PIPEDA Case Summary #2015-010: Customer’s emails sent to her acquaintance following a telecom employee’s attempt to fix a problem with the customer’s email service
An individual complained that her telecommunications provider disclosed her personal information without consent when a technical support representative remotely accessed her computer to fix an email issue. The representative inadvertently set up an automatic email forwarding to an acquaintance's address, causing personal emails, including a temporary password, to be sent to the wrong recipient. While the provider implemented corrective measures, the OPC noted the provider initially misrepresented steps taken to address the issue.
- Disclosure of personal information without consent
- Accuracy of representations made to the OPC
- Adequacy of internal procedures and training
Complaint well-founded and resolved
The investigation found that personal information was disclosed without consent due to a representative's actions, constituting a contravention. The complaint was resolved as the provider took corrective measures, although the OPC was concerned about initial misrepresentations.
AI-generated summary for reference only. Always verify against the official decision ↗
The telecommunications provider was encouraged to ensure its representations to the OPC are accurate and complete in the future.
- Principle 4.3 PIPEDA
This summary is informational only and not legal advice.