RNC employee fined for snooping, conviction 1st under new N.L. privacy law

A civilian employee of the Royal Newfoundland Constabulary has been convicted of snooping in three files that she didn't have the right to see, the first-ever conviction under the province's Access to Information and Protection of Privacy Act.

"I believe justice has been served today and that the court has recognized the seriousness of these offences," said Newfoundland and Labrador Privacy Commissioner Donovan Molloy in a press release issued Friday afternoon.

Annette Kennedy, 46, pleaded guilty Friday to three offences under the 2015 legislation, known as ATIPPA, with the court imposing a total fine of $1,000.

According to Molloy, this is only the third conviction under a public sector privacy statute in Canada.

There have been other convictions under other statutes such as the Personal Health Information Act. For example, in 2014 a nurse was convicted and fined for illegally accessing patient records at Eastern Health.

A message to others

In Kennedy's case, someone made a complaint to the RNC after suspecting their personal information had been inappropriately accessed in September and October of 2016.

An investigation found the personal information of that person and of two others had been looked at by Kennedy through a database she had access to as part of her job with the RNC.

Commissioner Molloy said because citizens are required to provide personal information to public bodies in order to receive certain services and benefits, their privacy must be ensured.

"They place a high degree of trust in public bodies and their employees to protect their personal information from unauthorized use and disclosure," he said.

"Prosecutions serve to reiterate the message that there can be extremely serious consequences to those who breach this trust."

Molloy reassured people in the province that he "will hold any individual or organization accountable in circumstances such as these."