This paper summarizes selected developments in Canadian Internet law during 2014. This paper is an overview of significant developments rather than an exhaustive review. Reference to current legislation, regulatory policies and guidelines, and case law is essential for anyone addressing these issues in practice.

A. Intellectual Property – Trademarks

1. Trademark Use on Websites

Unicast SA v. South Asian Broadcasting Corp. Inc., 2014 FC 295, involved an application to expunge the respondent's RED FM trademark registered for use in association with the operation of a radio station and broadcasting services on the basis that the applicant was a prior user in Canada of the ROUGE FM trademark for similar services. The applicant operated a Swiss radio station called ROUGE FM, and streamed its radio broadcast on its ROUGE FM website. Canada became ROUGE FM's third largest audience. The applicant sought to expunge the respondent's RED FM trademark so that the applicant could register its own ROUGE FM trademark in association with Internet radio services and broadcasting services. The applicant, relying on a broad interpretation of HomeAway.com Inc. v. Hrdlicka, 2012 FC 1467, asserted that it had used its ROUGE FM trademark in Canada in association with broadcasting and Internet radio services because the trademark was displayed on the applicant's website accessible to Canadians. The court rejected the applicant's interpretation of the HomeAway decision, and held that website use of a trademark for services was not valid use (within the meaning of Trade-marks Act s. 4(2)) in Canada unless the services were actually provided to Canadians or performed in Canada. The court held that the applicant had failed to prove that it had used its ROUGE FM trademark in association with the provision of Internet radio services in Canada, because the evidence did not establish that those services had been used by Canadians before the respondent began using its RED FM trademark. The court held that the applicant had failed to prove that it had used its ROUGE FM in association with broadcasting services in Canada, as that concept is defined by the relevant CRTC order regarding new media broadcasting, because there was no nexus between the applicant and Canada – the applicant's servers were not located in Canada, the applicant did not have a physical presence in Canada, the applicant did not solicit or have advertisers in Canada and the applicant was not actively targeting Canadian audiences. Further, the court held that the applicant had failed to prove its broadcasting listenership in Canada prior to the date when the respondent began using its RED FM trademark. For those reasons, the court dismissed the expungement application.

2. Ownership of Domain Names

Mold.ca Inc. v. Moldservices.ca Inc. (10 January 2014, Ont. S.C.J.), involved a dispute over ownership of domain names used in connection with a business operated through various companies by two principals, Dalrymple and Sullivan. The domain names were purchased for use by the business with funds provided by Dalrymple but were registered in the name of Sullivan. When the business relationship between the principals fractured, Sullivan used the domain names and related websites for his new business and transferred ownership of the domain names to a third party, who later transferred the domain names back to Sullivan. The corporate plaintiff applied for judgment regarding ownership of the domain names. The court held that the domain names were the property of the corporate plaintiff, reasoning that "the issue is simply a matter of property law". The court ordered Sullivan to transfer the domain names to the corporate plaintiff and give the plaintiffs administrative control over the domain names.

3. Alleged Infringing Domain Names

Insurance Corp. of British Columbia v. Stainton Ventures Ltd., 2014 BCCA 296 (leave to appeal refused (2014) S.C.C.A. No. 413), involved claims that the defendant's commercial website called ICBCadvice.com and the associated domain names icbcadvice.ca and icbcadvice.com infringed the plaintiff's official mark ICBC and constituted passing off. The ICBCadvice.com website was a marketing tool for a specific law practice and provided free advice on dealing with the plaintiff. It was readily apparent from the website content, including prominent disclaimers, that the website was not affiliated with the plaintiff. The trial judge dismissed the plaintiff's claims regarding the website and domain names (2012 BCSC 608). The Court of Appeal dismissed the plaintiff's appeal. The court of appeal rejected the plaintiff's argument that the domain names would cause consumers to believe that the website was affiliated with the plaintiff. The court reasoned that the plaintiff's argument failed to give the relevant consumer credit for even the most basic understanding of the function of a domain name. The court noted that Internet users understand that it is necessary to view a website to determine whose site it is, and that a domain name that contains the name of a business will not necessarily be affiliated with or endorsed by the business, and may instead be the subject matter of the website or entirely unrelated to the business. The court cautioned that "one must not proceed on the assumption that average Internet users are completely devoid of intelligence or of normal powers of recollections or are uninformed as to what goes on around them" (para. 37). The court concluded that the domain names would not cause Internet users to mistakenly believe that the website was provided or endorsed by the plaintiff, but rather the use of the ICBC acronym would cause Internet users familiar with the plaintiff to "believe no more than that the website likely had something to do with ICBC" (para. 43).

4. Passing Off – Confusing Domain Name

Dentec Safety Specialists Inc. v. Degil Safety Products (1989) Inc., 2014 ONSC 2449, involved a passing off dispute between competitors relating to the defendant's unauthorized registration and use of the domain name dentecsafety.ca to redirect Internet traffic to the defendant's competing degilsafety.com website. The trial court held that the plaintiff had satisfied the elements of a passing off claim (goodwill, deception due to misrepresentation and actual or potential damage) and awarded the plaintiff $10,000 compensatory damages but no punitive damages. Both parties appealed. The appeal court affirmed the trial court's finding that the plaintiff had proven passing off, because the evidence supported a finding of both actual and potential damage resulting from redirected Internet traffic. The appeal court also affirmed the trial court's award of $10,000 compensatory damages, even though the plaintiff was not able to prove actual loss, on the basis that an award of $10,000 "general" damages would have been justified (but at the high end of the range of reasonable damages). The appeal court also affirmed the trial court's decision to not award punitive damages.

5. Trademark Infringement – Confusing Domain Name

Source Media Group Corp. v. Black Press Group Ltd., 2014 FC 1014, involved a dispute over the defendants' unauthorized use of the NEW HOME LIVING trademark and the domain name newhomelivingbc.com for a Chinese-language lifestyle magazine and related website, which the plaintiff claimed infringed the plaintiff's NEW HOME LIVING trademark registered for use in association with a real estate magazine and the plaintiff's related domain name newhomelivingonline.com. After the defendants received a cease and desist letter from the plaintiff's lawyer, the defendants stopped using the NEW HOME LIVING trademark for their magazine but continued for an additional year to use the newhomelivingbc.com domain name for their website. The court held that the newhomelivingbc.com domain name was confusingly similar to the plaintiff's NEW HOME LIVING trademark, because the addition of "bc" to the domain name did not make it distinct from the trademark but rather added to the confusion with the trademark. The court held that the defendants infringed the plaintiff's trademark and passed off their publication, in both print and online form, as being associated with or connected to the plaintiff's trademark. The plaintiff did not present any evidence of actual damage or loss. The court awarded the plaintiff $15,000 general damages and costs.

B. Intellectual Property – Copyright

1. Disclosure of Copyright Infringers' Identities

Voltage Pictures LLC v. John Doe, 2014 FC 161, involved claims of copyright infringement for the unauthorized downloading of copyright-protected commercial movies over a peer-to-peer network using BitTorrent software. The plaintiff applied for an order (commonly referred to as a "Norwich Order") that a non-party Internet service provider ("ISP") disclose the names and addresses of 2,000 subscribers (identified by their IP address) who downloaded the plaintiff's movies, so that the plaintiff could pursue litigation against them. The court held that a Norwich Order could be granted if the applicant proved the following: (1) the applicant has a bona fide case; (2) the non-party has information on an issue in the proceeding; (3) the order is the only reasonable means of obtaining the information; (4) fairness requires the information be provided before trial; and (5) the order will not cause undue delay, inconvenience or expense to the third party or other persons. The court held that the plaintiff's copyright interests outweighed the subscribers' privacy interests. The court reasoned that privacy considerations should not be a shield for wrongdoing and must yield to an injured party's request for information from non-parties, irrespective of the type of right the claimant holds, and that the protection of intellectual property (e.g. copyright) was ipso facto assumed to be worthy of legal protection where a valid cause of action is established. The court held that a court should consider refusing the kind of order sought only if there were compelling evidence of improper motive by the applicant. For those reasons, the court granted the plaintiff's application, but the court imposed qualifications (based on various decisions in other jurisdictions) intended to protect the privacy rights of the individual subscribers and ensure that the judicial process was not being used by the plaintiff to support a copyright troll business model intended to coerce innocent individuals to make payments to avoid being sued. The restrictions included the following: (1) the plaintiff/applicant must pay in advance the reasonable costs of the ISP in providing the information; (2) the disclosed information must be limited to the name and address of the IP address owners specified in the order; (3) the order must be delivered with a demand letter, approved by the court, that explains that no recipient of the letter had been found liable for infringement and that recipients should obtain legal advice; and (4) the case must be specially managed by a case management judge who monitors the plaintiff's dealings with alleged infringers.

2. Notice and Notice Regime for Internet Copyright Infringement

Canada's new "notice and notice" regime for Internet copyright infringement (Copyright Act ss. 41.25, 41.26 and 41.27(3)) came into force on January 2, 2015. The notice and notice regime is the final step in implementing the Copyright Modernization Act, S.C. 2012, c. 20, which was enacted to, among other things, address the challenges and opportunities presented by the Internet, align Canadian copyright law with international standards, and clarify Internet service providers' liability for copyright infringement. Most of the Copyright Modernization Act came into effect in November 2012, including amendments to the Copyright Act (ss. 31.1 and 41.27) that provide certain Internet intermediaries with limited safe harbours against copyright infringement liability. The notice and notice regime is described by the Canadian government as a "made-in-Canada" solution that is "intended to discourage online copyright infringement by providing copyright owners with a tool to enforce their rights, while also respecting the interests and freedoms of users". The regime imposes obligations and potential liabilities on Internet intermediaries who receive a prescribed form of notice that they are facilitating Internet-related copyright infringement. Following is a summary:

  • Internet Intermediaries: An owner of copyright in a work or other subject-matter may send a notice of claimed infringement to a person who provides any of the following: (1) Internet access to the electronic location that is the subject of the infringement claim (i.e. a network services provider); (2) digital memory that is used for the electronic location that is the subject of the infringement claim (i.e. a storage services provider); or (3) an information location tool (i.e. a search engine provider).
  • Notice Form/Content: A notice of claimed copyright infringement must be in writing and contain the following information: (1) the claimant's name and address; (2) the work or other subject-matter to which the claimed infringement relates; (3) the claimant's interest or right with respect to copyright in the work or other subject-matter; (4) location data for the electronic location to which the claimed infringement relates; (5) the infringement that is claimed; and (f) the date and time of the claimed infringement.
  • Network Service Providers and Storage Service Providers: A network service provider or storage service provider who receives a proper notice of claimed copyright infringement is obligated to: (1) as soon as feasible forward the notice electronically to the person to whom the electronic location identified in the notice belongs; (2) inform the claimant of the forwarding of the notice or, if applicable, of the reason why it was not possible to forward the notice; and (3) retain records that will allow for identification of the person to whom the electronic location identified in the notice belongs, for either: (a) six months from the day on which the infringement notice is received; or (b) if the claimant gives notice of commencement of infringement proceedings regarding the claimed infringement within that first six month period, then for one year from the day on which the infringement notice is received. A network service provider or storage service provider is not entitled to charge a fee for complying with the notice and notice regime. A claimant's only remedy against a network service provider or storage service provider who fails to properly respond to a notice of claimed infringement is statutory damages in an amount of no less than $5,000 and no more than $10,000.
  • Search Engine Providers: If a claimant gives proper notice of claimed copyright infringement of a work or other subject-matter to a search engine provider after the work or subject-matter has been removed from the electronic location specified in the notice, then the safe harbour protections that apply to search engine providers will only provide protection in respect of the search engine providers' reproduction of the work for the purpose of operating the search engine for thirty days after the notice is received. Search engine providers are not obligated to forward a notice of claimed copyright infringement to the alleged infringer.

3. Re:Sound Tariff 8 for Webcasting Services

The Copyright Board of Canada issued its Statement of Royalties to be Collected for the Performance in Public or the Communication to the Public by Telecommunication, in Canada, of Published Sound Recordings Embodying Musical Works and Performers' Performances of Such Works and certified Tariff 8 (non-interactive and semiinteractive webcasts, 2009-2012) setting the royalties payable for webcasting (streaming, not downloading) sound recordings on simulcasts (a substantially simultaneous streaming of a conventional broadcast), non-interactive webcasts (the recipient exercises no control over the content of the signal or the time of the transmission), semiinteractive webcasts (the recipient can listen to the webcast at a time and place of the recipient's choosing) and the Canadian Broadcasting Corporation for the period 2009 to 2013. The royalties are payable to Re:Sound (a private, not-for-profit collective society authorized under the Copyright Act to administer the rights of performers and record labels in their sound recordings) for distribution to performers (singers and musicians) and makers (record labels).

4. SOCAN Tariffs 22.D.1 and 22.D.2 for Audiovisual Webcasts

The Copyright Board of Canada issued its Statement of Royalties to be Collected for the Performance in Public or the Communication to the Public by Telecommunication, in Canada, of Musical Works and certified SOCAN Tariffs 22.D.1 (audiovisual webcasts) and 22.D.2 (audiovisual user-generated content), both for the period 2007 to 2013. The tariffs relate to music in movies, television programs and other audiovisual works (including user-generated content on Internet services like YouTube) that are streamed (not downloaded) over the Internet. The board held that the royalties would be calculated based on impressions of pages that provide the possibility of viewing an audiovisual work, and rejected Facebook's argument that the royalties should be calculated based on actual views of an audiovisual work. The board rejected Netflix's argument that the tariff should not apply to the month-long free trials that Netflix offers to prospective customers, reasoning that the free trials are not "fair dealing" in the same way that free music previews (which are exempt from royalties) are fair dealing.

C. Contracts

1. Alleged Contract Formed by Email Exchange

Free v. Magnetawan (Municipality), 2014 ONSC 3635, involved a claim of wrongful dismissal by a former Chief Administrative Officer/Clerk of the defendant municipality. The plaintiff claimed that he was appointed CAO/Clerk for a permanent, three-year term. The municipality claimed that the appointment was temporary. The plaintiff's claim was based, in large part, on an alleged email exchange between the plaintiff and the municipality's former CAO/Clerk, which purported to confirm the plaintiff's appointment for a three-year term. Neither party submitted forensic evidence regarding the emails. The former CAO/Clerk disputed the authenticity of the emails, and explained in detail (including by identifying unusual aspects of the format and content of the emails) why the emails were not authentic. The court rejected the emails and the plaintiff's related evidence, and held that the plaintiff's appointment was temporary.

2. Website Terms of Use

Magill v. Expedia, Inc., 2014 ONSC 2073, involved a class proceeding regarding alleged breaches by Expedia of its online hotel reservation contract with online customers. The plaintiff alleged that Expedia breached its Terms of Use provisions regarding its Tax Recovery Charge and Service Fee, because the Tax Recovery Charge was based on a wholesale room rate (rather than a retail room rate), the Service Fees included a hidden additional profit and Expedia did not break out the Tax Recovery Charge and Service Fee into components. Expedia first argued that the Terms of Use governed use of Expedia's website only, and were not part of the contract that governed hotel reservations. The court rejected that argument as making "no sense", because the Terms of Use described the various charges for hotel reservations and were made part of the contract that governed each reservation. The court also rejected as making "no practical sense or utility" Expedia's argument that the Terms of Use were merely representations rather than contractual promises. The court accepted Expedia's argument that the Terms of Use were not breached because the Terms of Use did not require that Expedia disclose the basis for calculating the Tax Recovery Charge and did not preclude a profit component in the Service Fee. The class action was dismissed.

D. Torts

1. Legal Effect of Website Promotional Statements

Wu v. Arsenault, 2014 BCSC 763, involved a dispute arising from the plaintiffs' engagement of the defendant The Geothermal Guys to drill two geothermal wells on the plaintiffs' property. The plaintiffs applied for leave to amend their pleadings to add claims of negligent misrepresentation against the defendant Canadian GeoExchange Coalition ("CGC") based on alleged misleading statements on CGC's website as to the qualifications of The Geothermal Guys, which the plaintiffs alleged induced them to engage The Geothermal Guys. CGC opposed the proposed amendments on the basis that they did not disclose a reasonable cause of action. CGC argued that the statements on the CGC website were intended for the public at large rather than for the plaintiffs and did not establish a relationship of sufficient proximity between CGC and the plaintiffs to give rise to a duty of care. The court rejected CGC's argument and allowed the proposed amendments. The court reasoned that the plaintiffs might be able to establish that the CGC website was intended for a relatively narrow segment of the population (including the plaintiffs) that was interested in geothermal energy systems, which made the relationship between CGC and the plaintiffs proximate enough to give rise to a duty of care.

E. Privacy

1. Proposed Class Action for Breach of Privacy

Douez v. Facebook Inc., 2014 BCSC 953, involved an application for certification of a class proceeding against Facebook Inc. for alleged violations of privacy resulting from Facebook's "Sponsored Stories" program, which used the names and images of Facebook users in British Columbia in advertisements sent to the users' contacts. The plaintiff alleged that Facebook users in British Columbia did not consent to the "Sponsored Stories" program, which violated the statutory privacy tort created by the Privacy Act (British Columbia). Facebook argued that the Sponsored Stories program was based on users' express consent included in the Facebook Terms of Use accepted by all users. Facebook challenged the court's jurisdiction on the basis that the Facebook Terms of Use specified that claims by users are governed by California law and must be adjudicated in California courts. The court rejected Facebook's challenge to the court's jurisdiction and refused to decline to exercise jurisdiction. The court reasoned that the court had territorial jurisdiction based on the Privacy Act and the British Columbia residency of the plaintiff. The court refused to decline jurisdiction primarily on the basis that the Privacy Act gave the court exclusive jurisdiction to hear claims in respect of the statutory privacy tort, and that if the court declined jurisdiction the plaintiff would have no other forum to bring the claim. The court concluded that the Privacy Act took priority over the forum selection clause in the Facebook Terms of Use, reasoning that British Columbia residents have "a significant interest in maintaining some means of policing privacy violations by multi-national Internet or social media service providers". The court certified the class proceeding to address eight common issues, including whether or not the Facebook Terms of Use provided users' consent to the use of their name and image in the Sponsored Stories program.

2. Proposed Class Action for Breach of Privacy

Ladas v. Apple Inc., 2014 BCSC 1821, involved an application for certification of a class proceeding against Apple Inc. relating to alleged unauthorized collection and storage of unencrypted location data from iDevices. The court dismissed the application on various grounds. The court accepted that the proposed statement of claim disclosed reasonable causes of action for breach of the British Columbia Privacy Act and similar statutes in other provinces and for a common law right of privacy in provinces without legislation equivalent to the British Columbia Privacy Act, but the court also held that other proposed causes of action (including alleged common law tort of invasion or breach of privacy in British Columbia, breach of the Sale of Goods Act and breach of the Business Practices and Consumer Protection Act) were not reasonable. The court held that the proposed class definition did not satisfy the requirements of the Class Proceeding Act, because the class definition was both too broad and too narrow and was not rationally related to the proposed common issues. The court held that the proposed common issues did not satisfy the requirements of the Class Proceeding Act, and the plaintiff was not an adequate representative plaintiff.

3. Invasion of Privacy

Grillo v. Google Inc., 2014 QCCQ 9394, involved a claim of privacy invasion arising from a Google Maps street view image of the plaintiff sitting on the front step of her house with part of her breast exposed. The plaintiff's face was blurred, but her house address and car license plate were visible. Google did not respond to the plaintiff's initial email complaint, which Google claimed to have not received. Two years later the plaintiff's lawyer sent a demand letter to Google, and Google responded by promptly removing the impugned image. The plaintiff claimed that the impugned image severely affected her image and reputation in the workplace, caused the plaintiff to go on sick leave for about two years and eventually quit her job, and caused the plaintiff to suffer from depression for which the plaintiff took drugs for at least eight months. The small claims court rejected Google's argument that the plaintiff had waived her right to privacy or her image by sitting outdoors, and held that the plaintiff was entitled to have her privacy and image protected and respected. The court held that the plaintiff remained recognizable, even though her face was blurred in the image, because other information or data in the image could lead to the identification of the plaintiff by her friends and colleagues. The court also held that the social utility or value of the Google service did not justify a violation of the plaintiff's privacy or constitute a valid defense under Canadian or Quebec law. The court concluded that Google's capture and dissemination of the impugned image constituted a violation of the plaintiff's privacy and image rights under Quebec civil law. The court accepted that the plaintiff was deeply shocked and hurt by the impugned image and suffered mental harm, but nevertheless held that only a small number of people actually looked at the image, the plaintiff had failed to properly prove that the image had caused the plaintiff's depression and the plaintiff's two-year delay in sending a lawyer's letter to Google had contributed to the plaintiff's damage. The court awarded the plaintiff $2,250 compensatory damages.

4. Regulatory Proceedings by Privacy Commissioner of Canada

(a) The Office of the Privacy Commissioner of Canada issued PIPEDA Case Summary #2014 – 007 regarding a complaint about Apple's collection of personal information (birth date and credit card number) to create an Apple ID used to download free apps. The Privacy Commissioner found the complaint was well-founded because: (1) Apple's privacy policy did not fully identify the purposes for which Apple collected the information; and (2) Apple did not adequately explain to users that they could create an Apple ID without providing payment information. Apple agreed to comply with the Privacy Commissioner's recommendations.

(b) The Office of the Privacy Commissioner of Canada issued PIPEDA Report of Findings #2014 – 004 regarding a complaint about a breach notification issued to the complainant by a U.S.-based service provider that provided services to an online merchant from whom the complainant made a purchase. The service provider cooperated with the investigation but disputed that it was subject to the Personal Information Protection and Electronic Documents Act ("PIPEDA") on the basis that it was merely a third-party data processor for the online merchant. The Privacy Commissioner found that the service provider was subject to PIPEDA because the service provider processed personal information on behalf of Canadian organizations, and PIPEDA applies to all organizations that have in their possession or custody personal information collected, used or disclosed in the course of a commercial activity that has a real and substantial connection with Canada. The Privacy Commissioner found the complaint not well-founded because the service provider had appropriate technical safeguards in place aimed at preventing and detecting breaches, which safeguards were evaluated on a regular basis through tests and audits.

(c) The Office of the Privacy Commissioner of Canada issued PIPEDA Settled Case Summary #2014 – 002 regarding a complaint about a provision in Apple's privacy policy regarding the collection and use of third party's personal information when a user shares content with their family and friends. The privacy policy did not explain the purposes for which Apple collected and used the personal information. In response to complaint, Apple agreed to amend its privacy policy to specify the purposes for which Apple uses third party personal information. The Privacy Commission considered the matter settled.

(d) The Office of the Privacy Commissioner of Canada issued PIPEDA Report of Findings #2014 – 001 regarding a complaint about Google's online behavioral advertising using user's sensitive health information (derived from the user's previous access to health-related websites) to display targeted advertisements for medical devices. The complainant alleged that his online activities relating to medical disorders was sensitive information that should not be used by Google to deliver targeted advertisements without the complainant's express consent. In response to the complaint, Google asserted that it did not use online behavioral advertising, but after the Privacy Commissioner issued a preliminary report Google acknowledged that it was using a form of interest-based advertising called "remarketed ads" that was subject to abuse by advertisers. Google agreed to improve its policies, practices and technologies to prevent abuse of its remarketed ads program in accordance with the Privacy Commissioner's recommendations. The Privacy Commissioner found the complaint to be well-founded and conditionally resolved.

(e) The Office of the Privacy Commissioner of Canada issued PIPEDA Report of Findings #2014 – 008 regarding a complaint about Google's Search App and the App's use of permissions. The complainant alleged that the App required users to grant the App a number of permissions in order to use the App, and the permission constituted forced consent to the collection of personal information beyond that required for the purposes of the App's functionality. Google explained that the App permissions related to the technical capabilities of the App rather than the actual functionalities of the App and the personal information actually collected and used by the App, and were not treated by Google as consents to the collection and use of personal information. Google asserted that it obtained consent to the collection and use of personal information through the App description on the app store, the Google webpage about the App, the App permissions, the App's in-app notices and the Google privacy policy. The Privacy Commissioner accepted Google's argument that the act of granting app permissions does not, by itself, constitute consent to Google's collection, use or disclosure of personal information, in part because the permissions process did not describe Google's actual collection and use of information via the App. For those reasons, the Privacy Commissioner found the complaint to be not well-founded. The Privacy Commissioner provided additional comments and guidance regarding the use of app permissions. The Commissioner cautioned that up-front app permissions could lead to user confusion, encouraged Google to ensure clarity regarding the meaning and function of permissions and how permissions will be used, commended Google's use of just-in-time in-app privacy notifications, encouraged Google to supplement its organization-wide privacy policy with context-specific information regarding the privacy practices of each of Google's services (such as the App), and suggested that Google establish and publicize a mechanism for individuals to make privacy complaints that are acknowledged and answered by Google.

5. Regulatory Guidelines for Online Consent

In May 2014, the Office of the Privacy Commissioner of Canada and the Offices of the Information and Privacy Commissioners of Alberta and British Columbia jointly published Guidelines for Online Consent (www.priv.gc.ca/information/guide/2014/ gl_oc_201405_e.asp) to address consent requirements under private sector privacy laws and to explain the privacy commissioners' expectations regarding meaningful consent in online and mobile environments.

6. Regulatory Guidance for App Developers

In September 2014, the Office of the Privacy Commissioner of Canada published Ten Tips for Communicating Privacy Practices to Your App's Users (www.priv.gc.ca/resource/fs-fi/02_05_d_61_tips_e.asp) to provide guidance for the effective communication of privacy practices to mobile app users. The Office of the Privacy Commissioner of Canada also published the results of the Global Privacy Enforcement Network privacy sweep regarding the privacy communications of mobile apps (http://blog.priv.gc.ca/index.php/2014/09/09/from-app-laudable-to-dis-appointing-global-mobile-app-privacy-sweep-yields-mixed-results/).

F. Criminal Law

1. Warrantless Seizure of Internet Subscriber Information

R. v. Spencer, 2014 SCC 43, involved a warrantless search and seizure of computer evidence relating to the commission of child pornography offences. The police identified the IP address of a computer used to access and download child pornography over the Internet using a peer-to-peer file-sharing program. The police obtained from the relevant Internet service provider, without prior judicial authorization, subscriber information for the IP address. The police requested the subscriber information pursuant to s. 7(3)(c.1)(ii) of the Personal Information Protection and Electronic Documents Act ("PIPEDA"). The police used the subscriber information to obtain a warrant to search the house where the accused lived and the accused's computer, where they found child pornography. The accused argued that the police had obtained the subscriber information in violation of the accused's Charter right against unreasonable search and seizure. The accused was convicted, and the conviction was upheld on appeal. The trial judge and the appellate court held that the police request for the subscriber information was not an unreasonable search and seizure. The accused appealed to the Supreme Court of Canada.

The Supreme Court of Canada held that the police obtaining the subscriber information was a search or seizure within the meaning of Charter s. 8 because the accused had a reasonable expectation of privacy regarding the subscriber information. The court reasoned that the disclosure of subscriber information will often amount to the identification of a user with intimate or sensitive online activities conducted on the understanding that those activities would be anonymous, and that anonymity is a privacy interest that engages constitutional protection against unreasonable search and seizure. The court rejected the argument that the Internet service contract undermined the accused's reasonable expectation of privacy, because the contract was ambiguous. The court held that PIPEDA s. 7(3)(c.1)(ii) was not applicable because "lawful authority" within that section required something more than a bare request by law enforcement authorities. The court held that, notwithstanding the unconstitutional search and seizure, the evidence should not be excluded because the police were acting by what they reasonably thought were lawful means to pursue an important lawful purpose, society has an interest in seeing a full and fair trial, based on reliable evidence, for a crime that implicates the safety of children, and the exclusion of the evidence would bring the administration of justice into disrepute. The court also held that the "making available" offence under Criminal Code s. 163.1(3) is complete once the accused knowingly (or with willful blindness) makes pornography available to others, and does not require a positive act facilitating access by others to the pornography.

2. Search of Mobile Phone Incident to Arrest

R. v. Fearon, 2014 SCC 77, involved a warrantless search of a mobile phone incident to arrest for armed robbery. The accused was arrested for armed robbery. During the pat-down search of the accused the police found an unlocked mobile phone in the accused's pocket. The police then searched the mobile phone and found an incriminating photograph and unsent text message. The accused applied to exclude the mobile phone evidence on the basis that the warrantless search violated the accused's privacy and Charter right against unreasonable search and seizure. The trial judge and the appellate court held that the search was not unreasonable. The accused appealed to the Supreme Court of Canada.

A majority of the Supreme Court of Canada held that the common law police power to conduct a warrantless search incident to a lawful arrest permits the search of mobile phones and similar devices found on the suspect, subject to the following conditions to protect the significant privacy interests at stake in mobile phone searches: (1) the arrest must be lawful; (2) the search must be truly incidental to the arrest and performed for an objectively reasonable law enforcement purpose - protecting the safety of the police and the public, preserving evidence and discovering evidence in situations in which the investigation will be stymied or significantly hampered absent the ability to promptly search the phone; (3) the nature and extent of the search must be tailored to the particular arrest for the particular offence (e.g. searching only recently sent or drafted messages, photos and call log, and not a search or download of all data); and (4) the police must make detailed notes of the search (e.g. the app searched, the extent of the search and the time, purpose and duration of the search). The majority held that the same conditions applied, regardless of the nature or capacities of the device and whether or not the mobile device is password-protected. The majority acknowledged that its approach to searches of mobile phones was different from the categorical approach – no warrantless search of mobile phones – recently adopted by the United States Supreme Court in Riley v. California. The majority held that the mobile phone search violated the accused's rights, because the police did not make detailed notes of the search. The majority held that the evidence obtained through the unlawful search should not be excluded because, in the circumstances, admitting the evidence would not bring the administration of justice into disrepute.

The dissenting minority held that a warrantless search of a mobile device incident to arrest is not lawful except in exigent circumstances – there is a reasonable basis to suspect that a search may prevent an imminent threat to safety, or there are reasonable grounds to believe that the search may prevent the imminent loss or destruction of evidence. The minority noted that the privacy interest in a digital device is quantitatively and qualitatively different from that high expectation of privacy in their digital devices because they store immense amounts of information, are fastidious record keepers, retain files and data even after users think they have been destroyed, serve as portals to vast stores of information on numerous other devices or storage services and can continue to generate evidence even after they have been seized. The minority reasoned that searches of personal digital devices risk serious encroachments on privacy, and only judicial pre-authorizations can provide an effective and impartial balancing of the state's law enforcement objectives with the intensely personal and uniquely pervasive privacy interests in digital devices. The minority concluded that police may usually seize a mobile phone incident to arrest in order to preserve the evidence, but they must obtain a warrant before they can search the phone's contents unless there are exigent circumstances. The minority would have excluded the evidence because admitting the evidence would tend to bring the administration of justice into disrepute.

3. New Internet-Related Offences

In December 2014, the Protecting Canadians from Online Crime Act (formerly Bill C-13) amended the Criminal Code, the Canada Evidence Act and the Mutual Legal Assistance in Criminal Matters Act. The Criminal Code amendments included the following:

  • A new offence of publishing an intimate image without consent (s. 162.1). The offence applies if a person knowingly or recklessly publishes, distributes, transmits, sells, makes available or advertises an "intimate image" of another person knowing that the person depicted in the image did not give their consent. "Intimate image" is defined as a visual recording (including photo, film or video) of a person in which the person is nude or engaged in explicit sexual activity, which was created in circumstances that gave rise to a reasonable expectation of privacy, and in respect of which the person depicted retains a reasonable expectation of privacy at the time the offence is committed. It is a complete defence if the publication serves the "public good" and does not extend beyond what serves the "public good". The offence is punishable by up to five years imprisonment, and the court may make an order prohibiting a convicted offender from using the Internet or other digital network.
  • Updates to various computer-related offences, including: possession of a device to obtain use of telecommunication facility/service (s. 327); unauthorized use of a computer (s. 342.1); possession of a device to obtain unauthorized use of computer system or to commit mischief (s. 342.2); message in false name (s. 371); false, indecent or harassing message (s. 372); and mischief in relation to computer data (s. 430(1.1)).
  • New or updated provisions regarding warrants and orders for the creation, preservation and production of various kinds of data, including computer data, transmission data, financial data and tracking data.

4. Mischief and Criminal Harassment

R. v. Dewan, 2014 ONCA 755, involved an appeal from a sentence imposed for mischief and criminal harassment convictions. The mischief conviction related to the accused's distribution of a forged email, purportedly from a coworker who rejected the accused's romantic advances, which degraded the co-worker professionally, sexually and physically. The criminal harassment conviction related to the accused's harassment of a former girlfriend, including distribution of a forged email purportedly from the former girlfriend, which degraded the former girlfriend professionally, sexually and physically, and suggested she was a drug user, and which attached a naked photograph of the former girlfriend. The accused's misconduct had a significant adverse impact on the victims. The accused pleaded guilty and was sentenced, in addition to five months' time served, to a suspended sentence and two years' probation for the mischief conviction and 90 days' imprisonment for the harassment conviction. The accused appealed the sentence and argued that a conditional discharge was an appropriate sentence. The court of appeal dismissed the appeal on the basis that a conditional discharge would be contrary to the public interest. The court reasoned that intimate partners must be free to terminate a relationship without fear of abuse, whether physical or psychological, or retaliation of any kind.

5. Criminal Defamatory Libel

R. v. Simoes, 2014 ONCA 144, involved an appeal from criminal convictions for defamatory libel under Criminal Code s. 298. The accused restauranteur responded to a disgruntled customer's complaints and negative reviews on an online restaurant review site by sending sexually explicit emails to the customer's employer and posting a sexually explicit message and the customer's photo on an adult cyber-dating website. The appeal court held that the trial court's finding that the accused had sent the defamatory communications was reasonable and supported by the evidence, including a similarity in writing style and language to other emails sent by the accused. The appeal court held that the trial court erred by not allowing the accused to serve the 90-day sentence on an intermittent basis so as to minimize the impact of the sentence on the accused's children. The appeal court dismissed the conviction appeal and varied the sentence to allow it to be served on an intermittent basis.

G. Regulatory Matters

1. Canada's Anti-Spam Law

Canada's anti-spam law (commonly known as "CASL") creates a comprehensive regime of offences, enforcement mechanisms and potentially severe penalties (including personal liability for corporate directors and officers) designed to prohibit unsolicited or misleading commercial electronic messages, prohibit the unauthorized installation and use of computer programs on other person's computer systems, and deter other forms of online fraud (such as identity theft and phishing).

Most parts of CASL came into force on July 1, 2014. CASL provisions regarding the installation and use of computer programs on another person's computer system came into force on January 15, 2015. CASL provisions regarding enforcement through a private right of action are currently scheduled to come into force on July 1, 2017.

In 2014, both the Canadian Radio-television and Telecommunications Commission ("CRTC") and Industry Canada published on their respective websites ( www.crtc.gc.ca/eng/casl-lcap.htm and www.fightspam.gc.ca) Frequently Asked Questions and other guidance documents regarding CASL compliance. The CRTC guidance document entitled "CASL Requirements for Installing Computer Programs" ( www.crtc.gc.ca/eng/info_sht/i2.htm) provides important guidance regarding the interpretation and application of CASL rules for the installation and use of computer programs.

2. Anti-Cyberbullying Order

In The Director of Public Safety v. Prosper (NSSC Hfx No. 423704) the court issued a cyber-bullying prevention order under Nova Scotia's Safer Communities and Neighbourhoods Act as recently amended by the Cyber-safety Act. The proceeding resulted from a complaint by Chief Andrea Paul, of the Pictou Landing First Nation, against the respondent alleging that he was posting on Facebook aggressive, defamatory, embarrassing and threatening comments about the complainant and her family. The order prohibited the respondent from: (1) engaging in cyberbullying; (2) communicating, directly or indirectly, with or contacting the complainant; and (3) communicating, directly or indirectly, about the complainant and required the respondent to remove and delete all cyber-bullying electronic communications with or about the complainant.

H. Employment

1. Wrongful Dismissal – Social Media Posts and Tweets

Kim v. International Triathlon Union, 2014 BCSC 2151, involved the plaintiff's claim for wrongful dismissal from her 22-month position as the defendant's Senior Communications Manager. The defendant claimed that the dismissal was justified as a result of a series of derogatory comments about the defendant's management and other persons posted by the plaintiff on her blog and on Twitter. The defendant alleged that the plaintiff's conduct over a specified period constituted cumulative cause for dismissal and there was no need for the defendant to give the plaintiff a final warning before her dismissal. The court rejected the defendant's argument and held that, because the defendant alleged just cause based on cumulative misconduct (rather than a single incident of insubordination), the defendant was obligated to give the plaintiff an express and clear final warning and an opportunity to improve performance before the plaintiff's ultimate and final act of misconduct. The court held that the defendant's discussions with the plaintiff about her social media activities did not constitute a sufficient warning. The court awarded the plaintiff damages calculated based on five months' notice.

2. Labour Relations – Free Speech Rights

Alberta v. Alberta Union of Provincial Employees, 2014 ABCA 197, involved appeals of a chambers judge's order holding the defendant union in civil contempt for failing to comply with directives issued by the Alberta Labour Relations Board (the "LRB") in the context of a wildcat strike at several provincial correctional facilities. The LRB directed the striking AUPE members to cease their illegal strike and the defendant to make every reasonable effort to bring the strike to an end. The LRB directives were filed in the court and became court orders. The defendant and its striking members ignored the court orders and continued and expanded the strike. The chambers judge found the defendant in contempt of the court orders, prohibited the defendant from publishing pro-strike statements on its website or social media accounts and required the defendant's leadership to post certain anti-strike statements on the defendant's website. The court of appeal upheld the chambers judge's finding that the defendant was in contempt of the court orders. The court of appeal set aside the parts of the chambers judge's order regarding statements to be made, or not to be made, on the defendant's website and social media accounts on the basis that those parts of the order limited the defendant's Charter right to freedom of expression and, due to the lack of a proper evidentiary foundation, could not be justified under Charter s. 1.

I. Internet Defamation

Defamatory Internet Publications

Trout Point Lodge Ltd. v. Handshoe, 2014 NSSC 62, involved an assessment of damages for defamation and copyright infringement relating to blatantly false Internet publications intended to destroy, harass and embarrass the individual and corporate plaintiffs and commercially benefit the plaintiff. In a previous action (2012 NSSC 245) the plaintiffs obtained a default judgment for defamation against the defendant, an award of substantial general, aggravated and punitive damages (totaling $425,000) and an injunction prohibiting the defendant from further misconduct. The defendant, a U.S. resident, ignored the injunction and continued to publish defamatory statements about the plaintiffs and photographs of the plaintiffs. The court awarded each of the plaintiffs additional general, aggravated and punitive damages (totaling $245,000) for defamation, and additional statutory and punitive damages (totaling $180,000) for infringement of copyright in four photographs.

Defamatory Emails

Pinsent v. Sandstrom, 2014 ABQB 269, involved defamation claims relating to emails about the plaintiffs sent by the defendant, a U.S. resident, to various recipients. The plaintiffs and defendant were former business associates and stakeholders in a company. The parties had a falling out and the plaintiffs took control of the company. The defendant then sent emails alleging fraud and other misconduct on the part of the plaintiffs to various recipients, including the Institute of Chartered Accountants of Alberta, the City of Edmonton, the RCMP, the Canadian Western Bank and a company with which the plaintiffs were negotiating a potential transaction. The defendant did not defend the action. The court held that the emails were defamatory, and entered default judgment against the defendant. The court awarded the plaintiffs general and aggravated damages (in the amounts of $70,000, $40,000 and $35,000 for the three plaintiffs) but refused to award punitive damages. In assessing the amount of damages, the court noted that the defamatory emails had been sent to a limited number of recipients and had not been widely distributed to a large number of recipients.

3. Defamatory Websites

Sagman v. Politi, 2014 ONSC 4183, involved a dispute between three brothers in the aftermath of an acrimonious commercial lawsuit. The defendant threatened to "crush" the plaintiffs and proceeded to attempt to do so by creating two defamatory websites designed to damage the plaintiffs' personal and professional reputations. The websites were live for approximately three months. The websites accused the plaintiffs of criminal offences and called them untrustworthy, and had the intended effect of destroying the profitability of the plaintiffs' medical practices and businesses and the plaintiffs' entire professional stature. The court noted that while the websites had been removed from the Internet, it was impossible to erase the damage they caused when they were published, and the websites had a long reach to the plaintiffs' patients and colleagues. The court concluded that it was incumbent on the court to express its disapproval of the defendant's conduct in a most strenuous way. The court awarded the plaintiffs $300,000 in general damages, $50,000 in punitive damages and costs.

4. Defamatory Blog Posts

Awan v. Levant, 2014 ONSC 6890, involved a dispute over disparaging posts by the defendant lawyer, political commentator and journalist on his Internet blog. The posts related to the plaintiff and his involvement in a dispute with Maclean's magazine and a related hearing before the British Columbia Human Rights Tribunal in 2008. The court held that the disparaging posts were defamatory and that the potential defence of fair comment was not available because the defendant was motivated by malice. In assessing damages, the court noted that the factors usually considered when quantifying defamation damages must be examined in the light of the "ubiquity, universality and utility" of the Internet, and that the Internet publication of the defamatory blog posts increased the likely readership of the headlines of the posts if not also their content. The court awarded the plaintiff $50,000 in general damages and $30,000 in aggravated damages, and ordered the defamatory blog posts be removed from the defendant's website.

J. Miscellaneous

1. Injunction Prohibiting Internet Search Results

Equustek Solutions Inc. v. Jack, 2014 BCSC 1063, involved an application for an injunction prohibiting Google Inc. and Google Canada (collectively "Google") from including the defendants' websites in search results generated by Google's search engines. The defendants used its websites to advertise and sell a product designed using the plaintiffs' trade secrets. The defendants ignored a court order prohibiting them from carrying on business through any website. Google, which was not a party to the lawsuit, agreed to voluntarily block some but not all of the defendants' websites from Google search results. The plaintiffs applied for an injunction against Google on the basis that Google's search engine facilitated the defendants' ongoing breach of court orders. Google argued that the court did not have jurisdiction over Google or should decline jurisdiction, and in any event should not issue the requested injunction.

The court held that it had jurisdiction over Google because Google, through its search engine and advertising business, carried on business in British Columbia. The court reasoned that Google's search engine websites were not passive information sites, but rather were interactive and displayed targeted advertisements. The court acknowledged that its reasoning might give every state in the world jurisdiction over Google's search services, but reasoned that result was a natural consequence of Google doing business on a global scale rather than from a flaw in the territorial competence analysis. The court also refused to decline jurisdiction over Google, because Google failed to establish that another jurisdiction (California) was a more appropriate forum and the court could effectively enforce its order against Google outside Canada.

As a matter of first impression, the court held that a court has authority to grant an injunction with extra-territorial effect against a non-party resident in a foreign jurisdiction if it is just or convenient to do so. The court reasoned that courts must adapt to new circumstances (the reality of e-commerce with its potential for abuse) in order to preserve the effectiveness of their judgments. The court held that the test to be applied in determining whether to issue an injunction against a non-party is a modified standard test for granting an injunction: (1) a good arguable case or fair question to be tried (which relates to the plaintiff's claim against defendant); and (2) a balancing of the interests (irreparable harm and convenience) of the plaintiff and the non-party to whom the injunction would apply. The court identified a number of relevant considerations, including: whether the third party is somehow involved in the defendant's wrongful acts; whether the order against the third party is the only practicable means to obtain the relief sought; whether the third party can be indemnified for the costs to which it will be exposed by the order; whether the interests of justice favour the granting of the order; and the degree to which the interests of persons other than the applicant and the non-party could be affected.

The court granted the injunction against Google requiring Google to block the defendants' websites (identified in the court order) from Google's search engine results worldwide. The court reasoned that Google was unwittingly facilitating the defendants' ongoing breaches of court orders, and there was no other practical way to stop the defendants.

Google applied for leave to appeal the injunction and for a stay of the injunction pending the appeal (2014 BCCA 295). The court of appeal granted leave to appeal because the issues presented were novel, complex and important to the parties and generally. The court refused to grant a stay of the injunction because Google had not established that the injunction would cause Google to suffer irreparable harm. The court rejected Google's argument that the injunction established a significant and negative precedent, and that Google's reputation would suffer if Google was required to comply with the injunction pending the hearing of the appeal.

2. Tax – Reporting Internet Business Revenue

The Canada Revenue Agency published on May 21, 2014 a bulletin reminding Canadians that, starting with the 2013 tax year, Canadian taxpayers (corporations, partnership and self-employed individuals) are required to report gross income from Internet web pages or websites. The bulletin explains that directory websites, information-only webpages and websites that give basic information about a business do not have to be included.

* Copyright © 2015 Bradley Freedman. All rights reserved. This paper is an abridged version of a chapter in Annual Review of Law & Practice, 2015, Continuing Legal Education Society of British Columbia.

About BLG

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.