In the age of the Internet of Things, we are all susceptible to countless privacy violations. Society’s prevalent use of interconnected devices enables companies to collect and manipulate users’ personal data for their own monetary benefits. While the law grapples with how best to protect users from such privacy risks, another significant danger has emerged: by besting the often-weak security measures employed by companies that create interconnected devices, hackers can compromise the integrity of these electronics by remotely accessing them. This allows hackers to gain unauthorized access to the personal data of users and potentially hold their devices for ransom.

Smart devices are constantly evolving, and the risk that their users’ personal information will be misused is increasing. However, Ontario law has been slow to acknowledge the possibility for individuals to obtain damages for breaches of their privacy. To date, Ontario courts have only recognized two invasion of privacy torts: the Intrusion Upon Seclusion and the Public Disclosure of Private Facts, both of which are very limited in scope.

The aim of this paper is to examine whether these torts are sufficiently broad to address the privacy breaches that have become commonplace in our digital world. After outlining the privacy violations to which users of the Internet of Things are exposed, this paper will examine the potential of applying the Intrusion and Public Disclosure torts to such practices in an attempt to determine if users might be successful in obtaining monetary redress for such violations in a manner that the privacy legislation has been unable to achieve. This paper will then analyze whether or not these same torts might be used to impose liability on the companies responsible for personal information or devices that were breached by hackers. Finally, suggestions for how Ontario privacy law should evolve to better address our technologically enhanced reality will be explored.