In Depth

Identity theft

When companies lose customer data

Last Updated January 26, 2007

CBC News

Most of the files are for consumers from British Columbia.

Equifax Canada uses data provided by banks to compile credit records on Canadian consumers. Those records include personal information such as social insurance numbers, bank account numbers and up to six years of credit and banking history.

Better Business Bureau spokesperson Sheila Chernesky said personal financial information is being gathered all the time, and there isn't much consumers can do to protect themselves.

"The credit bureau, Equifax, and the other credit bureau, Canada TransUnion, they collect information on us and we are perhaps not even aware of it," she said.

"Many Canadians are probably not aware that there is a credit report on them at the credit bureau."

• FROM March 16, 2004: Credit records accessed by criminals

This isn't the first time personal information has been accessed at Equifax. In February 2004, 1,400 confidential files were accessed illegally.

Equifax said all affected customers in this latest breach have been contacted. The RCMP is investigating.

CBC NEWS - http://www.cbc.ca/money/story/2005/06/17/equifax-050617.html

BOB AARON - View Toronto Article

An Ontario court has given a strong incentive for banks and credit reporting agencies to act faster and more efficiently when a consumer brings attention to an error in his credit report.

In January 1994, Robert Neil Clark applied for a personal loan with the Royal Bank of Canada. He learned that he had an R-9 credit rating, dated 1993, due to unpaid retail debt he allegedly owed to the Bank of Nova Scotia. (R-9 and I-9 are the worst possible ratings in a credit report.) Clark then contacted Equifax Canada Inc., a national credit reporting agency that reports information provided to it by its members. He was assured of an investigation and correction in case of an error. From 1994 to 2000, he had difficulties obtaining credit. In the course of eventually receiving all the loan approvals, various banks often told him of the R-9 entry on his report. He also reported repeated communications with both Scotiabank and Equifax over this matter. Finally, in 2000, Equifax confirmed that the delinquent loan was not against Clark, but another person with a similar first and last name but a different middle name.

Clark sued Scotiabank, which reported the R-9 rating in the first place, and Equifax, on the grounds that the continuing misrepresentation of his credit had affected his life and that he had suffered serious depression as a result. He argued that the Scotiabank and Equifax were negligent in their duties and were liable for his psychological problems.

In June, Justice Gerald F. Day of the Ontario Superior Court ruled in favour of Clark. Quoting an earlier Ontario court decision, he wrote that if credit-reporting agencies are negligent in gathering and reporting information, and if their report is inaccurate, their actions could cause creditors to either deny credit or charge more than usual. Pointing to the importance of credit and credit ratings in our society, he said credit reporters had to be accurate, skilled and diligent.

Justice Day ruled that Scotiabank and Equifax failed to take reasonable care with Clark's credit rating. Equifax did nothing for many years, he wrote.

Scotiabank admitted its failure, and although Equifax could not be blamed for supplying information provided by the bank, it could be faulted for not responding to the plaintiff's repeated requests for clarification over several years.

Clark claimed damages for distress and loss of financial reputation as a result of the actions of Scotiabank and Equifax, but was unable to prove actual monetary loss. Instead, the judge awarded him $5,000 against each defendant for intrusion on the financial integrity he is entitled to enjoy.

The Clark case, one hopes, will serve as a strong incentive for financial institutions and credit reporting agencies to be more responsive when consumers ask for corrections to their credit history.

This Editorial was Reported with Errors and Omissions and Does Not Tell the History!

This Editorial was Uncommunicated to and Unauthorized by Robert Neil Clark

Chicago, IL and Philadelphia, PA – August 19, 2002 – Recently, an Oregon jury awarded Judy Thomas $5.3 million dollars for errors found in her credit report. The Oregon woman battled with Chicago based credit reporting giant Trans Union for 6 years to have false information belonging to another woman, removed from her report. Thomas won her lawsuit against Trans Union for violations of the Fair Credit Reporting Act, the federal law which regulates the accuracy of information contained in credit reports and mandates that the credit reporting agencies investigate and correct mistakes within a 30 day period.

Trans Union, Equifax and Experian, or the “big 3” credit reporting agencies report most of the information that is used for consumer lending in this country. Often, a consumer is unaware of exactly what information is being reported about their own credit history, until they are unjustly turned down for a mortgage or installment loan. Only than, after ordering copies of their credit report, do they discover that there is an incorrect piece of information that has been reported which caused the denial.

According to consumer attorneys who handle Fair Credit Reporting Act claims, the system is inherent with flaws. The merging or mixing of credit files from 2 different, unrelated individuals into one report, or “mismerge” as it is know in the industry, is all too common. Jim Francis, of Francis & Mailman, P.C., a Philadelphia law firm that concentrates its practice in credit reporting cases, was not surprised by the verdict. “What is unfortunately known all too well by American consumers is that credit reports are riddled with errors and outdated information that often stands in the way of a job or mortgage. What is not known, is that the major credit reporting agencies are well aware of this problem and simply refuse to do anything about it.”

“What’s worse”, said Francis, “is that when a consumer disputes inaccurate information on her report, the credit reporting agencies almost always side with the companies reporting the information in the first place, rather than with the consumer, because they are the credit bureaus’ customers.” The problem, according to Francis, is financially motivated; “This is another case of the Ford Pinto. While the credit reporting agencies know full well that their cavalier and unlawful practices hurt consumers, they have consciously decided to keep the status quo out of an apparent belief that it is simply cheaper to defend against lawsuits than fix the problem at its core.”

Up until this point, most cases against the big credit reporting agencies have ended in settlements rather than in court. In a similar case against Trans Union in 1998, a jury in Mississippi awarded $4.5 million to Terry Cousin. Trans Union had mixed credit information from Cousin’s brother in with his credit report and did not remove the information, nor did they comply with the time period spelled out in the Fair Credit Act. Last year, the 5th Circuit Court of Appeals in New Orleans rejected the award, claiming Cousin erred on a technicality and did not have enough evidence to prove that Trans Union had violated the FCRA.

Mark Mailman of Francis & Mailman claims, “Juries are now awarding damages that take into account the emotional stress that goes along with a credit denial based on false information, as was the case with the $300,000 damages award in the Thomas verdict. He adds, “Your good credit rating is gone, and as a result of the ongoing battle to restore your rating, your emotional and physical health decline.”

What can a consumer do to ensure the information in their credit report is accurate? Attorney Larry Smith of Krohn & Moss, Ltd. a Chicago consumer law firm that handles FCRA cases advises, “Order a copy of your credit report from each of the 3 credit reporting agencies and look them over carefully for inaccuracies. It makes good sense to know exactly what the credit bureaus are reporting about you before you apply for that important installment loan, rather than after you have been turned down. He adds, “Should you find mistakes or errors, notify the CRA of your dispute in writing, keep a copy of the dispute letter and follow up within a month. If you have made numerous attempts to have the information investigated and removed and the CRA has not done this, you are entitled to sue the agency under the FCRA.”

According to attorneys Francis, Mailman and Smith, even after a credit bureau has investigated and removed inaccurate information, it may reappear again later. They advise ordering copies of your reports every 6 months to check that the negative item(s) is gone for good and that your credit history is reported accurately and is up to date.

Blocked and Delayed Consumer Calls Violated Consent Decree

July 30, 2003
For the second time in three years, Equifax is in trouble for failing to promptly answer consumer inquiries about their credit reports.

Equifax Credit Information Services, Inc. will pay $250,000 to settle Federal Trade Commission charges that its blocked-call rate and hold times violated provisions of an earlier consent decree that settled a 2000 lawsuit for violations of the Fair Credit Reporting Act (FCRA). That lawsuit settled charges that Equifax did not have sufficient personnel available to answer the toll-free phone number provided on consumers’ credit reports.

"Their being fined apparently didn't make an impression on them or change their behavior," said ……….., in a recent complaint to ConsumerAffairs.Com. She was turned down for a loan when Experian said her address of 23 years was not correct.

"I have been unable to get a person to answer the phone, just recorded messages. I can't reach them on their web site because I wasn't turned down so I don't have a copy of the report which they require," she said, one of many similar complaints from consumers around the nation.

The FCRA is designed to promote accuracy, fairness, and privacy of information in the files of every consumer reporting agency. To provide consumers with the ability to resolve more easily inaccuracies in their credit reports, in 1996 Congress amended the FCRA to require Equifax and the two other major credit bureaus, Trans Union LLC and Experian Information Solutions, to provide consumers who receive a copy of their credit report with a toll-free telephone number and access to credit bureau personnel during normal business hours.

In January 2000, the three credit bureaus paid a total of $2.5 million to settle charges that each violated this provision of the FCRA. According to the FTC’s complaints, the bureaus blocked calls from over a million consumers who wanted to discuss the contents of, and possible errors in, their credit reports, and kept others on hold for unreasonably long periods of time.

To ensure that credit bureau personnel were accessible to consumers, the settlements required that the bureaus meet specific performance standards, including limiting the number of calls that the agencies could block and the amount of time consumers could be placed on hold.

Equifax failed to meet the specific performance standards in the consent decree for blocked calls and hold times for certain periods in 2001. The settlement announced today will require Equifax to pay an additional $250,000 for violating the original consent decree.

http://www.herald.ns.ca/Search/473048.html 

( HERALD RECENTLY ERASED THIS TOPIC FROM THEIR PAGE - It is now BELOW! )

1 MILLION DEFRAUDED BY STAFF AT SCOTIABANK - DEC 23 2005 NEWS

$1 million siphoned from bank accounts Worker suspended from Scotiabank

By DAN ARSENAULT Crime Reporter

Customers at a Dartmouth Scotiabank had about $1 million taken from their accounts recently in an alleged internal fraud that is under investigation by local police.

A source said an employee at the branch at 112 Wyse Rd. was suspended a month ago because of the alleged embezzlement, but Frank Switzer, a

Scotiabank spokesman in Toronto, refused to discuss personnel issues and wouldn't confirm that.

"We're co-operating fully with the police," Mr. Switzer said Thursday.

"None of our customers are affected in the sense of having lost any money."

Mr. Switzer said the bank became aware something was amiss in the early fall and contacted police. But he wouldn't say how the bank knew something was wrong or how the money was taken from the accounts of "very few" customers.

"It appears that there was a compromise of confidential customer information," he said.

"When we learned the information was compromised, we notified the police right away. When there is even the slightest indication of a threat to our customers' accounts, we respond immediately and take the appropriate action."

Mr. Switzer said all the affected customers were immediately notified.

He said the bank will review its procedures but that he didn't think any changes would ensue.

"We have really strong processes in place to ensure confidentiality," he said. "Any time something happens you're always, maybe, going to take a look at things, but we think that we have very, very robust processes."

Mr. Switzer said no customers other than those at the Dartmouth branch were affected.

Sgt. Mark Hobeck, spokesman for Halifax Regional Police, said the bank contacted them in October and the regional police/RCMP integrated financial crime unit started an investigation, which is expected to continue into the new year before any charges are laid.

"We're awaiting the results of the forensic audit to come back," Sgt. Hobeck said. "It's a fairly large file to deal with."

He wouldn't confirm a source's comment that as much as $1 million was missing but said it was "fairly accurate."

"It's a large number."

Asked how the money was taken, Sgt. Hobeck said it was moved out of

customers' accounts through "an internal manipulation of accounts and

that type of thing."

( darsenault@herald.ca)

Customers and staff at the northwest Langley Scotiabank branch are taking precautions after personal information was compromised.

by Erin McKay

Personal banking information that fell into the wrong hands has led to an arrest, a review of Scotiabank policies and procedures - and some shocked clients.

"They told me to check all my accounts, go into the bank and change my account numbers, and that I should look at the possibility of changing my Social Insurance Number," one customer told The Langley Advance News, "which is when I saw red."

"It would be a huge hassle and I was told that changing your SIN could affect your credit rating," she said.

The customer, who uses Scotiabank's branch at 200th St. and 96th Ave., was alerted to the situation in the last week of February, when she received a message on her phone.

"It said they needed to talk to me about my account, and to call a 1-800 number," she said.

The customer called, but was hesitant to give out information such as her mother's maiden name or her SIN, as she was not sure who she was actually phoning. Doubting the legitimacy of the call, she did not want to fall victim to a scam.

It turned out that it was Scotiabank's customer service division, and an employee told her that her "personal information may have been compromised."

"They wouldn't say how they knew, but said I was one of several people, and that there was a police investigation," she said.

Her reaction was that of disbelief and anxiety.

"My first thought was, 'My money's gone,'" said the customer, who had opened a new account last year for her son's college fund.

Her money was untouched, and while everything seemed to be in order, she worried about the damage that could be done by her leaked SIN.

"You don't know what could be done with a SIN. It's linked to everything," she said. "I want to know who could have that, and what could they do with it."

A Scotiabank employee suggested she call the Equifax and Transunion credit bureaus to let them know that her personal information may have been compromised, and to watch for unusual loan applications and other transactions over the next few years.

According to the customer, the bank said that anybody who opened an account at that branch in 2004 may have had their personal information fall into the wrong hands.

A Scotiabank spokesman would not say how many people were affected by the breach, as an arrest has been made and the matter is before the courts, but he confirmed that the problem was limited to the one branch in northwest Langley.

The suspect is not a bank employee, Frank Switzer said, adding that it was "an isolated incident."

The breach happened last fall, but took several months to detect, Switzer said, but once it was discovered, "We contacted all affected clients to advise them of the situation, and to tell them to take the appropriate steps to safeguard their information."

Clients were told to review all their bank statements carefully, and to keep an eye on bills and statements from credit card companies and all financial institutions.

In general, he advised, everyone should monitor their mail carefully to ensure that statements are not taken out of the mailbox, and should regularly review their credit bureau information.

While the customer has heard of personal information being stolen from credit cards and through Interac, she was surprised her data could be obtained through her bank.

Asked if there is anything clients can do to prevent their information from being compromised at their bank, Switzer said the situation is a "fairly rare occurrence."

"The procedures we have in place are very good, and very strong, and we don't expect this to happen again," he said

However, a review of procedures and processes is being undertaken, and the bank is working to prevent the situation from arising in the future.

"It was an isolated event," Switzer reiterated, "and we certainly apologize to the costumers affected."

posted on 03/29/2005

Breach of Confidence

Breach - The violation of an obligation, engagement or duty; as a breach of covenant is the non-performance or violation of a covenant; the breach of a promise is non-performance of a promise; the breach of a duty is the refusal or neglect to execute an office or public trust, according to law. A breaking or infraction of a law, or of any obligation or tie; violation; non-fulfillment; as, a breach of contract; a breach of promise.  1) n. literally, a break. A breach may be a failure to perform a contract (breaking its terms), failure to do one's duty (breach of duty, or breach of trust), causing a disturbance, threatening, or other violent acts which break public tranquility (breach of peace), illegally entering property (breach of close), not telling the truth--knowingly or innocently--about title to property (breach of warranty), or, in past times, refusal to honor a promise to marry (breach of promise). 2) v. the act of failing to perform one's agreement, breaking one's word, or otherwise actively violating one's duty to others.

Confidence
n.

1)   Trust or faith in a person or thing.

2)   A trusting relationship: I took them into my confidence.

3a)  That which is confided; a secret: A friend does not betray confidences.

3b)  A feeling of assurance that a confidant will keep a secret: I am telling you this in strict confidence.

4)   A feeling of assurance, especially of self-assurance.

5)   The state or quality of being certain: I have every confidence in your ability to succeed.

adj.

Of, relating to, or involving a swindle or fraud: a confidence scheme; a confidence trickster.

SYNONYMS  confidence, assurance, aplomb, self-confidence, self-possession. These nouns denote a feeling of emotional security resulting from faith in oneself. Confidence is a firm belief in one's powers, abilities, or capacities: “You gain strength, courage and confidence by every experience in which you really stop to look fear in the face” (Eleanor Roosevelt). Assurance even more strongly stresses certainty and can suggest arrogance: How can you explain an abstruse theory with such assurance? Aplomb implies calm poise: “It is native personality, and that alone, that endows a man to stand before presidents or generals . . . with aplomb” (Walt Whitman). Self-confidence stresses trust in one's own self-sufficiency: “The most vital quality a soldier can possess is self-confidence” (George S. Patton). Self-possession implies composure arising from control over one's own reactions: “In life courtesy and self-possession . . . are the sensible impressions of the free mind, for both arise . . . from never being swept away, whatever the emotion, into confusion or dullness” (William Butler Yeats).

Breach of Trust

Any act which is in violation of the duties of a trustee or of the terms of a trust. Such a breach need not be intentional or with malice, but can be due to negligence. Breaking a promise or confidence. Any act or omission on the part of the trustee which is inconsistent with the terms of the trust agreement or the law of trusts. Violation (either through fraud or negligence) by a trustee of a duty that equity requires of him.

Breach

The violation of an obligation, engagement or duty; as a breach of covenant is the non-performance or violation of a covenant; the breach of a promise is non-performance of a promise; the breach of a duty is the refusal or neglect to execute an office or public trust, according to law. A breaking or infraction of a law, or of any obligation or tie; violation; non-fulfillment; as, a breach of contract; a breach of promise.  1) n. literally, a break. A breach may be a failure to perform a contract (breaking its terms), failure to do one's duty (breach of duty, or breach of trust), causing a disturbance, threatening, or other violent acts which break public tranquility (breach of peace), illegally entering property (breach of close), not telling the truth--knowingly or innocently--about title to property (breach of warranty), or, in past times, refusal to honor a promise to marry (breach of promise). 2) v. the act of failing to perform one's agreement, breaking one's word, or otherwise actively violating one's duty to others.

Trust

Something (as property) held by one party (the trustee) for the benefit of another (the beneficiary); (1) the trait of believing in the honesty and reliability of others; (2) faith: complete confidence in a person or plan etc; (3) confidence: a trustful relationship;

Any act or omission on the part of the trustee which is inconsistent with the terms of the trust agreement or the law of trusts. For example, the redirecting of trust property from the trust to the trustee rather than the beneficiary.
www.leanlegal.com/dictionary/b.asp

Any act which is in violation of the duties of a trustee or of the terms of a trust. Such a breach need not be intentional or with malice, but can be due to negligence.
www.wapri.org/RetirementInfo/Definitions.html

Violation (either through fraud or negligence) by a trustee of a duty that equity requires of him
wordnet.princeton.edu/perl/webwn

Breach of Contract:

Failing to perform any term of a contract, written or oral, without a legitimate legal excuse. This may include not completing a job, not paying in full or on time, failure to deliver all the goods, substituting inferior or significantly different goods, not providing a bond when required, being late without excuse, or any act which shows the party will not complete the work ("anticipatory breach.") Breach of contract is one of the most common causes of law suits for damages and/or court-ordered "specific performance" of the contract.

Breach:

The violation of an obligation, engagement or duty; as a breach of covenant is the non-performance or violation of a covenant; the breach of a promise is non-performance of a promise; the breach of a duty is the refusal or neglect to execute an office or public trust, according to law. A breaking or infraction of a law, or of any obligation or tie; violation; non-fulfillment; as, a breach of contract; a breach of promise.  1) n. literally, a break. A breach may be a failure to perform a contract (breaking its terms), failure to do one's duty (breach of duty, or breach of trust), causing a disturbance, threatening, or other violent acts which break public tranquility (breach of peace), illegally entering property (breach of close), not telling the truth--knowingly or innocently--about title to property (breach of warranty), or, in past times, refusal to honor a promise to marry (breach of promise). 2) v. the act of failing to perform one's agreement, breaking one's word, or otherwise actively violating one's duty to others. (See: breach of contract, breach of the peace, breach of promise, breach of warranty)

Contract:

A contract is any legally-enforceable promise or set of promises made by one party to another and, as such, reflects the policies represented by freedom of contract. In the civil law, contracts are considered to be part of the general law of obligations. This article describes the law relating to contracts in common law jurisdictions. (1)  a binding agreement between two or more persons that is enforceable by law (2) The writing or document containing such an agreement. (3) The branch of law dealing with formal agreements between parties.

ORAL CONTRACT UPHELD BUT DAMAGES MITIGATED

Livingston Excavation & Trucking Inc. v. Maple Engineering and

Construction Ltd.

[1] is primarily noteworthy for the Court's analysis of the damages claimed by the Plaintiff.

The Defendant general contractor was building a pier in Hamilton Harbour. It negotiated with the Plaintiff, which had done excavation work for the Defendant previously on the basis of an oral contact, to supply equipment to perform part of the work. A purchase order was issued by Maple and work started in March 1998. Shortly thereafter, Maple advised the Plaintiff that it had found another contractor, and that the Plaintiff's services were no longer required. The Plaintiff sued, stating that it had an oral contract to perform the entire project. The defence was that the contract was only on a day-to-day basis and was subject to termination at will. The Court found for the Plaintiff, holding that there was indeed an oral contract between the parties and that it was for the performance of all of the work, relying on the extensive negotiations between the parties and the transportation of the very large piece of equipment from the Simcoe area to Hamilton, as well as the purchase order which appeared to be open-ended.

Livingston had claimed loss of profit based on the estimated number of days it would take to complete the work times 10 hours per day times $140.00 which the parties agreed was the hourly rate that had been arrived at.

Although evidence was lead that the replacement contractor had worked 1,354 hours, the Court allowed only 1,000 hours to compensate Livingston for its loss, at the rate of $140.00 per hour.

After arriving at this gross, the Court made deductions for depreciation, labour costs, the cost of gasoline and the failure by Livingston to mitigate its damages by making the machine available for work at other locations.

In the result while Livingston did receive some damages, it was awarded far less than it had claimed due to its failure to properly mitigate its damages

The Fiduciary Duty is a legal relationship between two or more parties (most commonly a "fiduciary" or "trustee" and a "principal" or "beneficiary") that in English common

law is arguably the most important concept within the portion of the legal system known as equity. Since the Judicature Acts merged the courts of Equity (historically based in

England's Court of Chancery) with the courts of common law, the concept of fiduciary duty also became usable in common law courts.

A fiduciary duty is the highest standard of care imposed at either equity or law. A fiduciary is expected to be extremely loyal to the person they owe the duty (the "principal"): they must not put their personal interests before the duty, and must not profit from their position as a fiduciary, unless the principal consents. The fiduciary relationship is highlighted by good faith, loyalty and trust, and the word itself originally comes from the Latin fides, meaning faith, and fiducia.

When a fiduciary duty is imposed, equity requires a stricter standard of behaviour than the comparable tortious duty of care at common law. It is said the fiduciary has a duty not to be in a situation where personal interests and fiduciary duty conflict, a duty not to be in a situation where their fiduciary duty conflicts with another fiduciary duty, and a duty not to profit from their fiduciary position without express knowledge and consent. A fiduciary cannot have a conflict of interest. It has been said that fiduciaries must conduct themselves "at a level higher than that trodden by the crowd."

-

Breach - The violation of an obligation, engagement or duty; as a breach of covenant is the non-performance or violation of a covenant; the breach of a promise is non-performance of a promise; the breach of a duty is the refusal or neglect to execute an office or public trust, according to law. A breaking or infraction of a law, or of any obligation or tie; violation; non-fulfillment; as, a breach of contract; a breach of promise. 

1) n. literally, a break. A breach may be a failure to perform a contract (breaking its terms), failure to do one's duty (breach of duty, or breach of trust), causing a disturbance, threatening, or other violent acts which break public tranquility (breach of peace), illegally entering property (breach of close), not telling the truth--knowingly or innocently--about title to property (breach of warranty), or, in past times, refusal to honor a promise to marry (breach of promise). 2) v. the act of failing to perform one's agreement, breaking one's word, or otherwise actively violating one's duty to others. (See: breach of contract, breach of the peace, breach of promise, breach of warranty)

Breach Of Fiduciary Duty: Where a principal can establish both a fiduciary duty and a breach of that duty, through violation of the rules below, the court will find that the benefit gained by the fiduciary should be returned to the principal because it would be unconscionable to allow the fiduciary to retain the benefit by employing his strict common law legal rights. This will be the case, unless the fiduciary can show there was full disclosure of the conflict of interest or profit and that the principal fully accepted and freely consented the fiduciary's course of action.

1. Fiduciary duty in different jurisdictions

Different jurisdictions regard fiduciary duties in different lights. Canadian law, for example, has developed a cutting edge body of fiduciary case law, more so than American law, whilst Australian law and British law have developed more conservative approaches than either the USA or Canada. The law expressed here follows the general body of elementary fiduciary law found in most common law jurisdictions.

2. Elements of the fiduciary duty

The person the duty is imposed on is called the fiduciary. A fiduciary will be liable to account if it is proved that the profit, benefit, or gain was acquired by one of three means:

In circumstances of conflict of duty and interest

In circumstances of conflict of duty and duty

By taking advantage of the fiduciary position.

Therefore, it is said the fiduciary has a duty not to be in a situation where personal interests and fiduciary duty conflict, a duty not to be in a situation where their fiduciary duty conflicts with another fiduciary duty, and not to profit from their fiduciary position without express knowledge and consent. A fiduciary cannot have a conflict of interest.

2.1. Conflict of interest and duty

A fiduciary must not put themselves in a position where their interest and duty conflict. In other words, they must always serve the principal's interests, subjugating their own preference for those of the principal. The fiduciary's state of mind is irrelevant; that is, it does not matter whether the fiduciary had any ill-intent or dishonesty in mind.

2.2 Conflict of duty and duty

A fiduciary's duty must not conflict with another fiduciary duty. Conflicts between one fiduciary duty and another fiduciary duty arise most often when a lawyer or an agent, such as a real estate agent, represent more than one client, and the interests of those clients conflict. This usually occurs when a lawyer attempts to represent both the plaintiff and the defendant in the same matter, for example. The rule comes from the logical conclusion that a fiduciary cannot make the principal's interests a top priority if he has two principals and their interests are diametrically opposed; he must balance the interests, which is not acceptable to equity. Therefore, the conflict of duty and duty rule is really an extension of the conflict of interest and duty rule.

2.3. No-profit rule

A fiduciary must not profit from the fiduciary position. This includes any benefits or profits which, although unrelated to the fiduciary position, came about because of an opportunity that the fiduciary position afforded. It is unnecessary that the principal would have been unable to make the profit; if the fiduciary makes a profit, by virtue of their role as fiduciary for the principal, then the fiduciary must report the profit to the principal. If the principal consents then the fiduciary may keep the benefit. If this requirement is not met then the property is deemed by the court to be held by the fiduciary on constructive trust for the principal.

3. Fiduciary relationships

The most common circumstance where a fiduciary duty will arise is between a trustee and a beneficiary. A trustee is the legal, i.e., common law owner of all the trust's property. The beneficiary, at law, has no legal title to the trust; however, the trustee is bound by equity to suppress his own interests and serve only the beneficiary. In this way, the beneficiary obtains the use of property without being its technical owner.

3.1. Relationships which routinely attract a fiduciary duty are:

Trustee/beneficiary: Keech v Sandford                   Director/company: Woolworths Ltd v Kelly

Lawyer/client: Sims v Craig Bell & Bond  Partner/partner: Fraser Edmiston Pty Ltd v AGT (Qld) Pty Ltd;  Chan v Zacharia

Stockbroker/client: Hodgkinson v Simms Doctor/Patient: Breen v Williams

Parent/Child: Paramasivam v Flynn

Agent/principal: McKenzie v McDonald[   Senior employee/company: Green & Clara Pty Ltd v Bestobell Industries Pty Ltd

3.2. Possibly fiduciary relationships

Joint ventures, as opposed to business partnerships, are not presumed to carry a fiduciary duty; however, this is a matter of degree. If a joint venture is conducted at commercial arm's length and both parties are on an equal footing then the courts will be reluctant to find a fiduciary duty, but if the joint venture is carried out more in the manner of a partnership then fiduciary relationships can and often will arise.

Husbands and wives are not presumed to be in a fiduciary relationship; however, this may be easily established. Similarly, ordinary commercial transactions in themselves are not presumed to but can give rise to fiduciary duties, should the appropriate circumstances arise. These are usually circumstances where the contract specifies a degree of trust and loyalty or it can be inferred by the court.

4. Breaches of duty and remedies

Where a principal can establish both a fiduciary duty and a breach of that duty, through violation of the above rules, the court will find that the benefit gained by the fiduciary should be returned to the principal because it would be unconscionable to allow the fiduciary to retain the benefit by employing his strict common law legal rights. This will be the case, unless the fiduciary can show there was full disclosure of the conflict of interest or profit and that the principal fully accepted and freely consented the fiduciary's course of action. Remedies will differ according to the type of damage or benefit. They are usually distinguished between proprietary remedies, dealing with property, and personal remedies, dealing with pecuniary (monetary) compensation.

4.1. Constructive trusts

Where the unconscionable gain by the fiduciary is in an easily identifiable form, such as the recording contract discussed above, the usual remedy will be the already discussed constructive trust. Constructive trusts pop up in many aspects of equity, not just in a remedial sense, but, in this sense, what is meant by a constructive trust is that the court has created and imposed a duty on the fiduciary to hold the money in safekeeping until it can be rightfully transferred to the principal.

4.2. Account of profits

An account of profits is another potential remedy. It is usually used where the breach of duty was ongoing or when the gain is hard to identify. The idea of an account of profits is that the fiduciary profited unconscionably by virtue of the fiduciary position, so any profit made should be transferred to the principal. It may sound like a constructive trust at first, but it is not.

4.3. Compensatory damages

Compensatory damages are also available.  Accounts of profits can be hard remedies to establish, therefore, a plaintiff will often seek compensation (damages) instead. Courts of equity initially had no power to award compensatory damages, which traditionally were a remedy at common law, but legalization and case law has changed the situation so compensatory damages may now be awarded for a purely equitable action.

Negligence in private law

In the common law, negligence is the basis of most non-intentional torts or wrongs when loss or damage is caused to an individual by the nonfeasance, misfeasance or malfeasance (i.e. a failure to act, an inadvertent action, or an intentional action) of another. In civil law systems such those found in continental Europe, Quebec, and Puerto Rico, negligence is classified as a form of extra-contractual responsibility, sometimes called a quasi-delict in distinction to the more willful delicts within the conceptual framework of the law of obligations. The detailed rules are not the same as those set out under the Anglo-American common law.

Negligence in common law countries

Negligence arose from the common law and, although some applications may now be incorporated into statute or codes, it is considered the primary basis upon which to determine liability in tort (in the United States where juries sit in civil trials, succinct definitions of principles are found in the jury instructions). The general test of liability requires the plaintiff or claimant to prove that:      the defendant owed a duty of care to the plaintiff/claimant;

the defendant breached that duty of care;

this breach caused loss or damage to the plaintiff/claimant; and

the defendant should compensate the plaintiff/claimant for that loss or damage.

Damages place a monetary value on the harm done, following the principle of restitutio in integrum (the Latin for "restoration to the original condition"). Thus, for most purposes connected with the quantification of damages, the degree of culpability in the breach of the duty of care is irrelevant. Once the breach of the duty is established, the only requirement is to compensate the victim. But, particularly in the U.S., punitive or exemplary damages may be awarded in addition to compensatory damages to reflect the egregious nature of the defendant's conduct, e.g. that the defendant was malicious or callously indifferent.

1. Duty: A person owes a duty of care to another when the reasonable person would foresee that that other will be exposed to the risk of injury if the particular acts or omissions are continued.

2. Breach of Duty: Once it is established that the defendant owed a duty to the plaintiff/claimant, the second question is whether the duty was breached. The test is both subjective and objective. If the defendant actually realized that the plaintiff/claimant was being put at risk, taking the decision to continue that exposure to the risk of injury breaches the duty. If the defendant did not actually foresee that another might be put at risk, but a reasonable person in the same situation would have foreseen the possibility that another might be injured, there will be a breach. This must be judged at the time of the events and not with the benefit of hindsight: see Roe v Minister of Health (1954) 2 AER 131.

For the rule in the U.S., see: calculus of negligence

3. Causation: For the full pages on English law, see causation in English law and breaking the chain

For the defendant to be held liable, it must be shown that the particular acts or omissions were the cause of the loss or damage sustained. There are two elements in the test of causation, namely: actual cause (sometimes referred to as "cause in fact") and legal cause (sometimes referred to as "proximate cause").

(a) Cause in Fact
Was the defendant the actual cause of injuries sustained by the plaintiff/claimant. A "But-For Test" is generally employed which has three elements:

Identify the loss or damage sustained by the plaintiff/claimant;

identify the specific conduct alleged to be the cause of that loss or damage;

demonstrate that the specific loss or damage would not have occurred "but for" the specific conduct of the defendant.

Areas where cause in fact is difficult: 1) Multiple Defendants 2) Alternative liability theory 3) Market Share liability 4) Loss of chance/medical uncertainty

(b) Proximate Cause
Proximate cause is based on a test of foreseeability. Once a breach of the duty of care has been established, the question is whether a defendant should be liable for all the loss or damage flowing naturally from that breach. For this purpose, a distinction is made between loss or damage which is "proximate", and loss or damage which is "remote".

The general rule is that a claim will only succeed for reasonably foreseeable loss or damage. This limits claims to those reasonably foreseeable at the time of the breach and for loss or damage of the same kind as that actually suffered.

4. Damage

The plaintiff/claimant must have suffered loss or damage flowing naturally from the breach of the duty of care if damages are to be awarded. This may be physical (e.g. personal injury), economic (e.g. pure financial loss), or both (e.g. financial loss of earnings consequent on a personal injury), or reputational (e.g. in a defamation case). In English law, at least, the right to claim for purely economic loss is limited to a number of 'special' and clearly defined circumstances.

5. Defenses

The defendant may have a complete or partial defense to the claim. Where the defense is complete, the plaintiff/claimant will be denied damages. Where the defence is partial, the amount of damages awarded to the plaintiff/claimant will be reduced on a pro rata basis. In addition to the issue of remoteness, the behavior of the plaintiff/claimant is relevant for different reasons.

6. Damages

Where a plaintiff/claimant proves (1) - (4) above, and there is no defence, damages are payable for his or her loss. Damages are, in general, compensatory and not punitive in nature. This means that the amount paid matches the plaintiff/claimant's actual loss (in cases involving physical injury, the amount awarded should aim to compensate for the pain and suffering). It is not the court's intention to punish the defendant. The award should be sufficient so as to put the plaintiff/claimant back in the position he or she was before the tort was committed and no more, because otherwise the plaintiff/claimant would actually profit from the tort. The award of damages may include the following heads of damage:

Special damages - losses suffered from the date of the tort up until the date of trial and which can be precisely quantified in monetary terms.

General damages - losses that cannot be quantified exactly in monetary terms (the actual pain, suffering, and loss of amenity caused by the negligent act), as well as expected future losses from the date of trial (e.g. continuing pain and suffering, and loss of earnings). Where the plaintiff/claimant proves only negligible loss or damage, or the court is unable to quantify the losses, the court may award nominal damages.

Punitive damages - are awards of amounts greater than those needed to compensate the victim and are intended to deter intentional, usually malicious, wrongdoing. They are not available where only negligence has been proved.

Joint and Several Liability Amongst Co-Defendants

Joint and several liability developed under circumstances different from those of today. First, at the time the rule came into being, if a plaintiff was partly responsible for his or her loss (contributorily negligent), a defendant would not be held liable. Contributory negligence was a complete bar to recovery. In addition, it was believed that the courts were incapable of apportioning fault among several defendants.

The overriding aim was to ensure that a blameless plaintiff would be made whole for the loss suffered. The desire to afford full recovery for a plaintiff meant that if a wrongdoer was insolvent or otherwise unable to satisfy his or her share of the liability, the risk of satisfying that wrongdoer’s share would fall upon the other wrongdoers.

Before proceeding further, it is worth defining what is meant by joint and several liability amongst co-defendants. For this purpose, the relevant section of the Interim Report is repeated:

Joint and several liability involves two or more wrongdoers acting independently so as to cause the same damage to a plaintiff. Where two or more persons, acting independently of each other, have by their separate wrongful acts brought about a single and specific injury to another person, the law holds them jointly and severally liable for the full loss. The law treats each wrongdoer as the effective cause of the plaintiff’s entire loss and therefore allows the plaintiff to seek full compensation from any of the defendants found liable. (11)

A defendant who satisfies a judgment has a right of contribution from the other parties who are liable. This right allows the court to make an order requiring each defendant who has caused or contributed to a plaintiff’s loss to contribute to paying the judgment based upon the extent of his or her responsibility for the loss. For example, where a plaintiff’s loss is found to have been caused by the negligence of three different defendants, joint and several liability holds each of the defendants 100% liable to the plaintiff and the plaintiff is entitled to seek full payment from any one of them. Among the defendants, however, responsibility may be apportioned, for example, 40% to Defendant1 (D1), 35% to Defendant2 (D2) and 25% to Defendant3 (D3).

Although a right of contribution gives a defendant the opportunity to reduce his or her ultimate liability, the right will have little meaning when some of the defendants are insolvent or unavailable. In these situations, a solvent defendant under a joint and several liability regime will have to bear the cost of another defendant’s insolvency or unavailability.

There is a perception that joint and several liability increases a defendant’s liability and makes a defendant responsible for paying an entire damage award in situations where he or she bears relatively little blame for a plaintiff’s loss. This is not so, but joint and several liability, however, leaves a defendant responsible for assuming the obligations of co-defendants when they are insolvent or unavailable. In this regard, it is worth repeating the words of the U.K. Law Society’s Special Committee on Joint and Several Liability, as quoted in the Interim Report.

...[J]oint and several liability does not increase a defendant’s liability. Rather by affording the right to claim a contribution from fellow wrongdoers, it offers the chance to reduce the ultimate liability. The rule only applies where all the co-defendants are equally and fully liable, so there is no question of a person accepting greater liability than would always have been his legal responsibility. (12)

In Canada, the various negligence statutes provide for joint and several liability amongst co-defendants, with a right contribution among the defendants.

Professional Liability

Professional Liability  1               Tortfeasors are people who commit a tort -- they are liable "jointly and severally".

Professional Liability  2               A tort is a civil wrong (as compared to a criminal wrong).

Professional Liability  3               There are 3 main types of torts - Negligence, Intentional Torts, and Strict Liability.

I.  Negligence:                         1.  Defendant has a duty to the plaintiff (to keep the grocery store safe)

2.  Defendant breached that duty (by leaving a banana peel on the floor for two hours)

3.  The breach proximately caused (plaintiff slipped on the banana peel)

4.  Plaintiff's damages (plaintiff says ouch!)

An example of Negligence is PROFESSIONAL LIABILITY (MALPRACTICE) - is actually a negligence action against a professional.

Professionals must exercise the appropriate standard of professional care.

The term ''profession'' is often used to refer to an occupation that requires extensive academic training. The right to recover damages from a professional in a tort action is not limited to cases that involve services provided by persons who have extensive formal training, who hold advanced academic degrees, or who must be licensed or certified by a governmental or private entity to perform the services they offer. An action for professional liability may also be based on the rendition of services by any person who purports to have special expertise or who engages in a profession, trade, or business that requires specialized care, skill, knowledge, or experience. Such actions have been pursued against persons engaged in a wide range of occupations, including accountants, architects, engineers, surveyors, attorneys, insurance agents, real estate brokers, title abstractors, termite inspectors, escrow agents, title insurers, stockbrokers, physicians, nurses, chiropractors, beauticians, dentists, ambulance services, pharmacists, and veterinarians. Accordingly, the term ''professional,'' is used in the broad sense employed by the courts to describe actions characterized as ''professional negligence'' actions, that is, with reference to the negligence of persons who hold themselves out as experts, or who engage in professions, businesses, and trades that require specialized reference to the specialized services they offer.

Most commonly, actions based on professional negligence are brought against physicians, attorneys, and accountants. In contrast, most other types of professional negligence actions have produced very little decisional law. Consequently, the law applicable in these actions must frequently be determined by reference to general principles of law established in other types of professional negligence actions, including medical and legal. It has been generally recognized that all professional negligence actions, including those brought against physicians and attorneys, are ordinarily governed by the same basic rules of law, except to the extent changed by statute.

In addition to liability in tort for negligent conduct, a professional may be liable for the breach of a contract entered into with his or her client. A professional who expressly contracts to accomplish or avoid a specific result will, even in the absence of negligence, be liable for breach of contract if he or she fails to comply. Moreover, the statute of frauds proscribes a cause of action for breach of contract based on warranty of treatment by physicians, osteopaths, chiropractors, podiatrists, or dentists, unless the agreement is in writing and signed by the party to be charged.

Damages for injuries caused by negligent performance of a contractual duty may be obtained through a tort action. Negligent conduct by a professional may thus be characterized as a tort that arises from the breach of an implied contractual promise to act with due care. In such event, the same conduct may be both a tort and a breach of a contract between the professional and the client.

Vicarious Liability

Vicarious Liability  1:                        Laws that enable victims to hold one party responsible for the actions of another, based on their relationship to each other.

Vicarious Liability  2:                        For example, a parent can be held vicariously liable for the harmful actions of their children and an employer can be held vicariously liable for the actions of their employees.

Vicarious Liability  3:                        This common law has existed for more than 200 Years.

Vicarious Liability  4:                        It ensures that injured parties can be compensated for harm suffered.

Vicarious Liability  5:                        It protects victims who are harmed by employees that are unable to pay for the damages they cause during the course of their employment.

Vicarious Liability  6:                        It forces employers to be accountable for the actions of their employees.

Vicarious Liability  7:                        It is a means of holding businesses accountable for the risks they create.

Vicarious Liability  8:                        It encourages careful monitoring of business products and practices.

Vicarious Liability  9:                        There are several ways that a business can be held liable for the actions of its employees.

Vicarious Liability  10:                     All are known as vicarious liability.

Vicarious Liability  11:                     A company might be held responsible for damage caused by an employee if the company knows that the employee is likely to injure someone but negligently fails to exercise adequate control over the employee.

Vicarious Liability  12:                     The owner of a vehicle can be held responsible for negligently entrusting a vehicle to another driver whose driving causes an accident.

Vicarious Liability  13:                     Generally, however, a business owner is not responsible for acts committed by independent contractors.

Vicarious Liability  14:                     The most common form of vicarious liability is known by the Latin term respondeat superior.

Vicarious Liability  15:                     Under respondeat superior, an employer is responsible for torts committed by employees within the scope of their employment.

Vicarious Liability  16:                     For example, if a pedestrian is struck and injured by a person driving to a party, the victim has a claim against the driver.

Vicarious Liability  17:                     However, if the pedestrian is hit by a person driving a delivery van for their employer, then respondeat superior allows the pedestrian to bring claims against both the driver and the employer.

Vicarious Liability  18:                     Frequently, personal injury plaintiffs cannot recover anything from negligent employees because they have no money.

Vicarious Liability  19:                     Because employers usually have more money or better insurance, plaintiffs often focus their recovery efforts on the employers.

Vicarious Liability  20:                     An employer may have a cause of action against the employee who exposed the company to liability, but such actions are rarely pursued either because the employee has no money or the employer assumes that to do so would create ill will among remaining employees.

Strict Liability

Strict Liability   1:                             Tortfeasors are people who commit a tort -- they are liable "jointly and severally" -- meaning a plaintiff can pick and choose which to collect from after a judgment is rendered (although plaintiff cannot recover an amount greater than the judgment)

Strict Liability   2:                             A tort is a civil wrong (as compared to a criminal wrong).

Strict Liability   3:                             There are 3 main types of torts - Negligence, Intentional Torts, and Strict Liability.

III.  Strict Liability:                     Strict liability departs from Negligence in a huge way. In negligence - we assess whether a defendant breached its duty of care to the plaintiff, and we ask the question did the defendant act reasonably.

There are 3 types of strict liability cases:

a)  Keeping wild animals

b)  Dangerous, legal activities such as blasting roads

c)  The manufacture of products (Product Liability)

Strict Liability   4:                             In strict liability cases, the defendant(s) are liable even if it acted reasonably – and in this case EFX and BNS did not act reasonably.

Strict Liability   5:                             A party to a purchase or supply contract is entitled to sue for damages for breach of the contract if the quality, fitness or performance of the product does not comply with express or implied contractual terms.

Strict Liability   6:                             Implied terms may be found by reference to trade practice or common usage.

Strict Liability   7:                             In addition, provincial sales of goods legislation will generally imply, as part of any agreement for the sale of goods, terms and conditions regarding the fitness and quality of the products sold.

Strict Liability   8:                             Legislation commonly prohibits exclusion of these statutory warranties and conditions from contracts for the sale of products to consumers.

Strict Liability   9:                             In a few provinces, legislation implies statutory warranties in favour of consumers by manufacturers and others in the distribution chain in certain circumstances, even in the absence of contractual privity.

Strict Liability   10:                          Where a purchaser or user of a defective product does not have a contractual relationship with the proposed defendant and statutory warranties are not implied, the purchaser or user will have to prove negligence; that is, failure to exercise reasonable care in the preparation or putting up of the product which results in injury to the foreseeable user or the user’s property.

Strict Liability   11:                          Product liability claims under common law can be made for negligently manufacturing a product, negligently designing it or failing to warn foreseeable users of the product of dangers inherent therein.

Strict Liability   12:                          Although negligence must be proven in each case, manufacturers will as a practical matter be held strictly liable if a product has a manufacturing defect (i.e., it was built in a way that was not intended by the manufacturer), because the Court will assume there was negligence in the manufacturer’s production process or by its employees and will not require the consumer to establish which it was.

Strict Liability   13:                          In addition to product liability claims, a product vendor, manufacturer or distributor who recklessly or carelessly makes false statements regarding its safety or utility may be held liable for any losses arising from reasonable reliance on such statements.

Strict Liability   14:                          To establish liability for such negligent misrepresentation, the Court must find that there existed a “special relationship” between the person making the statement and the recipient of the statement, actual or constructive knowledge on the part of the maker that the recipient intended to rely on the accuracy of the statement, and proof that such reliance was reasonable and caused the loss.

Strict Liability   15:                          All parties in the distribution chain are potentially liable for product liability claims if negligence can be established. Examples would include failure to detect any product defect that they knew or ought to have known existed through reasonable inspection, or failing to provide warnings to potential users of dangers they knew or ought to have known were associated with use of the product.

Strict Liability   16:                          Under provincial negligence legislation, joint tortfeasors are jointly and severally liable for a plaintiff’s loss in most cases.

Strict Liability   17:                          The Court may determine the degree of fault or negligence of various persons whose collective “fault” or neglect caused injury to a plaintiff and apportion it amongst those persons.

Strict Liability   18:                          However, the plaintiff can recover all of his or her damages from a person who has been found even partly at fault, and it will then be up to that person to seek contribution from other tortfeasors.

Strict Liability   19:                          The recovery of damages for negligence, negligent misrepresentation, breach of the duty to warn and breach of contract are limited to losses reasonably foreseeable to the parties and not considered “remote.”

Strict Liability   20:                          Damages for personal injury and property damage are intended to be compensatory. General damages for pain and suffering are presently capped at just under $300,000.

Strict Liability   21:                          Canadian law is unsettled as to the extent to which pure economic loss arising from a product defect may be recovered in a negligence action where such loss does not arise from personal injury or damage to property, other than the product itself, or from a risk of such injury or damage.

Strict Liability   22:                          Economic losses are recoverable in claims respecting breach of contract, negligent misrepresentation and breach of the duty to warn.

Strict Liability   23:                          Punitive damages are available in Canada in certain limited circumstances, though awards are very rare in product liability cases and are, in most cases, fairly modest when made.

Strict Liability   24:                          Historically, Canadians have been less litigious than Americans and damage awards have been much lower

Strict Liability   25:                          Jury trials are much less common than Judge alone trials.

Strict Liability   26:                          Punitive damage awards have been infrequent and relatively low (generally less than $100,000).

Strict Liability   27:                          Class action legislation in Canadian provinces has recently begun to change the Canadian litigation landscape, however, resulting in a number of multi-million dollar settlements in the product liability area.

Strict Liability   28:                          The threshold for class certification is generally considered to be lower in Canada than the U.S. and product liability class actions for personal injury damages, medical monitoring costs and refunds have been certified despite vigorous opposition from defendants.

Strict Liability   29:                          It remains to be seen whether the availability of class actions will result in more frequent jury trials, larger punitive damage awards or changes in substantive laws.

Strict Liability   30:                          Outside of the class action context, there has been some recent support for higher punitive damage awards, though still in very limited circumstances.

Product Liability

Product Liability   1:                       Is the responsibility of manufacturers, distributors and sellers of products to the public, to deliver products free of defects which harm an individual or numerous persons and to make good on that responsibility if their products are defective.

Product Liability   2:                       The key element in products liability law is that a person who suffers harm need not prove negligence, since the negligence is "presumed" and the result is "strict liability" (absolute responsibility) on the seller, distributor and manufacturer.

Product Liability   3:                       An injured person usually need only sue the seller and let him/her/it bring the manufacturer or distributor into the lawsuit or require contribution toward a judgment.

Product Liability   4:                       However, all those possibly responsible should be named in the suit as defendants if they are known.

Product Liability   5:                       The defendants are "presumed" to be the Tortfeasors.

Product Liability   6:                       Tortfeasors are people who commit a tort -- they are liable "jointly and severally".

Product Liability   7:                       A tort is a civil wrong (as compared to a criminal wrong).

Product Liability   8:                       There are 3 main types of torts - Negligence, Intentional Torts, and Strict Liability.

Product Liability   9:                       Strict liability departs from Negligence in a huge way. In negligence - we assess whether a defendant breached its duty of care to the plaintiff, and we ask the question did the defendant act reasonably.

Product Liability   10:                    There are 3 types of strict liability cases:

a)  Keeping wild animals

b)  Dangerous, legal activities such as blasting roads

c)  The manufacture of products (Product Liability)

Product Liability   11:                    In strict liability cases, the defendant(s) are liable even if it acted reasonably

Product Liability   12:                    In this case EFX and BNS did not act reasonably in 1994, 1995, 1996, 1998, 1999 and 2000 to this date.

Product Liability   13:                    A party to a purchase or supply contract is entitled to sue for damages for breach of the contract if the quality, fitness or performance of the product does not comply with express or implied contractual terms.

Product Liability   14:                    Implied terms may be found by reference to trade practice or common usage.

Product Liability   15:                    In addition, provincial sales of goods legislation will generally imply, as part of any agreement for the sale of goods, terms and conditions regarding the fitness and quality of the products sold.

Product Liability   16:                    Legislation commonly prohibits exclusion of these statutory warranties and conditions from contracts for the sale of products to consumers.

Product Liability   17:                    In a few provinces, legislation implies statutory warranties in favour of consumers by manufacturers and others in the distribution chain in certain circumstances, even in the absence of contractual privity.

Product Liability   18:                    Where a purchaser or user of a defective product does not have a contractual relationship with the proposed defendant and statutory warranties are not implied, the purchaser or user will have to prove negligence; that is, failure to exercise reasonable care in the preparation or putting up of the product which results in injury to the foreseeable user or the user’s property.

Product Liability   19:                    Product liability claims under common law can be made for negligently manufacturing a product, negligently designing it or failing to warn foreseeable users of the product of dangers inherent therein.

Product Liability   20:                    Although negligence must be proven in each case, manufacturers will as a practical matter be held strictly liable if a product has a manufacturing defect (i.e., it was built in a way that was not intended by the manufacturer), because the Court will assume there was negligence in the manufacturer’s production process or by its employees and will not require the consumer to establish which it was.

Product Liability   21:                    In addition to product liability claims, a product vendor, manufacturer or distributor who recklessly or carelessly makes false statements regarding its safety or utility may be held liable for any losses arising from reasonable reliance on such statements.

Product Liability   22:                    To establish liability for such negligent misrepresentation, the Court must find that there existed a “special relationship” between the person making the statement and the recipient of the statement, actual or constructive knowledge on the part of the maker that the recipient intended to rely on the accuracy of the statement, and proof that such reliance was reasonable and caused the loss.

Product Liability   23:                    All parties in the distribution chain are potentially liable for product liability claims if negligence can be established.

Product Liability   24:                    Examples would include failure to detect any product defect that they knew or ought to have known existed through reasonable inspection, or failing to provide warnings to potential users of dangers they knew or ought to have known were associated with use of the product.

Product Liability   25:                    Under provincial negligence legislation, joint tortfeasors are jointly and severally liable for a plaintiff’s loss in most cases.

Product Liability   26:                    The Court may determine the degree of fault or negligence of various persons whose collective “fault” or neglect caused injury to a plaintiff and apportion it amongst those persons.

Product Liability   27:                    However, the plaintiff can recover all of his or her damages from a person who has been found even partly at fault, and it will then be up to that person to seek contribution from other tortfeasors.

Product Liability   28:                    The recovery of damages for negligence, negligent misrepresentation, breach of the duty to warn and breach of contract are limited to losses reasonably foreseeable to the parties and not considered “remote.”

Product Liability   29:                    Damages for personal injury and property damage are intended to be compensatory. General damages for pain and suffering are presently capped at just under $300,000.

Product Liability   30:                    Canadian law is unsettled as to the extent to which pure economic loss arising from a product defect may be recovered in a negligence action where such loss does not arise from personal injury or damage to property, other than the product itself, or from a risk of such injury or damage.

Product Liability   31:                    Economic losses are recoverable in claims respecting breach of contract, negligent misrepresentation and breach of the duty to warn.

Product Liability   32:                    Punitive damages are available in Canada in certain limited circumstances, though awards are very rare in product liability cases and are, in most cases, fairly modest when made.

Product Liability   33:                    Historically, Canadians have been less litigious than Americans and damage awards have been much lower

Product Liability   34:                    Jury trials are much less common than Judge alone trials.

Product Liability   35:                    Punitive damage awards have been infrequent and relatively low (generally less than $100,000).

Product Liability   36:                    Class action legislation in Canadian provinces has recently begun to change the Canadian litigation landscape, however, resulting in a number of multi-million dollar settlements in the product liability area.

Product Liability   37:                    The threshold for class certification is generally considered to be lower in Canada than the U.S. and product liability class actions for personal injury damages, medical monitoring costs and refunds have been certified despite vigorous opposition from defendants.

Product Liability   38:                    It remains to be seen whether the availability of class actions will result in more frequent jury trials, larger punitive damage awards or changes in substantive laws.

Product Liability   39:                    Outside of the class action context, there has been some recent support for higher punitive damage awards, though still in very limited circumstances.

Product Liability   40:                    A credit report is a product manufactured and sold to the financial industry by a credit bureau and used by the financial industry and the consumer (owner of the credit report) for reliance of towards credit worthiness.

Product Liability   41:                    A credit bureau’s credit report product is used to develop a history of a consumer, whether good or bad, true or false – and having both false and bad history gives that consumer a stigma of being “untrustworthy” which is a total libelous defamation of character that leads to unjust discrimination and in this case - slander.

Statutory Liability

Statuary Liability  1:                           Statutory law is written law (as opposed to oral or customary law) set down by a legislature or other governing authority such as the executive branch of government in response to a perceived need to clarify the functioning of government, improve civil order, answer a public need, to codify existing law, or for an individual or company to obtain special treatment. (Contrast common law.)

Statuary Liability  2:                           In addition to the statutes passed by the national or state legislature, lower authorities or municipalities may also promulgate administrative regulations or municipal ordinances that have the force of law — the process of creating these administrative decrees are generally classified as rule making.

Statuary Liability  3:                           While these enactments are subordinate to the law of the whole state or nation, they are nonetheless a part of the body of a jurisdiction's statutory law.

Statuary Liability  4:                           Private legislation that may originate as a private bill is a lesser known aspect of statutory law.

Statuary Liability  5:                           An example was divorce in Canada prior to the passage of the Divorce Act of 1968.

Statuary Liability  6:                           It was possible to obtain a legislative divorce in Canada by application to the Canadian Senate, which reviewed and investigated petitions for divorce, which would then be voted upon by the Senate and subsequently made into law.

Statuary Liability  7:                           In the United Kingdom Parliament, private bills were used in the nineteenth century to create corporations, grant monopolies and give individuals rights in excess of the public and common law.

Statuary Liability  8:                           Their use has become more limited in the twentieth century. In the United States private bills include grants of citizenship to individuals who are otherwise ineligible for normal immigration or visa processing; alleviation of tax liability; military decorations; and for special veterans benefits.

Statuary Liability  9:                           In the United Kingdom, individuals may present private bills through the assistance of a parliamentary agent.

Statuary Liability  10:                        These are firms knowledgeable about the process of drafting and presenting a private bill to the clerks and committees of the United Kingdom Parliament.

Statuary Liability  11:                        In Canada and the United States law firms and lobbyists generally act as intermediaries in the drafting of private bills with members of Parliament and Congress, respectively.

Statuary Liability  12:                        Private bills should also not be confused with the Private member's bill in the Westminster system of government.

Statuary Liability  13:                        Private member's bills are usually proposed by a member of the governing party for a public purpose such as the amendment of existing legislation or the proposal of entirely new legislation;

Statuary Liability  14:                        However, such bills are not presented by the prime minister or other senior members of the government but by backbenchers who present such legislation in the hope that popular support will cause their particular cause to gain sufficient attention to be more fully considered by the parliament.

Statuary Liability  15:                        The government may also seek to have a bill introduced unofficially by a backbencher so as not to create a public scandal; such bills may also be introduced by the loyal opposition — members of the opposition party or parties.

Statuary Liability  16:                        Sometimes a private member's bill may also have private bill aspects, in such case the proposed legislation is called a hybrid bill.

Liability for Disclosure of Customer Information                            By David T.S. Fraser

Identity theft, we are told, is one of the fastest growing crimes in North America, claiming hundreds of thousands of new victims every year. In 2003, approximately 900,000 Canadians and 10.1 million Americans were victims of identity theft.¹  TransUnion LLC, a consumer and commercial reporting company, reported a 500 percent increase in identity theft cases from 1999-2002.²  A recent report by Ipsos Reid, released in February 2005, reported that 2,700,000 Canadians have been victims of identity theft at some point in their lives.³

The crime of identity theft most often involves using the personal information of unsuspecting victims to obtain goods and services, including credit, in the names of those victims. Fraudsters obtain personal information using a number of means and, unfortunately, their ingenuity apparently knows no bounds. Identity theft is obviously a problem for its victims but it also presents significant legal risk to businesses. It is not entirely clear how big a risk this represents.

Every business in Canada that handles customer information is subject to the Personal Information Protection and Electronic Documents Act⁴  (“PIPEDA”) or its provincial equivalent in Alberta, British Columbia and Quebec. Among its many requirements, PIPEDA demands that every business implement safeguards to protect personal information against inappropriate use and disclosure. The form of safeguards depends upon the sensitivity of the information. If the misuse of the information could lead to fraud or identity theft, the safeguards must be appropriately robust.

But whether businesses have a legal obligation to notify customers if their information is compromised is still an open question. Health information custodians in Ontario have the benefit of an unequivocal, statutory obligation. Section 12(2) of the Personal Health Information Protection Act⁵ of Ontario reads:

(2) A health information custodian that has custody or control of personal health information about an individual shall notify the individual at the first reasonable opportunity if the information is stolen, lost, or accessed by unauthorized persons.

No other statute in Canada contains a similar obligation and it remains an open question whether the common law will impose an analogous duty. The theory under the common law that would impose this duty supposes that any compromise of personal information places an individual at increased risk of crimes such as identity theft. A failure to notify by a custodian of information means that the individual is not given the opportunity to take steps to mitigate that risk or to at least detect illegal use at the earliest opportunity, independent of whether identity theft actually ensues.

Ordinarily, liability in negligence requires that the plaintiff establish actual harm that is causally connected with the defendant’s failure to live up to an established standard of care. The harm also must be foreseeable. Whether an increased risk of identity theft is enough of an “injury” to be the foundation of a negligence claim is an open question that will likely be addressed by the Ontario courts shortly. A class action lawsuit against the Canadian Imperial Bank of Commerce stemming from the high profile misdirected faxes incidents will require such a determination. The plaintiffs in that case claim that the bank involved should have to pay compensation to all the affected individuals for the increased risk of identity theft, plus the actual cost of more vigilant credit monitoring.⁶  There has been no evidence of any actual fraud related to the accidental disclosure of personal information in the CIBC case.

The CIBC case relates to inappropriate safeguards and accidental disclosure without any demonstrable harm, but it will not be long before individuals whose identities are actually stolen or whose information is used illegally to their detriment will seek compensation from the companies that did not safeguard the information appropriately. PIPEDA explicitly gives affected individuals a right to seek compensation in the Federal Court of Canada, including compensation for any humiliation the complainant might have suffered. This statutory compensation regime has yet to be tried in the courts, so it is unclear whether a negligence standard will be applied and how generous the Federal Court will be.

Canadian businesses with American customers may find that they in fact do have a statutory obligation to notify those customers of security lapses. Many states in the United States have followed California’s lead by making such notifications mandatory. California’s Civil Code includes the following provision:⁷

1798.29.(a) Any agency that owns or licenses computerized data that includes personal information shall disclose any breach of the security of the system following discovery or notification of the breach in the security of the data to any resident of California whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person. The disclosure shall be made in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement, as provided in subdivision (c), or any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.

(e)   For purposes of this section, "personal information" means an individual's first name or first initial and last name in combination with any one or more of the following data elements, when either the name or the data elements are not encrypted:

(1)  Social security number.
(2)  Driver's license number or California Identification Card number.
(3)  Account number, credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual's financial account.

(f)   For purposes of this section, "personal information" does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records.

Interestingly, the California statute is much more qualified than the analogous provision in the Personal Health Information Protection Act (Ontario). Under PHIPA, the definition of “personal health information” is very broad and any breach related to such information must be reported. Under the California model, there is an assumption that certain personal information presents a level of risk to the individual that merits notification. The types of information enumerated in the California law strongly suggests that the mischief to be addressed is financial fraud: an individual’s name in combination with other information of the sort enumerated may be used to obtain credit and other services in the name of the individual.

As mentioned above, the California notification law has been followed by a large number of other states.⁸  It must be noted that not all states have followed California’s lead in defining what constitutes “personal information”, the compromise of which must result in notification to the affected individual. For example, North Dakota’s law⁹ defines “personal information” in the following way:

2. a. "Personal information" means an individual's first name or first initial and last name in combination with any of the following data elements, when the name and the data elements are not encrypted:

(1)  The individual's social security number;
(2)  The operator's license number assigned to an individual by the department of transportation under section 39-06-14;
(3)  A nondriver color photo identification card number assigned to the individual by the department of transportation under section 39-06-03.1;
(4)  The individual's financial institution account number, credit card number, or debit card number in combination with any required security code, access code or password that would permit access to an individual's financial accounts;
(5)  The individual's date of birth;
(6)  The maiden name of the individual's mother;
(7)  An identification number assigned to the individual by the individual's employer; or
(8)  The individual's digitized or other electronic signature.

b. "Personal information" does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records.

None of these laws are explicit that they are meant to be applied extraterritorially, but it is implicit from the language used: they apply to custodians of information about residents of the particular states, with no limitation related to the location of the custodian. Under the “real and substantial connection” test applied by the Canadian courts in conflicts of laws matters, there is likely sufficient nexus for a claim under those state laws to be made enforceable in Canada. Many Canadian businesses have customers in the United States, particularly those businesses that operate online. Any security breach involving customer information, no matter how minor, must be scrutinized in light of obligations that the business may have outside of Canada.

While the focus of this article has been on legal liability, no business can ignore the reputational damage that may accrue as a result of a breach. The CIBC faxing case was front page news in the national media for a number of days and required a concerted public relations effort on the part of the bank to mitigate the reputational harm. The highest profile case in recent history happened in the United States, but offers some guidance on what can occur. In February of 2005, the giant American data broker ChoicePoint began to notify 30,000 Californians that their personal information may have been compromised when the company allowed Nigerian fraudsters masquerading as a collection agency to set up accounts on their system. The initial message was that the incident only affected Californians.¹⁰  Before long, it became apparent that the breach involved over a hundred thousand Americans, but the company only notified Californians because of the legal obligation to do so. In the wake of the incident, the company’s share value plunged, its executives were called before the U.S. Congress, it was sued by many of its shareholders, the Federal Trade Commission fined it ten million dollars (US) and the company name has become synonymous with misuse of customer information.

The ChoicePoint fiasco also became the impetus for many states to follow California’s lead in imposing a duty to notify.  It has also spurred discussion in Canada about whether such an obligation should be included in provincial or federal laws. In both Manitoba¹¹  and Ontario,¹²  private members’ bills have been introduced in the provincial legislatures to make breach notification mandatory. While neither bill has passed, it is likely that the topic will be under scrutiny when PIPEDA undergoes its mandatory five-year review before the federal Parliament in 2006.

So what does all this mean to businesses and the lawyers that advise them? Any business in possession of personal information that would be useful to commit identity theft or the disclosure of which might be embarrassing to the individual has a clear obligation to protect that information against all risks. This obligation is already set out in the federal and provincial personal information protection laws and the common law will likely also impose a duty of care where the risk of identity theft is foreseeable. But if those safeguards are insufficient or are circumvented, business must be prepared to carefully consider whether the affected consumers should be notified. Notification may be in the best interests of their customers and may also be the best thing for the business’ reputation in the long-run.

* David T.S. Fraser is the chairman of the Privacy Practice Group at McInnes Cooper, Atlantic Canada’s largest single law partnership. He can be reached at david.fraser@mcinnescooper.com or at (902) 424-1347.

¹  Consumer Measures Committee, “Working Together to Prevent Identity Theft: A Discussion Paper for Public Consultation” (15 June 2005).
²  “Public Advisory: Special Report for Consumers on IDENTITY THEFT”, Public Safety and Emergency Preparedness Canada. Online at http://sgc.gc.ca/publications/policing/Identity_Theft_Consumers_e.asp.
³  “Privacy Commissioner’s Message; Five Key Steps to Reduce the Risk of Identity Theft”, Office of the Privacy Commissioner of Canada. Online at http://www.privcom.gc.ca/aboutus/message_02_e.asp.
⁴  S.C. 2000, c. 5.
⁵  S.O. 2004, c. 3, Sch. A (“PHIPA”).
⁶  The statement of claim in this action, Docket 05-CV-283484CP, is online at http://www.cacounsel.com/CIBC%20Class%20Action%20Claim.pdf.
⁷  Information Practices Act of 1977, California Civil Code §1798.29(a) et seq.
⁸  The State Public Interest Research Groups has a useful and regularly updated list of pending and enacted laws related to credit freezes and notifications online at http://www.pirg.org/consumer/credit/statelaws.htm.
⁹  North Dakota Century Code § 51-30-01 et seq.
¹⁰  Database giant gives access to fake firms - Security - MSNBC.com; online at http://www.msnbc.msn.com/id/6969799/.
¹¹  The Personal Information Protection and Identity Theft Prevention Act, Bill 204. (Manitoba, 38th Legislature, 4th Session).
¹²  An Act to Amend the Consumer Reporting Act, Bill 174. (Ontario, 38th Parliament). First reading was on March 3, 2005 and the bill was sent to the Standing Committee on Finance and Economic Affairs. Online at http://www.ontla.on.ca/documents/Bills/38_Parliament/Session1/b174_e.htm.