Do Canadian employees have a right to privacy at work?

A privacy policy can address some concerns but not all policies are sufficient to address the needs that employees have to the protection of their information at work.
A privacy policy can address some concerns but not all policies are sufficient to address the needs that employees have to the protection of their information at work. iStock.

Does Canada have privacy legislation when it comes to protecting the privacy of private sector employees?

Yes and no.

As Fazila Nurani, Senior Counsel and Lead Trainer at Privatech, explained in her Ontario Bar Institute presentation of February 2, 2016, entitled “How to Establish Privacy Policies That Bind”, there are some protections under law for private sector employees.

In the private sector you have the Personal Information Protection and Electronic Document Act (PIPEDA) for federal works employees. Then you have privacy laws in three provinces that affect the workplace: Alberta, British Columbia and Quebec.

What about other provinces that have no privacy legislation?

Well, there is definitely a gap when it comes to protecting the personal information of these employees. Nurani recommends organizations have a good employee privacy policy, which is a great idea for any organization who wants to avoid getting into trouble over possible breaches of an employees’ personal information, whether it be the collection of and/or the use and disclosure of such information.

While an employee privacy policy can address some privacy concerns, not all privacy policies are sufficient to address the needs that employees have to the protection of their private information at work.

There are situations where employers need to access private information about their employees in order to protect their business needs. However, how far should this access go, given this is an employee’s private information?

McMillan Employment lawyer and Privacy & Data Protection Co-Chair Lyndsay A. Wasser wrote back in 2012, “Employers are frequently required to balance the privacy of employees with the need to effectively manage their business.”

As a result of privacy concerns, the common law, that is the law that has been developed by judges, courts and tribunals in Canada, has responded by creating the new tort of “intrusion upon seclusion” in Ontario.

Though this new tort was not created for the purposes of employment law, Wasser writes that it could have “significant implications” for provincial private sector employers, where there is no privacy legislation available.

This new tort arose through the case Jones v. Tsige, a 2012 Ontario Court of Appeal decision.

In the case, a bank employee used her position in order to look at the private banking records of her spouse’s ex-wife.

The court found the bank employee’s actions unacceptable and remarked that due to technological change there is a “novel threat” to the right to privacy.

The court recognized that there is a “problem posed by the routine collection and aggregation of highly personal information that is readily accessible in electronic form.” The appeals court answer was to create this new tort in order to protect people from such easy invasions of privacy. Just because one has access to this type of information, doesn’t mean they should access it.

Though this new tort has not yet been tested in the realm of Canadian employment law, it’s likely only a matter of time, especially in the provinces that don’t have privacy legislation to protect private sector employees.

Find a Lawyer