In the recent decision of Bennett v. Lenovo (“Bennett”), in the Defendant Lenovo’s motion to strike the proposed class action in its entirety, the Ontario Superior Court of Justice declined to strike three of the four causes of action relating to manufacturer installed software loaded onto laptop computers. The Court’s decision demonstrates the difficulty that can arise in pleading motions as the law concerning privacy matters associated with consumer technology products continues to grow and change.
The Plaintiff, a Newfoundland-based lawyer, purchased a Lenovo laptop from an online vendor. After receiving the laptop, he subsequently noticed the Virtual Discovery adware program that was pre-loaded onto the laptop.
The mere presence of complimentary software may not seem problematic, but the Plaintiff alleged that the basic functionality of the adware program created a host of security issues for both the representative Plaintiff in his personal capacity, as well as for his clients. These issues included interference with, and monitoring of, the user’s internet traffic in such a manner that it created a vulnerability that allowed for the collection of confidential information and potential access to the information by hackers.
The Plaintiff also claimed that the adware program affected the functionality of the laptop itself, causing issues such as decreased battery longevity and poor performance.
The Defendants brought a motion under Rule 21.01(1)(b) to strike the entirety of the Plaintiff’s claims prior to certification. The Plaintiff asserted: (1) breach of contract; (2) a breach of the implied condition of merchantability; (3) intrusion upon seclusion; and, (4) breach of provincial privacy laws.
Breach of Contract
The Plaintiff’s breach of contract allegation was based upon an alleged breach of an implied term in the laptop sales agreements that the devices would be free of any defects and would be free of any pre-installed software that would expose class members to security risks. Although Justice Belobaba was sympathetic to the Plaintiff’s expectations, he concluded that this claim must be struck. The alleged implied term was inconsistent with the sales agreement which indicated that the installed software was sold “without warranties or conditions of any kind”.
The Defendants were unsuccessful on the remaining grounds.
Implied Condition of Merchantability
With respect to the implied condition of merchantability, Justice Belobaba found that the claim has some chance of success, given the unsettled nature of technology and the law in this area:
It is enough for me to find that it is not at all plain and obvious under Canadian law that a laptop that cannot be used on-line because of a hidden defect that has compromised the user’s privacy, and can only be used off-line for word processing, is nonetheless merchantable.
Further, it is not plain and obvious that a reasonable computer user today would ever agree to purchase and use an affected laptop, knowing about the security risks created by the VD adware program, without insisting on a substantial reduction in the purchase price.
Intrusion Upon Seclusion
The Plaintiff’s third cause of action was the tort of intrusion upon seclusion, which was only formally recognized in Ontario law in 2012. Justice Belobaba reasoned that the developing state of the tort made it difficult to state that the claim had no chance of success:
The intrusion upon seclusion tort is just evolving. Its scope and content have not yet been fully determined. I am therefore not persuaded that it is plain and obvious and beyond doubt that, on the facts as pleaded, this particular privacy claim has no chance of success and is doomed to fail.
Provincial Privacy Laws
Much like his conclusion on the tort of intrusion upon seclusion, Justice Belobaba described the applicable provincial privacy laws as “evolving” in nature, again making it difficult to find no chance of success:
The scope and content of the provincial privacy laws in question is still evolving, In Jones v Tsige, the Court of Appeal noted that “no provincial legislation provides a precise definition of what constitutes an invasion of privacy.” It is therefore not plain and obvious that the secret installation of a “malware” program “designed …to invade the privacy of and cause harm to the class members” is not actionable as a privacy violation under the four provincial statutes.
The continued advancements in law and technology can pose issues for defendants where the law is unsettled due to the continued evolution of both the technology itself and the applicable legal principles. Courts may find it difficult to dismiss claims that arise from developing areas that are difficult to assess as not being plainly and obviously actionable. However, Bennett also shows that Courts remain prepared to enforce electronic contracts of adhesion, even where the result is less than favourable to consumers. The unsettled nature of the law in this area can make it difficult for defendants to strike claims in their entirety in pre-certification motions.