Class actions are not confined to the United States, and Canadian class action law is rapidly developing, as is privacy law nearly everywhere in the world. Evans v. Bank of Nova Scotia, 2014 ONSC 2135 (CanLII), a recent class action decision out of the Canadian courts dealing with information privacy, provides important insights into these important areas of the law.
In Evans, plaintiffs sued the Bank of Nova Scotia for damages for, among other things, intrusion upon seclusion, negligence, breach of contract, breach of fiduciary duty, breach of good faith, and emotional suffering and inconvenience. The case stems from an employee’s disclosure of private and confidential information to his girlfriend, who then provided the information to others for fraudulent purposes. The bank was able to identify whose information had been disclosed, notified those customers, provided free credit monitoring and identity theft protection to those interested, and compensated those who had been the victims of identify theft or fraud for their monetary losses.
Class Action Requirements
Canadian class action law is similar to U.S. class action law, and seems to encompass Rule 23’s requirements as well as U.S. jurisprudence on criteria such as ascertainability. The Canadian law appears to deal with the debate on how much evidence needs to be offered on causes of action at the class certification stage by making the potential viability of a cause of action a class certification requirement. Canadian class action thus largely resembles U.S. class action law, but with notable differences.
Under Section 5(1) of the Class Action Proceedings Act (“CPA”), five requirements must be met for an action to proceed as a class action:
(a) the pleadings or the notice of application discloses a cause of action;
(b) there is an identifiable class of two or more persons that would be represented by the representative plaintiff or defendant;
(c) the claims or defences of the class members raise common issues;
(d) a class proceeding would be the preferable procedure for the resolution of the common issues; and
(e) there is a representative plaintiff or defendant who,
(i) would fairly and adequately represent the interests of the class,
(ii) has produced a plan for the proceeding that sets out a workable method of advancing the proceeding on behalf of the class and of notifying the class members of the proceeding, and
(iii) does not have, on the common issues for the class, an interest in conflict with the interests of other class members.
Section 6 of the CPA then lays out reasons a court cannot refuse to certify a class, including : individualized damages issues, “separate contracts involving different class members,” “different remedies . . . for different class members,” an unknown number of class members or unknown identities, and the need for sub-classing.
Is There a Viable Cause of Action?
As to the substantive claim of intrusion upon seclusion, the bank argued that it could not be held vicariously liable. And even if liable, the bank argued that “damages awarded for the tort of intrusion upon seclusion fall into the category of symbolic or moral damages….[and] that moral damages awarded in such a case are analogous to punitive damages,” which are not available for the tort of intrusion upon seclusion. And as for compensatory damages, the bank argued that it had already compensated those customers who had been victims of identity theft.
The court held that the law on intrusion upon seclusion is unsettled, and that it is possible that the bank could be held vicariously liable for that tort. The court also found the law on punitive damages in this context unsettled, and as for the monetary compensation already provide by the bank, the court held that the bank’s “admission of responsibility to pay for the pecuniary damages suffered is a different situation from the absence of a claim for compensatory damages.”
As to class certification, the court found it compelling that the bank’s admission of liability for monetary damages could be relied on by all class members: “If the action is certified as a class proceeding, the Bank will be bound by its admission of liability for any pecuniary damages suffered by all members of the class. If the action is not certified, the Bank would not be legally bound by its admission.”
The court allowed the other causes of action to proceed as well, finding that it “was not plain and obvious” that plaintiffs would be unsuccessful, with the exception of the claim for breach of fiduciary duty. The court also allowed plaintiffs to proceed in the contrary to pursue a disgorgement of profit claims (waiving their tort claims).
Is There an Identifiable Class of Two or More Persons?
The court found that the class was comprised of all those who received notice from the bank that their information had been violated, and the smaller group of those customers whose information was used in a fraudulent manner could be a subgroup of this larger class.
Are There Common Issues?
Section 5(1)(c) of the CPA provides that “the claims or defences of the class members raise common issues.” Common issues are defined either as “common but not necessarily identical issues of” fact or law. The court held that there were common issues, such as, whether the bank should be held vicariously liable for its employee’s tort of intrusion upon seclusion.
Is a Class Proceeding Preferable?
Canada’s preferability requirement is akin the superiority requirement for class actions under U.S. law. According to the court, “[t]he preferability requirement has two concepts at its core: first, whether the class action would be a fair, efficient and manageable method of advancing the claims; and second, whether the class action would be preferable to other reasonably available means of resolving the claims of class members.” The court held that here, a class proceeding was preferable for a number of reasons. Notably, the court held that “behavior modification” was one such reasons: “[w]ith respect to behaviour modification, the Bank has argued that it has acted responsibly and, as a result, there is no need for behavior modification. I find the Bank has acted quite appropriately since discovering the breach… However, there is still the issue of whether or not the Bank was negligent by failing to appropriately supervise….”
Are the Plaintiffs Appropriate Representatives?
Akin (but not identical) to U.S. law, section 5(1)(e) of the CPA “requires that there be a representative plaintiff who will fairly and adequately represent the interests of the class, who has produced a suitable litigation plan, with a workable plan of advancing the proceeding, and who does not have a conflict of interest on the common issues with other class members.” Here, the court found that the plaintiffs met these requirements.
* * * * *
With information privacy torts increasingly crossing country lines, understanding foreign law — both the substance of the law and any class or mass action procedures — is important for plaintiffs’ and defense attorneys alike.