In Stewart v. Demme, 2022 ONSC 1790, the Divisional Court set aside an order certifying a privacy class action against a hospital and its former employee, Catharina Demme, who was then a nurse.
The decision, written for a unanimous panel by Justice Sachs, marks another case in which the Divisional Court seeks to avoid opening the litigation “floodgates” by allowing actions to blossom from fleeting and harmless intrusions.
The individual intrusions in this case were in fact short-lived and without medical consequence. But regardless of whether this case cries out for a remedy, the Divisional Court’s decision places the plaintiff’s claim outside the proverbial “floodgates” without drawing a discernable boundary around the scope of the young tort at issue.
Further guidance on the scope of intrusion upon seclusion in the class action context may yet be forthcoming, as other privacy proceedings involving electronic data await determination at the Court of Appeal later this year.
The privacy violation
The intrusions occurred over ten years, during which Demme stole narcotics using the hospital’s automatic dispensing system. To do so, she opened patients’ records on-screen, briefly viewing their names, identification numbers, hospital units, medications, and allergy information. She accessed each record for less than a minute.
Demme was criminally prosecuted for the thefts and the hospital was reviewed by the Ministry of Health, but no one compensated the 11,358 affected patients. The plaintiff sued on behalf of people residing in Canada whom the hospital notified about the privacy violation.
The decision below: any invasion into health information can be highly offensive
In the words of Justice Morgan of the Superior Court, this was a “very large narcotics theft but a very small privacy invasion.” Nevertheless, he certified the action.
The central question was whether accessing thousands of patient records for a few seconds each amounted to actionable conduct under the tort of intrusion upon seclusion. Neither party disputed that Demme intentionally and improperly accessed the patients’ health records. Justice Morgan held that the access was an intrusion into the patients’ private affairs. The most contentious question was whether the intrusion was highly offensive.
The plaintiff’s position was that this was a highly offensive invasion of class members’ privacy with real consequences for affected patients’ medical treatment. Justice Morgan found that the intrusion “did not produce any discernable effect on the class” and that, with the prosecution, discipline, and regulatory review which followed the thefts, the factors relevant to the assessment of privacy damages were already “all but addressed”.
Despite finding that this case did not “cry out for a remedy”, Justice Morgan ultimately held that any intrusion into a patient’s private health information may be highly offensive—and that Demme’s “repeated but fleeting wrongful acts” supported a viable cause of action in intrusion upon seclusion. In doing so, he relied on the Court of Appeal’s decision in Jones v Tsige, the seminal case on intrusion upon seclusion in Ontario.
The appeal: not all informational privacy is equal
The Divisional Court disagreed with Justice Morgan’s interpretation of Jones. While that case provides that intrusions into health records can be highly offensive, the Divisional Court emphasized that the tort was intended for serious violations, and cautioned that allowing an action for a minimal, fleeting intrusion would risk opening the floodgates of litigation.
In other words, class members’ loss of control over their information did not “cry out for a remedy” in this case. Although it involved health records, the information was viewed briefly, and was itself “at the low end of sensitive”. Importantly, Demme had no interest in the records, merely opening the electronic display to dispense the medications she was after. The information was also otherwise available to her and to other hospital staff, and there was no discernable effect on the patients.
Together, this moved the claim out of the scope of actionable conduct. The court set aside the certification order, noting that “not all informational privacy is worthy of protection under this tort; it is only certain information, which may include health information, that is worthy of protection.”
But which information is worthy of protection? The court does not draw a line, describing a threshold requiring “deliberate and significant” intrusions. But beyond setting these facts outside that threshold, the decision does not offer much for counsel seeking to prosecute or defend a privacy class action.
 Stewart v. Demme, 2020 ONSC 83, at para 6.
 Ibid at para 12.
 Ibid at para 57.
 Justice Morgan partially granted the defendants’ summary judgment motion, dismissing the plaintiff’s negligence claim on the basis that the elements of loss and causation were not supported in the evidence.
 Ibid at para 26.
 Ibid at paras 75-80.