Toronto Port Authority worker misuses personal data for political fundraiser
A Member of Parliament complained that an employee of the Toronto Port Authority used the organization's e-mail database to invite individuals to a political fundraising event. The investigation found that an employee sent an email using personal and business addresses obtained from business cards, soliciting donations. Although recipient addresses were in the BCC field, the employee's signature block indicated they worked for the Authority, implying institutional sanction.
- Use of institutional database for personal fundraising activities
- Collection and use of personal information for non-business purposes
- Impression of institutional sanction for personal activities
Complaint well-founded; corrective measures taken
The investigation concluded the complaint was well-founded because a port authority employee used personal information, obtained from business cards collected by the institution, for personal fundraising activities without the institution's knowledge or authorization. The Authority took corrective measures, including reminding employees of their responsibilities and pledging training, which satisfied the OPC.
AI-generated summary for reference only. Always verify against the official decision ↗
The Toronto Port Authority was reminded of employee responsibilities regarding information use and pledged to provide training on the Privacy Act.
- Privacy Act
This summary is for informational purposes only and does not constitute legal advice.