On January 31, 2024, the Ontario Court of Appeal (the Court) issued its decision in Del Giudice v Thompson, 2024 ONCA 70, considering the tort of intrusion upon seclusion in the context of data misuse and rejecting the appellants’ arguments seeking class action certification.
The appeal stemmed from the Ontario Superior Court of Justice’s dismissal of the appellants’ motion to certify a class action for various torts relating to data misappropriation and data misuse against the “Capital One respondents” following a 2019 data breach, as previously reported in the E-TIPS® Newsletter here.
In submitting that the motion judge erred in determining that the pleadings did not support any valid cause of action, the appellants separated the causes of action pleaded into two groups: (1) data misuse claims comprising of intrusion upon seclusion, misappropriation of personality, conversion, and breach of confidence, trust, and fiduciary duty; and (2) data breach claims comprising of negligence and failure of a duty to warn, strict liability, negligent breach of contract, and breach of statutory causes of action.
On the issue of intrusion upon seclusion, the appellants attempted to distinguish this case from the trilogy of decisions clarifying the tort (the leading case being Owsianik v Equifax Canada Co., 2022 ONCA 813, previously covered in the E-TIPS® Newsletter here).
Nonetheless, the Court held that the appellants’ claim could not succeed, stating that whether “the alleged misdeeds of Capital One and Amazon are characterized as mistakes in safeguarding information or improper retention and misuse of that information, neither characterization satisfies a key element of intrusion on seclusion: that the conduct be of a highly offensive nature causing distress, humiliation, or anguish to a reasonable person.” The Court found that the aggregation and sale of the financial information obtained by Capital One was not considered highly offensive or humiliating to a reasonable person, and therefore did not constitute an intrusion into seclusion.
The Court considered the appellants’ remaining data misuse and data breach claims, and disposed of each in turn.
Ultimately, the Court dismissed the appeal with costs in favour of the Capital One respondents.
Summary By: Steffi Tran
Disclaimer: This Newsletter is intended to provide readers with general information on legal developments in the areas of e-commerce, information technology and intellectual property. It is not intended to be a complete statement of the law, nor is it intended to provide legal advice. No person should act or rely upon the information contained in this newsletter without seeking legal advice.
E-TIPS is a registered trade-mark of Deeth Williams Wall LLP.