The most widely read magazine for Canadian lawyers
Issue link: https://digital.canadianlawyermag.com/i/1161314
www.canadianlawyermag.com 49 Graydon LLP. They notified law enforcement, regulatory agencies and everyone affected by the cyberattack and offered some free credit monitoring, she says. "Nonetheless, you see a class action arrive anyway," she says. In Kaplan v. Casino Rama, Belobaba said that though a class action was not the preferable recourse, class members still had the option of individual actions, in Small Claims Court and under PIPEDA. Flood and Henderson were counsel in the Broutzas v. Rouge Valley Health System case, for one of the defendants, Knowledge First Financial Inc. Broutzas was about a hospital employee unlawfully accessing patient records and selling the contact information of recent newborns so the buyer could try to sell the parents registered education savings plans. But Justice Paul Perell of the Ontario Superior Court found that the contact information, though personal, was not private information. " The information that was allegedly intruded upon was not inherently sensitive or embarrassing or humiliating," says Henderson. "Perell, example — it's usually a much larger beast," Robinson says. The certification judge is meant to be a "gatekeeper," he says. But even though certification motions have a "somewhat lower " evidentiar y threshold — a some-basis-in-fact standard — than the "normal civil setting," which operates on a balance of probabilities, the legislature did not design these processes to be easy, says Robinson. "Certification is not meant to be a rubber stamp," he says. "Certification is not meant to be a rubber stamp." Scott Robinson, McCarthy Tétrault LLP CASINO RAMA CYBERATTACK What transpired in the case of Broutzas v. Rouge Valley Health System and Kaplan v. Casino Rama is an increasingly common cyberattack, says Catherine Flood, a lawyer at Blake Cassels & Graydon LLP. Digital information on customers and others was stolen by a hacker who demanded from Casino Rama a ransom for its return. Casino Rama's response was "exemplary," says Nicole Henderson, a lawyer who is also from Blake Cassels & Graydon. Ultimately, the class action formed against it failed. looking at that as a breach of privacy claim, noted . . . most people don't treat their contact information as inherently private. It's something that's routinely shared." "Here, you saw Justice Perell, and very candidly, say there may be intrusion here, but based on what I've seen, there really wasn't seclusion," Robinson says. "This isn't going to pass muster." Perell was "expressly grappling" with the evidentiary disputes between the parties in Broutzas, and this is a trend Robinson says is widely present in Canadian class action cases. "Especially when you're seeing evidence being proposed both by the plaintiffs, but rebuttal evidence being proposed by the defendants, you're seeing courts in general in Canadian class actions now starting to grapple with evidentiary disputes at certification as opposed to just rubber stamping it and moving it on," Robinson says. "I don' t know if this is necessarily confined to a privacy class action realm. I think it's indicative of a trend you're seeing generally in Canadian class action jurisprudence, and it is what the motion is designed to be," he says. A class action is a procedural vehicle and certification is only a procedural motion to evaluate whether a case should be packaged as a class action before moving on the merits-based phase of the proceedings, says Robinson. But these can be "massive motions" with "incredible sums of money" at stake, and he says the extent of the cases has been growing over time. " The certification motion now — compared to what it was in the mid-90s, for