September 01, 2014
Associate Molly Reynolds was quoted in Law Times on an article about the changing landscape of privacy class actions, particularly in light of recent high-profile privacy breaches in Canada, including those related to cases like Condon v. Canada and Evans v. The Bank of Nova Scotia.
Below is an excerpt of the article.
According to Reynolds, Condon differs from Evans because while the latter case deals more with the vicarious liability of the employer, Condon focuses more on the issue of recklessness.
“The question is whether the employee was reckless or otherwise negligent in having lost the USB key in the first place,” she says.
The fact that it’s not clear what happened to the hard drive or whether anyone else had ever accessed the private information further complicates the case.
“It was a breach; we just don’t know if there were any consequences or any harm stemming from the breach,” says Reynolds.
“But what’s interesting about the damages issue here is that you can’t necessarily identify whether anybody has been the victim of identity theft and they’re going to have a struggle, I think, with causation.”
Reynolds says that even if the plaintiffs are unable to prove harm, the judge could still award nominal damages to them, as happened in Jones and numerous cases dealing with the Personal Information Protection and Electronic Documents Act in the federal courts.
“When you have a class as big as 500,000 class members, $5,000 in nominal damages times 500,000 or 600,000 could actually be a pretty hefty damage award against the government,” she says.
To read the full article, click here.