Case note: privacy damages for campaign against former employee

In Hammond v Credit Union Baywide [2015] NZHRRT 6 the New Zealand Human Rights Review Tribunal awarded the plaintiff damages of $98,000 for humiliation, loss of dignity and injury to feelings she suffered as a result of a breach of privacy by her former employer, NZCU Baywide. The employer emailed a picture of a cake with written obscenities referring to NZCU Baywide taken from the employee’s Facebook page to local employment agencies together with a warning against employing her.

The Tribunal also awarded damages of $38,350 for loss of income, $15,543 for legal expenses and $16,177 for the loss of a salary benefit Ms Hammond might have expected to obtain, but for the interference to her privacy.

Facts
NZCU Baywide gained access to the Facebook page to copy a picture of the cake which was taken at a private dinner party. That screenshot was then distributed to multiple employment agencies in the Hawke’s Bay area by email which, along with contemporaneous phone calls from NZCU Baywide, warned against employing Ms Hammond. At the same time an internal email was sent by the Chief Executive Officer of NZCU Baywide to staff disclosing information about the circumstances in which Ms Hammond had earlier resigned from NZCU Baywide. NZCU Baywide also placed severe pressure on her new employer to terminate her (Ms Hammond’s) employment.

The campaign against Ms Hammond made her new position untenable, forcing her to resign because of the threat by NZCU Baywide to boycott her new employer. She was unemployed for 10 months and was not able to find employment in her preferred field of finance. Her close relationships were severely affected and the stress caused significant harm to her family. The Tribunal noted that she and her partner had struggled financially and emotionally.

The Tribunal concluded:

“The context shows that against a background of hostility to Ms Hammond, the making and photographing of the cake led to a sustained campaign by NZCU Baywide to inflict on Ms Hammond as much harm and humiliation as possible by ensuring she could not be employed in the Hawke’s Bay area (if not further afield) and to secure her dismissal by her current employer. In these circumstances significant if not severe humiliation, loss of dignity and injury to feelings followed. Causation could hardly be said to be in doubt.”

Aren’t social media posts public?
The privacy setting on Ms Hammond’s Facebook page meant only those accepted by her as “friends” had access to the photograph. The employer’s HR Manager pressured another employee who was a “friend” in order to get access to copy the picture.

Compensation and penalties in Australia
In Australia the OAIC can award compensation for a breach of privacy.

The OAIC’s Guide to privacy regulatory action states that “The Commissioner can also award aggravated damages in addition to general damages where he or she is of the view it is warranted. The principles for awarding aggravated damages, drawn from Federal Court decisions, include:
• aggravated damages may be awarded where the respondent behaved ‘high-handedly, maliciously, insultingly or oppressively in committing the act’ complained about
• the ‘manner in which a defendant conducts his or her case may exacerbate the hurt and injury suffered by the plaintiff so as to warrant the award of additional compensation in the form of aggravated damages’.”

Recent Australian penalties for non-economic loss include $18,000 (in TDK and Telstra) and $8500 (in BO and AeroCare).

The Commissioner can also seek a civil penalty (payable to the Commonwealth). The maximum penalty for a serious or repeated interference with privacy (in addition to penalties for offences) is 2000 penalty units ($360,000).

 

Your Compliance Support Plan

We understand you need a cost-effective way to keep up to date with regulatory changes. Talk to us about our fixed price plans.