Daniel Mayer writes:
A class action was recently allowed to proceed in Ontario against a major bank after one of its employees admitted to accessing and disclosing to third parties confidential information of the bank’s customers. While this case is not a final decision as to whether the bank was actually liable for its employee’s breaches of privacy, it serves as a reminder for employers that the law regarding breach of privacy is evolving quickly and employer policies, practices and safeguards must keep pace with it.
Facts
Mr Wilson was a mortgage administration officer for the bank. In this role he had access to highly confidential customer information. Over the course of almost one year, Wilson accessed the files of 643 customers. More than 100 of them subsequently informed the bank that they had been the victims of identity theft or fraud. Wilson admitted that he had accessed and disclosed customers’ information to a third party. The bank compensated the customers for the resulting financial losses and offered each of them a complimentary subscription to a credit monitoring and identify-theft protection service.
Despite the bank’s efforts, two customers started a class action against it.
Read more on International Law Office.