Arbitrator Determines that Employee Did Not Have Reasonable Expectation of Privacy When Using Work Computer to Run Charity

September 2017

Previously printed in the LexisNexis Labour Notes Newsletter.

In Toronto (City) v. CUPE, Local 79 (Wright Grievance), [2016] O.L.A.A. No. 445 (Misra), an Ontario arbitrator considered whether an employer can rely on documents obtained from an employee’s work computer to uphold the termination of her employment for using employer resources and time to run her own charity.

Sebrina Wright (the “Grievor”) was employed by the City of Toronto (the “Employer”) from 2010 to 2012 as a case worker in its Employment and Social Services department. The Grievor was discharged following a six-week investigation into her use of City resources (her office computer) and time to manage and run a charity for underprivileged children called The Wright Place.

At the hearing, the Employer sought to rely on seven e-mail messages with attachments from the Grievor’s work computer to establish that she was operating and managing the charity during work hours. The seven documents originated from the Grievor’s H: drive – the network drive used by employees to store work documents on which they were actively working.  The Employer had obtained these e-mail messages from the Grievor’s work computer after she knew an investigation had been initiated but before she was discharged.

CUPE, Local 79 (the “Union”) objected to the introduction of the work computer e-mail messages. It argued that the Grievor had a reasonable expectation of privacy with respect to the material on her work computer, and said the e-mail messages were inadmissible.  The Union relied on R v. Cole, where the Supreme Court of Canada found that a teacher’s personal use of a workplace laptop computer created personal information that “connected to his biographical core”.  The Union similarly argued that the documents on which the Employer sought to rely went to the Grievor’s biographical core.  The Union argued that unlike running a for-profit business or viewing pornography on a work computer, the Grievor’s work for charity could not be characterized as a fraud or breach of trust.

The Employer took the position that the Grievor’s conduct breached its conflict of interest policy and its clear IT policies, which specifically outlined that an employee’s use of the City’s resources would be monitored. The Employer argued that the Grievor did not have an expectation of privacy in her work computer in all of the circumstances, which included the training she had received.

Arbitrator Gail Misra reviewed the relevant arbitral law since R v. Cole and determined that the Employer’s policies and training significantly limited any expectation of privacy which the Grievor had in the documents.  Considering the documents themselves, the arbitrator agreed with the Employer that they were related to the operation of the Grievor’s charity and could not be considered part of the Grievor’s biographical core.  The arbitrator also rejected the Union’s argument that the fact the Grievor was running a charity made her conduct any less culpable.  Lastly, the arbitrator found the Employer conducted its investigation in a reasonable manner, and the documents on which it sought to rely were directly related to the matters at issue in the case.

The documents obtained from the Grievor’s work computer were admitted into evidence, and her discharge was ultimately upheld. While this case summary focuses only on the privacy aspects of the arbitrator’s award, it is noteworthy that the Grievor’s human rights complaint heard at the same hearing was also dismissed.

Takeaway Points

This is one of the more recent arbitral decisions to consider the appropriate balance between an employee’s expectation of privacy, as established in R v. Cole, and an employer’s right to manage the workplace, including in the course of conducting workplace investigations.

In this case, the Employer’s strong IT policies and training were significant factors in diminishing the Grievor’s expectation of privacy. Coupled with the fact that the Employer only sought to rely on a limited number of documents directly related to the misconduct and obtained the documents after other less intrusive steps had been taken and the Grievor knew she was under investigation, the Employer had a strong argument when arguing for the admissibility of the documents.

It is our recommendation that employers ensure an appropriately robust IT policy is in place and employees are trained on applicable employer policy. When issues arise, it is important for employers to fully consider the privacy issues at play and the timing of investigative steps in order to ensure any relevant documents are admissible in a subsequent legal proceeding.