website to believe she had consented to the use of her father’s obituary and image, and to believe that she would profit from sales. 

    Afterlife’s solicitor withdrew and Afterlife did not participate in the proceedings, having shut down its website one month after the class proceeding was certified. Traffic had been redirected to a similar website, with template rather than identical obituaries. 

    The court found, on the basis of CCH Canadian Ltd v Law Society of Upper Canada, 2004 SCC 13, that the obituaries and photographs were original works in which the author, here Thomson, possessed copyright, and that Afterlife’s actions constituted copyright infringement since it had reproduced the original works without permission. As to the moral rights claim, the court invoked Maltz v. Witterick, 2016 FC 524, which held that “an author’s right to the integrity of a work includes not only a highly substantive aspect, which the author of the work must establish, but also an objective element requiring evaluation of the prejudice to that author’s honour or reputation based on public or expert opinion.” The court found that while Thomson was sincere that her honour and reputation were prejudiced, no objective evidence of such was provided, and therefore the court was unable to make a determination as to prejudice. 

    The FC awarded aggregate damages of CA$10 million, and aggravated damages of CA$10 million across 2 million instances of infringement. The aggravated damages were granted due to the court’s finding that Afterlife’s conduct was high-handed and had significant impact on the members of the class.

    (with a contribution from Daniel Roth)

  • 15 May 2019 12:28 PM | Deleted user

    Court of Appeal finds trial judge erred in failing to acknowledge authenticity and admissibility of texts and photos

    In R. v. C.B., the two appellants had been convicted at trial of assault, sexual assault and unlawful confinement of the two 16-year old complainants, arising from events that took place over the course of two days at the home of the appellant C.B. On appeal were issues relating to electronic evidence that had been led at trial. On the main issue, the complainant DP was cross-examined on the basis of texts between her and CB (extracted from CB’s phone) which were contemporaneous to the alleged offences. These texts appeared to show her joking about sex and the use of sex toys, around the time she said she had been sexually assaulted. She acknowledged that the phone number for the phone on which the texts were received was hers, and that one of the texts related to her then-boyfriend. At this point in the judgment Watt J.A., writing for the court, provided a mini-excursus on texting terminology (possibly recounting the witness’s testimony):

    But the term “LMFAO”, which was included in her text, could mean several things. It could mean what it says. Or it could mean that somebody is uncomfortable with the situation and is just laughing about it to show them that. It is undisputed that the term “LMFAO” is a common acronym used in text messaging for “laugh my fucking ass off”.

    When cross-examination resumed the next day, however, DP denied that a number of the texts sent from her phone were authored by her, because she “did not talk like that,” and suggested that a monitoring app had been placed on her phone by CB. In his reasons for judgment the trial judge emphasized the complainant’s latter statements about the texts, emphasized there had been no forensic evidence led about the texts and stated they had “no probative value” because there was “no evidence as to whose phone it was, who put the messages in the phone.”

    The appellants appealed on the basis that the trial judge appeared to have found that the texts had not been authenticated, and thus were inadmissible, when there was sufficient evidence on the record as to the authorship of the texts. Watt J.A. agreed with this argument, tracing the provisions regarding the admissibility of electronic evidence in the Canada Evidence Act and noting that the authentication requirement, s. 31.1, simply mirrored the common law and its very low threshold that there be “some evidence” that the electronic documents were what the offering party purported them to be. With specific record to communications like texts, he remarked:

    [69] At common law, correspondence could be authenticated by the “reply letter” doctrine: to authenticate correspondence as having been sent by one individual to another, evidence is adduced to show it is a reply to a letter sent to that person. As a matter of logic, the same should hold true for text messages and emails. Evidence that A sent a text or email to B whom A believed was linked to a specific address, and evidence of a response purportedly from B affords some evidence of authenticity: David Paciocco, “Proof and Progress: Coping with the Law of Evidence in a Technological Age” (2013) 11 C.J.L.T. 181, at pp. 197-8 (Paciocco).

    [70] In a similar way, text messages may be linked to particular phones by examining the recorded number of the sender and receiving evidence linking that number to a specific individual, as for example, by admission: Paciocco, at p. 198.

    [71] But what of the prospect of tampering? Does it have to be negated before digital evidence can be properly authenticated?

    [72] As a matter of principle, it seems reasonable to infer that the sender has authored a message sent from his or her phone number. This inference is available and should be drawn in the absence of evidence that gives an air of reality to a claim that this may not be so. Rank speculation is not sufficient: R. v. Ambrose, 2015 ONCJ 813 (CanLII), at para. 52. And even if there were an air of reality to such a claim, the low threshold for authentication, whether at common law or under s. 31.1 of the CEA, would seem to assign such a prospect to an assessment of weight.

    Here, it appeared that the trial judge had made two mistakes: he had failed to fasten on the fact that DP had provided testimony proving that the set of texts was a conversation between herself and CB, and he had appeared to require expert forensic evidence in order to establish authenticity, which was unnecessary. Justice Watt concluded on this point:

    [78] Satisfaction of the evidentiary threshold for authentication under s. 31.1 of the CEA or at common law renders the evidence admissible; in other words, available to the trier of fact for ultimate evaluation [editor’s note: assuming, we expect Justice Watt meant, that the evidence does not offend one of the admissibility rules, e.g. hearsay, prior consistent statement]. It does not follow from admissibility that the trier of fact must find that the evidence is in fact what it claims to be. What remains of the dispute after admissibility has been established relates to the weight to be assigned to the evidence. And that issue is left to the trier of fact to decide.

  • 15 May 2019 12:27 PM | Deleted user

    Jarvis applied to screenshots made secretly during Skype chat

    The Ontario Court of Appeal has further clarified the voyeurism offence in section 162(1) of the Criminal Code with its decision in R v Trinchi. In part the decision is an application of the recent Supreme Court decision on the same offence in R v Jarvis (and indeed the appeal was delayed until Jarvis had been decided), but the decision also goes on to settle a point which was not central to the decision in that other case.

    Trinchi and his partner, the complainant, were in a long-distance relationship in the course of which they regularly engaged in intimate webcam video chats over the course of a year and a half. During the video chats both parties were nude, and the complainant willingly posed in sexually provocative positions for Trinchi. Trinchi took screenshots of her from these video livestreams: the complainant was aware that her image was being captured as video and streamed over the internet to Trinchi, but she was unaware that these screenshots were taken. After the complainant ended the relationship, these screenshots were widely distributed to many people by email, and as a result Trinchi was charged with a number of offences, most of which related to the distribution of intimate images. Because of the possibility that Trinchi’s new girlfriend had distributed the images, the trial judge had reasonable doubt and acquitted the accused of the distribution charges. However, the judge had no doubt that Trinchi had taken the screenshots and so convicted him of the voyeurism charge. 

    There are various versions of the voyeurism offence, but there was no dispute that the element set out in section 162(1)(b) was met, namely that

    (b) the person is nude, is exposing his or her genital organs or anal region or her breasts, or is engaged in explicit sexual activity, and the observation or recording is done for the purpose of observing or recording a person in such a state or engaged in such an activity.

    Similarly it was not disputed that the accused was the person who had taken the screenshots. However, the voyeurism offence has two further requirements: 1) that the complainant was “in circumstances that give rise to a reasonable expectation of privacy”, and 2) that the screenshot was made “surreptitiously”. Trinchi argued that neither of these elements were made out: the Ontario Court of Appeal disagreed and upheld the conviction.

    Trinchi argued that the complainant could not have a reasonable expectation of privacy in the circumstances, having knowingly and willingly posed nude in front of the webcam. That is, he argued that although “engaging in sexual activity in one’s own bedroom is a circumstance that attracts a high expectation of privacy…the complainant admitted him within her circle of privacy by voluntarily exposing herself, knowing she was doing so through a camera, a device the very purpose of which is to capture images” (para 17). He argued that the voyeurism offence was designed to apply to “peeping toms,” not to intimate partners, and that the complainant’s act of voluntarily exposing herself in front of a camera negated her reasonable expectation of privacy. 

    In this context, however, the Ontario Court of Appeal relied on Jarvis, noting that the test for a reasonable expectation in the meaning of this section was “whether in the circumstances the person observed or recorded would reasonably expect not to be the subject of the type of observation or recording that in fact occurred” (para 14). They noted that Jarvis had offered, as an example, the possibility of one partner video-recording consensual sexual activity without the knowledge of the other, and held that that was essentially what had occurred here:

    [19] This example, it seems to me, provides a short and direct path to the conclusion that the complainant had a reasonable expectation the appellant would not take screenshots of their consensual sexual activity. It should not make a difference that their consensual activity took place in “virtual space” rather than in a physical room. She necessarily expected to be observed by the appellant in the live-streamed video, but did not expect he would make a permanent recording of her naked.

    The most notable consideration for the Court of Appeal was the distinction between mere observation and recording a permanent image. The making of a permanent image raises the risk of the complainant being observed by others than those by whom she was consenting to be seen, as in fact occurred in this case. On that basis the Ontario Court of Appeal found that the complainant did in fact have a reasonable expectation of privacy.

    The remaining issue was whether the accused had acted “surreptitiously”, which was largely a matter of statutory interpretation. Trinchi argued that the complainant never indicated she did not want screenshots taken, and that he never promised he would not take screenshots. More importantly, though, Trinchi argued that the trial judge had applied the wrong test to determine surreptitiousness: it was a factor that had to be determined by looking at an accused’s intention, not from the complainant’s perspective. He argued that Jarvis had pointed to the difference between “reasonable expectation of privacy” and “surreptitiously”, and that the former focused on the complainant’s perspective, but the latter related to the observer.

    The Crown argued, to the contrary, that it should be sufficient if a complainant did not know of the recording, and the accused was aware the complainant did not know: if there were a requirement to prove the accused’s intention, they argued, it would be too difficult to prove that an accused had acted “surreptitiously”.

    On this matter of statutory interpretation, the Ontario Court of Appeal sided with Trinchi’s argument that it was necessary to prove that the accused intended that the complainant be unaware. They held:

    [46] I am satisfied that the ordinary meaning of the word “surreptitiously” does include intent as part of its meaning. A person who observes or records with the intention that the subject not be aware that he is doing so, is attempting to avoid notice or attention. Moreover, I consider M.E.N.’s articulation of the mental element to be apt. The mental state required by the word “surreptitiously” in s. 162(1) is the intent the subject not be aware that she is being observed or recorded. In a prosecution under s. 162(1)(b), the Crown may prove the accused acted surreptitiously by proving that he observed or recorded the subject with the intention she be unaware he was doing so. 

    They also suggested that this definition was not likely to create the difficulties in proof suggested by the Crown:

    [48] Understanding the word “surreptitiously” in this way would not prevent a successful prosecution in the Crown’s example of the smartphone on the accused’s bedside table recording consensual sexual activity. In the example, the accused would have had to initiate the smart phone’s video recording mode and position the device so its camera focused on the sexual activity. Where the complainant testifies that she did not consent to being recorded and was unaware the recording was being made, and without evidence to explain the positioning and active state of the phone, the fact-finder would have an adequate basis to infer that the accused intended the complainant be unaware he was recording her.

    Essentially on that sort of basis the Ontario Court of Appeal concluded that surreptitiousness had been shown in this case. The trial judge had repeatedly stated that Trinchi had acted “secretly” and that his actions were “clandestine”. Further, 

    [55]…The appellant’s state of mind could be inferred from the circumstantial evidence. The complainant did not know the screenshots were being taken. The appellant never told the complainant he was taking screenshots; the subject of taking screenshots never came up during the parties’ 400-odd video chats. The complainant could see the appellant during their video chats, and he had taken the screenshots in a way that the complainant had not noticed. After taking the screenshots the appellant never mentioned them. Her lack of awareness could also be reasonably expected under the totality of these circumstances. These facts supported the trial judge’s inference that the appellant had intended that the complainant not know he was taking screenshots of her.

    Accordingly the conviction was upheld.

  

Canadian Technology Law Association

1-189 Queen Street East

Toronto, ON M5A 1S2

contact@cantechlaw.ca

Copyright © 2024 The Canadian Technology Law Association, All rights reserved.