SlideShare une entreprise Scribd logo
1  sur  24
Key issues in workplace privacy,[object Object],Dan Michaluk,[object Object],May 12, 2010,[object Object]
Overview,[object Object],Monitoring business systems,[object Object],Publication and “off duty” conduct,[object Object],Background check developments,[object Object]
Monitoring business systems,[object Object],Why?,[object Object],To engage in maintenance, repair and management,[object Object],To meet a legal requirement to produce,[object Object],To ensure continuity of business practice,[object Object],To improve business processes,[object Object],To maintain internal control (including preventing misconduct and ensuring legal compliance),[object Object]
Monitoring business systems,[object Object],How businesses maintain internal control,[object Object],Conduct routine audits*,[object Object],Investigate suspicions of misconduct*,[object Object],Respond to what they find,[object Object],Keep a good record of the same,[object Object]
Monitoring business systems,[object Object],The traditional law,[object Object],Notification does count,[object Object],The employer owns the medium and has lots of good reasons to look,[object Object],E-mail communication is too insecure to expect privacy,[object Object],No balancing of interests at all,[object Object]
Monitoring business systems,[object Object],Challenge #1 – Decision-maker value shift,[object Object],LethbridgeCommunity College (2007),[object Object],MS Hotmail e-mails retrieved through forensic analysis,[object Object],First case to impose a reasonable grounds requirement for investigation,[object Object],Value shift may also be gleaned from Cole and Tfaily (two very recent and hot Ontario cases),[object Object]
Monitoring business systems,[object Object],Challenge #2 – Supervisor value shift,[object Object],Quontext message case heard by SCOTUS in April 2010,[object Object],Will your supervisors enforce policies they deem to be intrusive?,[object Object]
Monitoring business systems,[object Object],Change #3 – Privacy legislation,[object Object],Imposes an “objective reasonableness” requirement,[object Object],At play in UBC spyware case,[object Object],But, notably, Johnson case suggests PIPEDA does not apply to “personal” e-mails,[object Object]
Monitoring business systems,[object Object],Option #1 – Try harder to control expectation,[object Object],Personal use does not come with privacy!,[object Object],Routine acknowledgements,[object Object],Audit and communicate audit results to employees,[object Object]
Monitoring business systems,[object Object],Option #2 – Go with a purpose-based policy,[object Object],List purposes and stick with purposes,[object Object],Give the same expectation of privacy warning re personal use,[object Object],Set a evidence-based standard for investigation,[object Object],Set a protocol or procedure for audits,[object Object]
Publication and “off duty” conduct,[object Object],Bob and Sue had a long day. They go to the Dirty Dog Pub after work and, over the course of four hours, take jabs at their supervisor, Phil.,[object Object]
Publication and “off duty” conduct,[object Object],Jack had a long day. He goes home, cracks open a beer, and boots up his home computer. ,[object Object],Using a picture of his supervisor taken from the company intranet and some internet based software, he alters the picture so the manager looks ridiculous. ,[object Object],Jack posts it to his Facebook page. He feels good.,[object Object]
Publication and “off duty” conduct,[object Object],Duty of fidelity applies when employee expression  is likely to significantly affect a legitimate employer interest,[object Object],All other activity is “private”,[object Object]
Publication and “off duty” conduct,[object Object],Nexus commonly derived from,[object Object],Impact on other employees rights,[object Object],Impact on job responsibilities,[object Object],Impact on reputation,[object Object]
Publication and “off duty” conduct,[object Object],Whistleblower exception for speaking publicly,[object Object],Serious and imminent threat to health and safety,[object Object],Illegality,[object Object],Subject to the “report up the ladder” principle (Merk),[object Object],Criminal Code immunity for reports to law enforcement and regulators,[object Object],Not for blogging or tweeting,[object Object],Not for giving information to mainstream media,[object Object]
Background check developments,[object Object],An information collection model ,[object Object],for efficient and responsible,[object Object],recruiting,[object Object]
Background check developments,[object Object],Internet searches,[object Object],Do it at the end, not the beginning,[object Object],Question, “Is it necessary? What’s relevant?”,[object Object],Set objective criteria for a non-decision maker search agent,[object Object],Create a business record of the search,[object Object]
Background check developments,[object Object],Access to the CPIC database,[object Object],Enforcement of name and d.o.b. check rule due to privacy/accuracy concerns,[object Object],About 120 days from a “we can’t complete the check” answer,[object Object],Commercial service providers can’t conduct vulnerable sector checks,[object Object],Release of vulnerable sector report to applicant first,[object Object]
Background check developments,[object Object],Where no human rights regulation,[object Object],Response = “we can’t complete the check” = lapse of offer,[object Object],Option to hire anyway,[object Object],Get a declaration and apply due diligence,[object Object],Weigh need to hire against risk in light of controls,[object Object],Make completion of check condition clear,[object Object]
Background check developments,[object Object],Where human rights regulation,[object Object],You must weigh need to hire against risk in light of controls,[object Object],Get a declaration and apply due diligence,[object Object],Make completion of check condition clear,[object Object]
Background check developments,[object Object],Pressure to use local checks,[object Object],CPIC results are very qualified,[object Object],Ontario criminal case highlights staleness of CPIC data,[object Object]
Background check developments,[object Object],Risks of local checks,[object Object],Much broader information,[object Object],Non-standard information,[object Object],See Tadros(Ont. C.A.) about disclosure of withdrawn charges,[object Object],At the same time, Ontario HRT has said charges are not protected in MyTrak Health Systems,[object Object]
Dan Michaluk,[object Object],daniel-michaluk@hicksmorley.com,[object Object],http://danmichaluk.wordpress.com,[object Object],http://twitter.com/danmichaluk,[object Object],http://ca.linkedin.com/in/danmichaluk,[object Object]
Key issues in workplace privacy,[object Object],Dan Michaluk,[object Object],May 12, 2010,[object Object]

Contenu connexe

Tendances

Privacy in the Workplace: Electronic Surveillance under State and Federal Law
Privacy in the Workplace: Electronic Surveillance under State and Federal LawPrivacy in the Workplace: Electronic Surveillance under State and Federal Law
Privacy in the Workplace: Electronic Surveillance under State and Federal LawCharles Mudd
 
Is employer monitoring of employee email justified
Is employer monitoring of employee email justifiedIs employer monitoring of employee email justified
Is employer monitoring of employee email justifiedParker Donat
 
Catelas Security Webinar 12 14 10
Catelas Security Webinar 12 14 10Catelas Security Webinar 12 14 10
Catelas Security Webinar 12 14 10Rob Levey
 
20 New Trends and Developments in Computer and Internet Law
20 New Trends and Developments in Computer and Internet Law20 New Trends and Developments in Computer and Internet Law
20 New Trends and Developments in Computer and Internet LawKlemchuk LLP
 
Electronic Eavesdropping in the Workplace: Can We? Should We? What Could Poss...
Electronic Eavesdropping in the Workplace: Can We? Should We? What Could Poss...Electronic Eavesdropping in the Workplace: Can We? Should We? What Could Poss...
Electronic Eavesdropping in the Workplace: Can We? Should We? What Could Poss...Case IQ
 
Managing Social Media Risks for Municipalities (and More)
Managing Social Media Risks for Municipalities (and More)Managing Social Media Risks for Municipalities (and More)
Managing Social Media Risks for Municipalities (and More)Dan Michaluk
 
Top 5 Labor/Employment Law Risks for a Company in 2010
Top 5 Labor/Employment Law Risks for a Company in 2010Top 5 Labor/Employment Law Risks for a Company in 2010
Top 5 Labor/Employment Law Risks for a Company in 2010Tom Daly
 
Managing Facebook - Jan 28/2009
Managing Facebook - Jan 28/2009Managing Facebook - Jan 28/2009
Managing Facebook - Jan 28/2009Dan Michaluk
 
Privacy and Litigation
Privacy and LitigationPrivacy and Litigation
Privacy and LitigationDan Michaluk
 
Jeremy and jeannette case
Jeremy and jeannette caseJeremy and jeannette case
Jeremy and jeannette caseMichael Perez
 
Cybersecurity Skills: Email Tracing and Legal Process
Cybersecurity Skills:  Email Tracing and Legal ProcessCybersecurity Skills:  Email Tracing and Legal Process
Cybersecurity Skills: Email Tracing and Legal ProcessDavid Opderbeck
 
Social Media and the Workplace
Social Media and the WorkplaceSocial Media and the Workplace
Social Media and the WorkplaceAllisha Anderson
 
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...Winston & Strawn LLP
 
Privacy in the usa Workplace
Privacy in the usa Workplace Privacy in the usa Workplace
Privacy in the usa Workplace David F Amakobe
 
Social Media In the Workplace
Social Media In the WorkplaceSocial Media In the Workplace
Social Media In the WorkplaceRosenthalLurie
 
Employment and Labour Law Seminar - June 13, 2013
Employment and Labour Law Seminar - June 13, 2013Employment and Labour Law Seminar - June 13, 2013
Employment and Labour Law Seminar - June 13, 2013This account is closed
 
2011 Garden State Council SHRM Conference "Ethics in Human Resource Management"
2011 Garden State Council SHRM Conference "Ethics in Human Resource Management"2011 Garden State Council SHRM Conference "Ethics in Human Resource Management"
2011 Garden State Council SHRM Conference "Ethics in Human Resource Management"Employers Association of New Jersey
 
Best Practices In Corporate Privacy & Information Security
Best Practices In Corporate Privacy & Information SecurityBest Practices In Corporate Privacy & Information Security
Best Practices In Corporate Privacy & Information Securitysatyakam_biswas
 

Tendances (20)

Privacy in the Workplace: Electronic Surveillance under State and Federal Law
Privacy in the Workplace: Electronic Surveillance under State and Federal LawPrivacy in the Workplace: Electronic Surveillance under State and Federal Law
Privacy in the Workplace: Electronic Surveillance under State and Federal Law
 
Is employer monitoring of employee email justified
Is employer monitoring of employee email justifiedIs employer monitoring of employee email justified
Is employer monitoring of employee email justified
 
Catelas Security Webinar 12 14 10
Catelas Security Webinar 12 14 10Catelas Security Webinar 12 14 10
Catelas Security Webinar 12 14 10
 
20 New Trends and Developments in Computer and Internet Law
20 New Trends and Developments in Computer and Internet Law20 New Trends and Developments in Computer and Internet Law
20 New Trends and Developments in Computer and Internet Law
 
Electronic Eavesdropping in the Workplace: Can We? Should We? What Could Poss...
Electronic Eavesdropping in the Workplace: Can We? Should We? What Could Poss...Electronic Eavesdropping in the Workplace: Can We? Should We? What Could Poss...
Electronic Eavesdropping in the Workplace: Can We? Should We? What Could Poss...
 
Managing Social Media Risks for Municipalities (and More)
Managing Social Media Risks for Municipalities (and More)Managing Social Media Risks for Municipalities (and More)
Managing Social Media Risks for Municipalities (and More)
 
Top 5 Labor/Employment Law Risks for a Company in 2010
Top 5 Labor/Employment Law Risks for a Company in 2010Top 5 Labor/Employment Law Risks for a Company in 2010
Top 5 Labor/Employment Law Risks for a Company in 2010
 
Managing Facebook - Jan 28/2009
Managing Facebook - Jan 28/2009Managing Facebook - Jan 28/2009
Managing Facebook - Jan 28/2009
 
Privacy and Litigation
Privacy and LitigationPrivacy and Litigation
Privacy and Litigation
 
Final powerpoint for social media club program
Final  powerpoint for social media club programFinal  powerpoint for social media club program
Final powerpoint for social media club program
 
Jeremy and jeannette case
Jeremy and jeannette caseJeremy and jeannette case
Jeremy and jeannette case
 
BEA Presentation
BEA PresentationBEA Presentation
BEA Presentation
 
Cybersecurity Skills: Email Tracing and Legal Process
Cybersecurity Skills:  Email Tracing and Legal ProcessCybersecurity Skills:  Email Tracing and Legal Process
Cybersecurity Skills: Email Tracing and Legal Process
 
Social Media and the Workplace
Social Media and the WorkplaceSocial Media and the Workplace
Social Media and the Workplace
 
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...
 
Privacy in the usa Workplace
Privacy in the usa Workplace Privacy in the usa Workplace
Privacy in the usa Workplace
 
Social Media In the Workplace
Social Media In the WorkplaceSocial Media In the Workplace
Social Media In the Workplace
 
Employment and Labour Law Seminar - June 13, 2013
Employment and Labour Law Seminar - June 13, 2013Employment and Labour Law Seminar - June 13, 2013
Employment and Labour Law Seminar - June 13, 2013
 
2011 Garden State Council SHRM Conference "Ethics in Human Resource Management"
2011 Garden State Council SHRM Conference "Ethics in Human Resource Management"2011 Garden State Council SHRM Conference "Ethics in Human Resource Management"
2011 Garden State Council SHRM Conference "Ethics in Human Resource Management"
 
Best Practices In Corporate Privacy & Information Security
Best Practices In Corporate Privacy & Information SecurityBest Practices In Corporate Privacy & Information Security
Best Practices In Corporate Privacy & Information Security
 

En vedette

Charles Krugel's Social Media, Human Resources & Legal Issues Presentation Ma...
Charles Krugel's Social Media, Human Resources & Legal Issues Presentation Ma...Charles Krugel's Social Media, Human Resources & Legal Issues Presentation Ma...
Charles Krugel's Social Media, Human Resources & Legal Issues Presentation Ma...Charles Krugel
 
QLD EILS Seminar: Emerging Issues in Workplace Privacy
QLD EILS Seminar: Emerging Issues in Workplace PrivacyQLD EILS Seminar: Emerging Issues in Workplace Privacy
QLD EILS Seminar: Emerging Issues in Workplace PrivacyMaurice Blackburn Lawyers
 
How to Integrate Social Media & Tech Into Your Workplace Communication Plan
How to Integrate Social Media & Tech Into Your Workplace Communication Plan How to Integrate Social Media & Tech Into Your Workplace Communication Plan
How to Integrate Social Media & Tech Into Your Workplace Communication Plan Jessica Miller-Merrell
 
Rx16 prev wed_330_workplace issues and strategies
Rx16 prev wed_330_workplace issues and strategiesRx16 prev wed_330_workplace issues and strategies
Rx16 prev wed_330_workplace issues and strategiesOPUNITE
 
Women welfare issues at workplace
Women welfare issues at workplaceWomen welfare issues at workplace
Women welfare issues at workplaceRiTu Karn
 
Lecture 2.1 intercultural communication in the workplace student notes
Lecture 2.1    intercultural communication in the workplace student notesLecture 2.1    intercultural communication in the workplace student notes
Lecture 2.1 intercultural communication in the workplace student notesNancy Bray
 
Workplace communication
Workplace communicationWorkplace communication
Workplace communicationprojectmurra
 
Workplace Communication Generic
Workplace Communication GenericWorkplace Communication Generic
Workplace Communication GenericFitz Agard
 
Communication in the Workplace
Communication in the WorkplaceCommunication in the Workplace
Communication in the WorkplaceAijalon Rivas
 
Chapter 1 Communication in the workplace
Chapter 1 Communication in the workplaceChapter 1 Communication in the workplace
Chapter 1 Communication in the workplacerifat_wasif
 
Effevtive workplace communication
Effevtive workplace communicationEffevtive workplace communication
Effevtive workplace communicationHyacinth Ubah
 
Communicating in Today's Workplace
Communicating in Today's WorkplaceCommunicating in Today's Workplace
Communicating in Today's WorkplaceSteve Wise
 
Communication Characteristics Of Effective Workplace Communication Elc3203 1
Communication   Characteristics Of Effective Workplace Communication Elc3203 1Communication   Characteristics Of Effective Workplace Communication Elc3203 1
Communication Characteristics Of Effective Workplace Communication Elc3203 1The Hong Kong Polytechnic University
 

En vedette (20)

Charles Krugel's Social Media, Human Resources & Legal Issues Presentation Ma...
Charles Krugel's Social Media, Human Resources & Legal Issues Presentation Ma...Charles Krugel's Social Media, Human Resources & Legal Issues Presentation Ma...
Charles Krugel's Social Media, Human Resources & Legal Issues Presentation Ma...
 
Mock-Up
Mock-UpMock-Up
Mock-Up
 
Equal Employment
Equal EmploymentEqual Employment
Equal Employment
 
QLD EILS Seminar: Emerging Issues in Workplace Privacy
QLD EILS Seminar: Emerging Issues in Workplace PrivacyQLD EILS Seminar: Emerging Issues in Workplace Privacy
QLD EILS Seminar: Emerging Issues in Workplace Privacy
 
How to Integrate Social Media & Tech Into Your Workplace Communication Plan
How to Integrate Social Media & Tech Into Your Workplace Communication Plan How to Integrate Social Media & Tech Into Your Workplace Communication Plan
How to Integrate Social Media & Tech Into Your Workplace Communication Plan
 
Rx16 prev wed_330_workplace issues and strategies
Rx16 prev wed_330_workplace issues and strategiesRx16 prev wed_330_workplace issues and strategies
Rx16 prev wed_330_workplace issues and strategies
 
Women welfare issues at workplace
Women welfare issues at workplaceWomen welfare issues at workplace
Women welfare issues at workplace
 
Lecture 2.1 intercultural communication in the workplace student notes
Lecture 2.1    intercultural communication in the workplace student notesLecture 2.1    intercultural communication in the workplace student notes
Lecture 2.1 intercultural communication in the workplace student notes
 
Workplace communication
Workplace communicationWorkplace communication
Workplace communication
 
Business Communication
Business CommunicationBusiness Communication
Business Communication
 
communication errors
communication errorscommunication errors
communication errors
 
Business Communication
Business CommunicationBusiness Communication
Business Communication
 
Workplace Communication Generic
Workplace Communication GenericWorkplace Communication Generic
Workplace Communication Generic
 
Lesikar's Business Communication
Lesikar's Business CommunicationLesikar's Business Communication
Lesikar's Business Communication
 
Communication in the Workplace
Communication in the WorkplaceCommunication in the Workplace
Communication in the Workplace
 
Chapter 1 Communication in the workplace
Chapter 1 Communication in the workplaceChapter 1 Communication in the workplace
Chapter 1 Communication in the workplace
 
Effevtive workplace communication
Effevtive workplace communicationEffevtive workplace communication
Effevtive workplace communication
 
10 Tips for Powerful Conversations
10 Tips for Powerful Conversations10 Tips for Powerful Conversations
10 Tips for Powerful Conversations
 
Communicating in Today's Workplace
Communicating in Today's WorkplaceCommunicating in Today's Workplace
Communicating in Today's Workplace
 
Communication Characteristics Of Effective Workplace Communication Elc3203 1
Communication   Characteristics Of Effective Workplace Communication Elc3203 1Communication   Characteristics Of Effective Workplace Communication Elc3203 1
Communication Characteristics Of Effective Workplace Communication Elc3203 1
 

Similaire à Key Issues In Workplace Privacy

Managing Privacy Risk and Promoting Ethical Culture in the Digital Age
Managing Privacy Risk and Promoting Ethical Culture in the Digital AgeManaging Privacy Risk and Promoting Ethical Culture in the Digital Age
Managing Privacy Risk and Promoting Ethical Culture in the Digital AgePerficient, Inc.
 
Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection RegulationImplementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection RegulationJim Kaplan CIA CFE
 
Rothke Patchlink
Rothke    PatchlinkRothke    Patchlink
Rothke PatchlinkBen Rothke
 
Best practices to mitigate data breach risk
Best practices to mitigate data breach riskBest practices to mitigate data breach risk
Best practices to mitigate data breach riskLivingstone Advisory
 
Information Risk Management Overview
Information Risk Management OverviewInformation Risk Management Overview
Information Risk Management Overviewelvinchan
 
Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?PECB
 
How To Provide Superior Ethics Training
How To Provide Superior Ethics TrainingHow To Provide Superior Ethics Training
How To Provide Superior Ethics TrainingKendal Peterson
 
Compliance in Manufacturing: A Very Personal Affair (2013)
Compliance in Manufacturing: A Very Personal Affair (2013)Compliance in Manufacturing: A Very Personal Affair (2013)
Compliance in Manufacturing: A Very Personal Affair (2013)Melih ÖZCANLI
 
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Qualsys Ltd
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practicesamiable_indian
 
Sapient Catelas The New Regulatory Paradigm
Sapient Catelas The New Regulatory ParadigmSapient Catelas The New Regulatory Paradigm
Sapient Catelas The New Regulatory ParadigmEddie Cogan
 
HEI risks & challenges.pdf
HEI risks & challenges.pdfHEI risks & challenges.pdf
HEI risks & challenges.pdfmirmouzamali1
 
Information Security Assessment Offering
Information Security Assessment OfferingInformation Security Assessment Offering
Information Security Assessment Offeringeeaches
 
1. Reply to Discussion ( Minimum 200 Words)1. What types of et.docx
1. Reply to Discussion ( Minimum 200 Words)1. What types of et.docx1. Reply to Discussion ( Minimum 200 Words)1. What types of et.docx
1. Reply to Discussion ( Minimum 200 Words)1. What types of et.docxambersalomon88660
 
Ethics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sEthics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sBabasab Patil
 
Ethics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sEthics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sBabasab Patil
 

Similaire à Key Issues In Workplace Privacy (20)

Managing Privacy Risk and Promoting Ethical Culture in the Digital Age
Managing Privacy Risk and Promoting Ethical Culture in the Digital AgeManaging Privacy Risk and Promoting Ethical Culture in the Digital Age
Managing Privacy Risk and Promoting Ethical Culture in the Digital Age
 
KMA Insights Webinar July 2009 -- Compliance with MA Privacy Law
KMA Insights Webinar July 2009 -- Compliance with MA Privacy LawKMA Insights Webinar July 2009 -- Compliance with MA Privacy Law
KMA Insights Webinar July 2009 -- Compliance with MA Privacy Law
 
Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection RegulationImplementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection Regulation
 
Rothke Patchlink
Rothke    PatchlinkRothke    Patchlink
Rothke Patchlink
 
Best practices to mitigate data breach risk
Best practices to mitigate data breach riskBest practices to mitigate data breach risk
Best practices to mitigate data breach risk
 
Information Risk Management Overview
Information Risk Management OverviewInformation Risk Management Overview
Information Risk Management Overview
 
EDI 2009 Controlling E-Discovery Costs through Records Management
EDI 2009 Controlling E-Discovery Costs through Records ManagementEDI 2009 Controlling E-Discovery Costs through Records Management
EDI 2009 Controlling E-Discovery Costs through Records Management
 
Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?
 
How To Provide Superior Ethics Training
How To Provide Superior Ethics TrainingHow To Provide Superior Ethics Training
How To Provide Superior Ethics Training
 
Compliance in Manufacturing: A Very Personal Affair (2013)
Compliance in Manufacturing: A Very Personal Affair (2013)Compliance in Manufacturing: A Very Personal Affair (2013)
Compliance in Manufacturing: A Very Personal Affair (2013)
 
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practices
 
Sapient Catelas The New Regulatory Paradigm
Sapient Catelas The New Regulatory ParadigmSapient Catelas The New Regulatory Paradigm
Sapient Catelas The New Regulatory Paradigm
 
HEI risks & challenges.pdf
HEI risks & challenges.pdfHEI risks & challenges.pdf
HEI risks & challenges.pdf
 
Information Security Assessment Offering
Information Security Assessment OfferingInformation Security Assessment Offering
Information Security Assessment Offering
 
Case study 7
Case study 7Case study 7
Case study 7
 
13824518.ppt
13824518.ppt13824518.ppt
13824518.ppt
 
1. Reply to Discussion ( Minimum 200 Words)1. What types of et.docx
1. Reply to Discussion ( Minimum 200 Words)1. What types of et.docx1. Reply to Discussion ( Minimum 200 Words)1. What types of et.docx
1. Reply to Discussion ( Minimum 200 Words)1. What types of et.docx
 
Ethics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sEthics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom s
 
Ethics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sEthics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom s
 

Plus de Dan Michaluk

Ecno cyber - 23 June 2023 - djm(137852631.1).pptx
Ecno cyber - 23 June 2023 - djm(137852631.1).pptxEcno cyber - 23 June 2023 - djm(137852631.1).pptx
Ecno cyber - 23 June 2023 - djm(137852631.1).pptxDan Michaluk
 
Critical Issues in School Board Cyber Security
Critical Issues in School Board Cyber SecurityCritical Issues in School Board Cyber Security
Critical Issues in School Board Cyber SecurityDan Michaluk
 
Introduction to FOI law (the law of information)
Introduction to FOI law (the law of information)Introduction to FOI law (the law of information)
Introduction to FOI law (the law of information)Dan Michaluk
 
Higher Education Sexual Violence Presentation
Higher Education Sexual Violence PresentationHigher Education Sexual Violence Presentation
Higher Education Sexual Violence PresentationDan Michaluk
 
Cyber class action claims at an inflection point
Cyber class action claims at an inflection pointCyber class action claims at an inflection point
Cyber class action claims at an inflection pointDan Michaluk
 
The pandemic and privacy
The pandemic and privacyThe pandemic and privacy
The pandemic and privacyDan Michaluk
 
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...
Cyber security for the regulator and regulated  - Ontario Regulatory Authorit...Cyber security for the regulator and regulated  - Ontario Regulatory Authorit...
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...Dan Michaluk
 
Union access to information
Union access to informationUnion access to information
Union access to informationDan Michaluk
 
Cybersecurity Risk Governance
Cybersecurity Risk GovernanceCybersecurity Risk Governance
Cybersecurity Risk GovernanceDan Michaluk
 
Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?Dan Michaluk
 
The Current State of FOI
The Current State of FOIThe Current State of FOI
The Current State of FOIDan Michaluk
 
Cyber, secrecy and the public body
Cyber, secrecy and the public bodyCyber, secrecy and the public body
Cyber, secrecy and the public bodyDan Michaluk
 
The privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analyticsThe privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analyticsDan Michaluk
 
Advocates' Society Tricks of the Trade 2019 - A Privacy Update
Advocates' Society Tricks of the Trade 2019 - A Privacy UpdateAdvocates' Society Tricks of the Trade 2019 - A Privacy Update
Advocates' Society Tricks of the Trade 2019 - A Privacy UpdateDan Michaluk
 
Privacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam CompliancePrivacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam ComplianceDan Michaluk
 
Cyber Insurance and Incident Response Practice
Cyber Insurance and Incident Response Practice Cyber Insurance and Incident Response Practice
Cyber Insurance and Incident Response Practice Dan Michaluk
 
Role of a breach coach
Role of a breach coachRole of a breach coach
Role of a breach coachDan Michaluk
 
PHIPA for school boards
PHIPA for school boardsPHIPA for school boards
PHIPA for school boardsDan Michaluk
 
Privacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam CompliancePrivacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam ComplianceDan Michaluk
 
Finding internet evidence
Finding internet evidenceFinding internet evidence
Finding internet evidenceDan Michaluk
 

Plus de Dan Michaluk (20)

Ecno cyber - 23 June 2023 - djm(137852631.1).pptx
Ecno cyber - 23 June 2023 - djm(137852631.1).pptxEcno cyber - 23 June 2023 - djm(137852631.1).pptx
Ecno cyber - 23 June 2023 - djm(137852631.1).pptx
 
Critical Issues in School Board Cyber Security
Critical Issues in School Board Cyber SecurityCritical Issues in School Board Cyber Security
Critical Issues in School Board Cyber Security
 
Introduction to FOI law (the law of information)
Introduction to FOI law (the law of information)Introduction to FOI law (the law of information)
Introduction to FOI law (the law of information)
 
Higher Education Sexual Violence Presentation
Higher Education Sexual Violence PresentationHigher Education Sexual Violence Presentation
Higher Education Sexual Violence Presentation
 
Cyber class action claims at an inflection point
Cyber class action claims at an inflection pointCyber class action claims at an inflection point
Cyber class action claims at an inflection point
 
The pandemic and privacy
The pandemic and privacyThe pandemic and privacy
The pandemic and privacy
 
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...
Cyber security for the regulator and regulated  - Ontario Regulatory Authorit...Cyber security for the regulator and regulated  - Ontario Regulatory Authorit...
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...
 
Union access to information
Union access to informationUnion access to information
Union access to information
 
Cybersecurity Risk Governance
Cybersecurity Risk GovernanceCybersecurity Risk Governance
Cybersecurity Risk Governance
 
Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?
 
The Current State of FOI
The Current State of FOIThe Current State of FOI
The Current State of FOI
 
Cyber, secrecy and the public body
Cyber, secrecy and the public bodyCyber, secrecy and the public body
Cyber, secrecy and the public body
 
The privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analyticsThe privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analytics
 
Advocates' Society Tricks of the Trade 2019 - A Privacy Update
Advocates' Society Tricks of the Trade 2019 - A Privacy UpdateAdvocates' Society Tricks of the Trade 2019 - A Privacy Update
Advocates' Society Tricks of the Trade 2019 - A Privacy Update
 
Privacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam CompliancePrivacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam Compliance
 
Cyber Insurance and Incident Response Practice
Cyber Insurance and Incident Response Practice Cyber Insurance and Incident Response Practice
Cyber Insurance and Incident Response Practice
 
Role of a breach coach
Role of a breach coachRole of a breach coach
Role of a breach coach
 
PHIPA for school boards
PHIPA for school boardsPHIPA for school boards
PHIPA for school boards
 
Privacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam CompliancePrivacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam Compliance
 
Finding internet evidence
Finding internet evidenceFinding internet evidence
Finding internet evidence
 

Dernier

Plano de marketing- inglês em formato ppt
Plano de marketing- inglês  em formato pptPlano de marketing- inglês  em formato ppt
Plano de marketing- inglês em formato pptElizangelaSoaresdaCo
 
Upgrade Your Banking Experience with Advanced Core Banking Applications
Upgrade Your Banking Experience with Advanced Core Banking ApplicationsUpgrade Your Banking Experience with Advanced Core Banking Applications
Upgrade Your Banking Experience with Advanced Core Banking ApplicationsIntellect Design Arena Ltd
 
Ethical stalking by Mark Williams. UpliftLive 2024
Ethical stalking by Mark Williams. UpliftLive 2024Ethical stalking by Mark Williams. UpliftLive 2024
Ethical stalking by Mark Williams. UpliftLive 2024Winbusinessin
 
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...AustraliaChapterIIBA
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access
 
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...IMARC Group
 
MoneyBridge Pitch Deck - Investor Presentation
MoneyBridge Pitch Deck - Investor PresentationMoneyBridge Pitch Deck - Investor Presentation
MoneyBridge Pitch Deck - Investor Presentationbaron83
 
Tata Kelola Bisnis perushaan yang bergerak
Tata Kelola Bisnis perushaan yang bergerakTata Kelola Bisnis perushaan yang bergerak
Tata Kelola Bisnis perushaan yang bergerakEditores1
 
Chicago Medical Malpractice Lawyer Chicago Medical Malpractice Lawyer.pdf
Chicago Medical Malpractice Lawyer Chicago Medical Malpractice Lawyer.pdfChicago Medical Malpractice Lawyer Chicago Medical Malpractice Lawyer.pdf
Chicago Medical Malpractice Lawyer Chicago Medical Malpractice Lawyer.pdfSourav Sikder
 
NASA CoCEI Scaling Strategy - November 2023
NASA CoCEI Scaling Strategy - November 2023NASA CoCEI Scaling Strategy - November 2023
NASA CoCEI Scaling Strategy - November 2023Steve Rader
 
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John MeulemansBCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John MeulemansBBPMedia1
 
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...TalentView
 
Cracking the ‘Business Process Outsourcing’ Code Main.pptx
Cracking the ‘Business Process Outsourcing’ Code Main.pptxCracking the ‘Business Process Outsourcing’ Code Main.pptx
Cracking the ‘Business Process Outsourcing’ Code Main.pptxWorkforce Group
 
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISINGUNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISINGlokeshwarmaha
 
Building Your Personal Brand on LinkedIn - Expert Planet- 2024
 Building Your Personal Brand on LinkedIn - Expert Planet-  2024 Building Your Personal Brand on LinkedIn - Expert Planet-  2024
Building Your Personal Brand on LinkedIn - Expert Planet- 2024Stephan Koning
 
Mihir Menda - Member of Supervisory Board at RMZ
Mihir Menda - Member of Supervisory Board at RMZMihir Menda - Member of Supervisory Board at RMZ
Mihir Menda - Member of Supervisory Board at RMZKanakChauhan5
 
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdf
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdfGraham and Doddsville - Issue 1 - Winter 2006 (1).pdf
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdfAnhNguyen97152
 
Anyhr.io | Presentation HR&Recruiting agency
Anyhr.io | Presentation HR&Recruiting agencyAnyhr.io | Presentation HR&Recruiting agency
Anyhr.io | Presentation HR&Recruiting agencyHanna Klim
 
A flour, rice and Suji company in Jhang.
A flour, rice and Suji company in Jhang.A flour, rice and Suji company in Jhang.
A flour, rice and Suji company in Jhang.mcshagufta46
 

Dernier (20)

Plano de marketing- inglês em formato ppt
Plano de marketing- inglês  em formato pptPlano de marketing- inglês  em formato ppt
Plano de marketing- inglês em formato ppt
 
Upgrade Your Banking Experience with Advanced Core Banking Applications
Upgrade Your Banking Experience with Advanced Core Banking ApplicationsUpgrade Your Banking Experience with Advanced Core Banking Applications
Upgrade Your Banking Experience with Advanced Core Banking Applications
 
Ethical stalking by Mark Williams. UpliftLive 2024
Ethical stalking by Mark Williams. UpliftLive 2024Ethical stalking by Mark Williams. UpliftLive 2024
Ethical stalking by Mark Williams. UpliftLive 2024
 
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024
 
WAM Corporate Presentation Mar 25 2024.pdf
WAM Corporate Presentation Mar 25 2024.pdfWAM Corporate Presentation Mar 25 2024.pdf
WAM Corporate Presentation Mar 25 2024.pdf
 
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
 
MoneyBridge Pitch Deck - Investor Presentation
MoneyBridge Pitch Deck - Investor PresentationMoneyBridge Pitch Deck - Investor Presentation
MoneyBridge Pitch Deck - Investor Presentation
 
Tata Kelola Bisnis perushaan yang bergerak
Tata Kelola Bisnis perushaan yang bergerakTata Kelola Bisnis perushaan yang bergerak
Tata Kelola Bisnis perushaan yang bergerak
 
Chicago Medical Malpractice Lawyer Chicago Medical Malpractice Lawyer.pdf
Chicago Medical Malpractice Lawyer Chicago Medical Malpractice Lawyer.pdfChicago Medical Malpractice Lawyer Chicago Medical Malpractice Lawyer.pdf
Chicago Medical Malpractice Lawyer Chicago Medical Malpractice Lawyer.pdf
 
NASA CoCEI Scaling Strategy - November 2023
NASA CoCEI Scaling Strategy - November 2023NASA CoCEI Scaling Strategy - November 2023
NASA CoCEI Scaling Strategy - November 2023
 
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John MeulemansBCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
 
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...
 
Cracking the ‘Business Process Outsourcing’ Code Main.pptx
Cracking the ‘Business Process Outsourcing’ Code Main.pptxCracking the ‘Business Process Outsourcing’ Code Main.pptx
Cracking the ‘Business Process Outsourcing’ Code Main.pptx
 
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISINGUNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
 
Building Your Personal Brand on LinkedIn - Expert Planet- 2024
 Building Your Personal Brand on LinkedIn - Expert Planet-  2024 Building Your Personal Brand on LinkedIn - Expert Planet-  2024
Building Your Personal Brand on LinkedIn - Expert Planet- 2024
 
Mihir Menda - Member of Supervisory Board at RMZ
Mihir Menda - Member of Supervisory Board at RMZMihir Menda - Member of Supervisory Board at RMZ
Mihir Menda - Member of Supervisory Board at RMZ
 
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdf
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdfGraham and Doddsville - Issue 1 - Winter 2006 (1).pdf
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdf
 
Anyhr.io | Presentation HR&Recruiting agency
Anyhr.io | Presentation HR&Recruiting agencyAnyhr.io | Presentation HR&Recruiting agency
Anyhr.io | Presentation HR&Recruiting agency
 
A flour, rice and Suji company in Jhang.
A flour, rice and Suji company in Jhang.A flour, rice and Suji company in Jhang.
A flour, rice and Suji company in Jhang.
 

Key Issues In Workplace Privacy

  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.

Notes de l'éditeur

  1. Let’s start with the basicsOur privacy law is based strongly on proportionality and balancing…The challenge is for management to deal with a claimed privacy interestBut what interests is management protecting?Employers have an unquestionable legitimate interest in looking at the information flowing through their systemsHere are the most common purposes[Briefly explain one to four. Turn over slide for five.]
  2. Internal control is importantLet’s look at context – era of accountability… both public and private sector -post Enron -post Westray -post Gomrey -post Bill 168 (expanded regulation of interaction between people)Quote from National Post last week. .. “The role of investigative journalism has expanded over the years to help fill what has been described as a democratic deficit in the transparency and accountability of our public institutions.”Looking at communications is a key means of maintaining internal control – 90% of communication is electronic… picture of all activity within your businessTwo kinds of looking -audits (risk based, proactive) -investigations (targeted, reactive)Take corrective action based on what’s found -change in process or technology -change in people – terminations or lesser sanctionsAnd keep a record of diligenceSimple right? And then comes personal privacy.
  3. Traditional law has been very permissiveRemember our purposesThose are usually reinforced by an acceptable use or computer use policy that says in one paragraph “YOU HAVE NO EXPECTATION OF PRIVACY”Some employers use annual acknowledgements… some use login dialog boxesBeen effective…Most law is in unionized workplaces… arbitrators have said, “I’m not even balancing interests here. An employer can look for lots of reasons it’s not reasonable for an employee to make any privacy claim.”Lakehead University case in 2009 re Google Apps outsourcing – e-mail is no more secure than a postcard
  4. Watch out for shifting valuesPremised on change in permissibility of personal useTen years ago employees worked at work and went home and watched TVPolicies said “no personal use”Now employees work at work and work at home on the same devicePolicies now say “reasonable personal use”When employees are banking on your computers is it reasonable to capture their keystrokes?When employees are sending legitimate personal communications to loved ones about medical conditions… is it legitimate review their communications?Identify Lethbridge, Cole and Tfaily as showing that decision makers are struggling
  5. Even if your decision-makers are okay, managers can interfere with policy enforcementIn Quon a supervisor said something like, “If you pay the overages we won’t look.”If supervisors or others in authority think that your monitoring policy is not reasonable they may undermine it
  6. That was about the reasoning applied by arbitrators and courtsIn Canada we have employee privacy legislation in three provinces and for federal worksIf it applies, there is a regulatory requirement to balance interestsCollection of personal information must be reasonably necessary to meet a legitimate purposeCall this an “objective reasonableness requirement”At play in UBC spyware case of 2007 – all you needed to do to investigate time theft was look at traffic logs… you didn’t need to install spyware to capture screen imagesWrinkle from Johnson under PIPEDA… about access to personal e-mails sent about an employee… said personal e-mails are not regulated by PIPEDA because they are not sufficiently related to the commercial enterprise… like “bycatch”Perverse (though possibly correct) ruling… saying employers have very limited domain over employee e-mails, but in doing so rules out protection of privacy legislation
  7. So what do employers do?Put an express condition on personal useUse routine acknowledgementsCommunicate audit results… use a newsletter… prove to employees you are lookingOne sided solution… focuses on employer right… doesn’t control to protect employee privacy
  8. You create policy to address the privacy interestEspecially appropriate where regulatedList the purposes from my earlier slideWarn them still… give good notice stillSet an evidence-based standard for investigationTell them how you will go about auditsExamples-internal audit staff conduct an investigation at direction of VP-VP directs audits based on a bona fide security risk-should line manager need to find work product, e-mails will be pulled by internal audit where possibleThese will kill your no expectation argument but should still enable everything you need to do at a lower risk
  9. Let’s move on to a different privacy issue – an employee’s right to live a private existence without employment-related consequenceSupported by Joseph Cohen-Lyons paper in materialsHere’s a scenarioNot so oddAnyone think this interferes with an employer’s interest?Nah. It’s blowing off steam. It’s “private” off duty conduct. Outside the workplace – no physical nexus. No intangible nexus to legitimate interests.
  10. This is (sadly) what happens today.Same question. Is it private?Would it make a difference if Jack has only ten friends? What if none of them are employees?Happens all the time. This is how people blow off steam now. There’s a perception that this is somehow analogous to a barroom chat with a close friend.But let’s look at the difference. It’s clearly a publication. Often to other employees. Even if not there’s no legal or practical restriction on what recipients can do with the communication. Jack’s picture of his supervisor can be copied and mailed around.So there’s a good argument that this is about as public as it gets. Consistent with a traditional privacy law principle – a disclosure to one is a disclosure to all.
  11. This is an issue of loyalty and fidelity, which is implicit in every employment relationshipDon’t need special status… not like a fiduciaryThis is my expression of the test that defines the scope of the dutyVery, very contextual casesNo black and whiteThere will be some easy cases, but many are hard to predictExample… student speech cases out of U.S. Third Circuit (in materials)Many employment cases will settle
  12. Now Jack’s supervisor has a beef. But why can an employer discipline that conduct.Well, there’s a nexus back to employment interests isn’t there? -impact on other employee’s rights -right to work in a safe and harassment free work environment -reasonably likely to interfere with that right -employer’s burden but… -… decision-maker may presume harm (arguable issue) -evidence of actual harm helps (give example)-Nexus is commonly derived from these three things-no case law, but these are in order of moral weight-we’re balancing again here-example tough case – employee a professional adviser… goes out and does a beer mile… better have a pretty good case for reputational harm
  13. There is developed case lawBased in public sector but theory applies to private sector employmentRecognizes a whistleblower exception to the duty of fidelityIdentify cases - Fraser of SCC 1985, Haydon of FC 2005, Read of FC 2005Employers protect themselves by having internal systems to receive reports of wrongdoingAn employee may have a duty to report internally firstEndorsed in Read and by our Supreme Court of Canada in a case called Merk – 2004Thrown somewhat into question by our broadly worded Criminal Code anti-reprisal provision – section 425.1But only provides immunity from reporting to law enforcement, not blogging, not passing things to the media, not passing things to a bloggerOf course, whistleblowing unusually means point to the pressCase from Supreme Court of Canada last week that says a court will assess whether it will honour a journalist’s promise of confidentiality on a case-by-case basisNo reason why a whistleblower couldn’t tweet it to the world anonymously… will be investigations…
  14. This is a general model that I’ve been usingAddresses both HR and privacy compliance issues… consistent with reasonable necessity principleIdea is that you collect minimal information in the application form… devoid of anything to do with a prohibited ground of discriminationPurpose is to qualify applicant pool for an interviewOntario, “Have you been convicted of a criminal offence for which you have not been pardoned”In BC, PEI and Quebec don’t askInterview stageMore information… see the candidate so you now have knowledgeSome interviewers control risk by structuring questions (nice in defending a case)Background check… deal with fitness for work in light of restrictions related to protected personal characteristics… functional testing, criminal background checks, and now INTERNET CHECKS
  15. When reputation (and online reputation) is an indication of how effective a person is going to be at a job I think it’s something that should be doneIf not, it is more questionableIf you do it here are the best practices-third bullet is most important-fourth bullet makes what the searcher saw either irrelevant or of minimal probative value
  16. Our phones started ringing off the hook in the new yearNot really a privacy issue but driven by privacy concerns related to accuracy of reporting4.2 fingerprints on file and 50% have more than one name attached to itName and d.o.b. query is an insufficient guarantor of accuracyWe can’t complete the check… up to 120 days for fingerprint verificationVulnerable sector checks include other information… include sensitive information about certain sexual offences that have been pardonedGive to individual first… employer can get… but individual has an opportunity to simply walk away from the offer after reviewing the report
  17. About managing name and dob check problemApplication of human rights legislation makes a big differenceNot uniform protection across Canada-BC, Quebec and PEI have protection-Federal and Ontario shouldn’t for name and DOB check because not checking for provincial offences convictions and criminal convictions that have been pardonedSet a clear term whatever you want to doStill have an option to hire-subject to declaration and other due diligence-if they give a false declaration you’d likely have a good cause case
  18. If HR legislation applies you (essentially) have a duty to do a case-by-case analysisWeigh the risk… make a decision on a case-by-case basis
  19. Standard form CPIC response for a name and dob check is very qualified nowSuggests that employers should conduct a local checkCPIC is a roll-up of local forces dataTakes timeR. v. Horne by Ontario’s Justice Fairgrievelast July-11 convictions discovered after guilty plea and before sentencing dating back two years-Law times article quotes a crown saying CPIC is about two years out of date
  20. So employers may seek local checksNot standardAccording to Swaigen article police databases include – complainant, victim, suspect, person of interest, chargesSo if you’re a regulated employer concerned about consent and necessityOtherwise you can ask and getLeaves people in position some may feel is unfairTadros… problems after a consensual check… argument that consent wasn’t clear enoughNo human rights protection either according to the Ontario HRTLive policy issue for the most part