The privacy of the consultation room is one of the assumptions a patient makes when seeking medical care. People undress, disclose intimate information, and trust that what happens in an examination or treatment room stays there. Several overlapping doctrines protect that expectation: the physician’s duty of care, the fiduciary obligation of loyalty, the statutory rules governing personal health information, and the privacy tort of intrusion upon seclusion. A recent class action brought all four together in a single set of facts.
J.C. v Jugenburg, a decision of the Ontario Superior Court of Justice released on May 26, 2026, arises from a plastic surgeon who installed 24 surveillance cameras throughout his private cosmetic surgery clinic, including consultation rooms, treatment rooms, and the operating room, and recorded patients without telling them. The court found the conduct negligent, a breach of fiduciary duty, and the tort of intrusion upon seclusion. It awarded $21.5 million in aggregate damages to a class of roughly 7,000 patients, together with $1 million in punitive damages.
The decision is significant for several reasons. It holds that the act of creating a recording, even one never watched or shared, can constitute intrusion upon seclusion. It confirms that a mistake of law is no defence to that tort. It holds that a physician’s fiduciary duty can be breached by self-interested conduct framed as a mistake. And it illustrates how aggregate damages operate in a privacy class action where the tort requires no proof of harm.
The legal framework: intrusion upon seclusion, fiduciary duty, and patient privacy
Four bodies of law bear on the case. The first is negligence. A physician owes a duty of care to patients in collecting and handling their information, and the standard is one of reasonableness, judged on the knowledge that ought to have been possessed at the time, not perfection or hindsight. The second is fiduciary duty. The physician-patient relationship is fiduciary in nature, which obliges the physician to put the patient’s interests ahead of their own. The third is the statutory regime governing personal health information under the Personal Health Information Protection Act, 2004 (PHIPA) and the policies of the College of Physicians and Surgeons of Ontario (CPSO), which require consent for the collection, use, and disclosure of personal health information.
The fourth, and the one that did most of the work in this case, is the privacy tort of intrusion upon seclusion. Recognized in Jones v Tsige, the tort has three elements: the defendant must have invaded the plaintiff’s private affairs without lawful excuse; the conduct must have been intentional or reckless; and a reasonable person must regard the invasion as highly offensive, causing distress, humiliation, or anguish. Unlike negligence and breach of fiduciary duty, intrusion upon seclusion does not require proof that the plaintiff suffered harm. That feature is what allowed the court to assess damages on a class-wide basis.
The setting: a private cosmetic surgery clinic
The defendant, Dr Martin Jugenburg, who markets himself online as “Dr 6ix,” operates the Toronto Cosmetic Surgery Institute on two floors of a downtown Toronto hotel. The clinic is private and operates outside the public health care system; patients pay directly, sometimes in cash, and the procedures, ranging from breast augmentations and liposuction to tummy tucks and facial surgery, run to the tens of thousands of dollars. The clinic is also heavily marketed on social media, with the surgeon front and centre in daily posts that include before-and-after photographs and, in some cases, video of operations.
Between January 1, 2017 and December 13, 2018, the period the court called the Class Period, the clinic operated 24 surveillance cameras placed in reception and waiting areas, hallways, staff rooms, consultation and injection rooms, the operating room, and the post-operative recovery area. Several of the cameras recorded audio as well as video. Footage streamed to two digital video recorders that the surgeon could access remotely through an application on his personal phone and tablet. The footage was not stored in patients’ medical records, and when the recorders reached capacity, older footage was overwritten.
The facts
Patients were not told about the cameras. The only signage was a small notice in an elevator lobby outside the clinic, which most patients did not see and which on its face referred only to the lobby, and an obscured sign on a shelf in the operating room that, on the evidence, no one ever noticed. Most patients, and several staff members and a visiting surgeon, were unaware that cameras were recording in the treatment and consultation rooms. There was no mention of the cameras in any of the materials sent to patients, and the consent forms, including the social media consent forms, did not refer to them.
The system came to public attention in December 2018, when a CBC investigation aired. The CPSO disabled the system and seized the recorders that week, and the Information and Privacy Commissioner of Ontario (IPC) later found that the clinic’s blanket use of the cameras contravened PHIPA. Several days after the broadcast, the surgeon sent patients an email he described as an apology. The class action was certified in 2021 on behalf of all patients who attended the clinic during the Class Period, a class of roughly 7,000 people, and the common issues were tried over several weeks in late 2025.
At trial, twelve class members testified for the plaintiffs, describing feeling violated, humiliated, and betrayed on learning they had been recorded, and in several cases a continuing reluctance to seek medical care. The plaintiffs also called two hospital administrators, who confirmed that hospitals do not place cameras in patient rooms, examination rooms, or operating rooms except for narrow, care-related reasons, and two experts. The defendants called several patients who said they had seen the cameras or were untroubled by them, the surgeon himself, who testified for almost five days, two former employees, and statistical and forensic witnesses.
The common issues
The certified common issues fell into four groups: negligence (duty of care, standard of care, and breach), vicarious liability, breach of trust and breach of fiduciary duty, and intrusion upon seclusion, followed by two damages issues (whether aggregate damages could be awarded, and whether the conduct warranted punitive, exemplary, or aggravated damages). Causation and individual damage were not certified as common issues; for the torts that require proof of harm, those questions must be established on an individual basis.
The defendants conceded several points: that they owed a duty of care, that they breached some standard of care, that they were vicariously liable for the conduct of the corporation and its employees, and that the physician-patient relationship gave rise to a fiduciary duty. They contested the content of the standard of care, whether the fiduciary duty was breached, whether there was a trust, whether the tort of intrusion upon seclusion was made out, and whether aggregate and punitive damages should be awarded.
The court’s analysis on negligence and the standard of care
With the duty of care conceded, the live question was what the standard required. The plaintiffs argued for a near-categorical rule: a physician should not operate surveillance cameras anywhere a patient has a reasonable expectation of privacy, including consultation and treatment rooms, pre- and post-operative areas, and the operating room. The defendants proposed something narrower, namely adequate signage, secure and time-limited storage with restricted access, and, for cameras in treatment spaces, express consent with an opportunity to opt out. The narrower framing has a logic to it, treating the problem as one of notice and consent rather than a flat prohibition.
The court preferred the plaintiffs’ position. Relying on the uncontradicted evidence of a plastic surgeon, Dr Bendor-Samuel, and on the evidence of the hospital administrators, the court held that the standard of care is not to place cameras in locations in a private health clinic where patients receive care or consult their physician, unless the cameras serve a genuine medical purpose, such as a need to observe a patient or to assist in treatment and quality of care, and the patient has expressly consented. The court applied a standard of reasonableness rather than perfection, and noted that the recognized exceptions, such as cameras in a CT suite or the consented use of an operating-room recording system to study patient safety, are narrow and tied directly to patient care. None applied here, and the defendants accepted that, on the plaintiffs’ standard, they had breached it.
Two points are worth keeping in view. The standard of care was found on this evidence, in the context of a private cosmetic surgery clinic, and the carve-out for cameras with a genuine medical purpose and express consent remains intact. And because causation and damage were not common issues, the negligence claim was not perfected at trial; those questions remain for individual determination.
The court’s analysis on fiduciary duty and breach of trust
That the doctor-patient relationship is fiduciary was not in dispute. The contested question was whether installing the cameras breached that duty. The defendants argued, with support in the case law, that not every lapse by a physician is a fiduciary breach, and that a genuine mistake does not amount to the disloyalty or betrayal the doctrine requires. The court held that this set the bar too high. A physician’s mistake, it reasoned, can itself be driven by self-interest and a disregard for the patient’s interests. On the findings, the cameras were installed to protect the surgeon’s own interests and for no other reason, and that preference of self-interest over the interests of vulnerable patients was enough to constitute a breach of fiduciary duty. The duty also extended to storing and securing the footage as personal health information, which had not been done.
The breach of trust claim, by contrast, failed. PHIPA does not create a trust over personal health information; it sets rules for collection, use, and disclosure, but says nothing of trusts. Nor had the plaintiffs established a common law trust, which requires the three certainties of subject matter, object, and intention. Certainty of intention was missing: there was no evidence that the surgeon intended to hold the recordings for his patients’ benefit, and the fiduciary obligation to keep the footage confidential did not, on its own, create a trust. This part of the decision is a useful reminder that fiduciary, statutory, and trust obligations are distinct, and that pleading all three does not guarantee that each will hold. As with negligence, damages for breach of fiduciary duty require proof of harm and were left for individual determination.
The court’s analysis on intrusion upon seclusion
The most significant findings concern intrusion upon seclusion. The defendants mounted a serious defence on each element of the tort. They pointed out that the cameras were not concealed, that there was no evidence of voyeurism or of the footage being shared, and that no case had imposed liability for the mere collection of information that was never accessed. They argued that, within the clinic, patient information was already shared among staff, so the consultation and examination rooms were a shared zone of privacy in which the expectation of privacy was diminished. These are not frivolous points; they track the deliberately narrow framing of the tort.
The conduct requirement. The court held that patients had a reasonable expectation of privacy in rooms where they disrobed and discussed intimate concerns with their physician. Drawing on the Supreme Court’s reasoning in R v Jarvis and R v Campbell, the court emphasized that recording is qualitatively different from mere observation: a recording can be stored, replayed, edited, and shared, and the act of creating it is itself the intrusion, whether or not anyone later watches it. That the cameras were visible, but not obvious, did not assist the defendants, because surreptitiousness is only one consideration among many. The circle of care argument failed because the footage served no medical purpose and was collected without consent.
The state of mind requirement. The surgeon advanced what amounted to a mistake-of-law argument: he said he equated his confidentiality obligations with his privacy obligations and did not realize he was acting unlawfully. The court held that mistake of law is no defence to an intentional tort. Borrowing the principle that ignorance of the law is no excuse, and citing the Supreme Court’s recent recognition of the intentional tort of family violence in Ahluwalia v Ahluwalia, the court held that what matters is whether the defendant intended the conduct that constituted the intrusion, not whether he understood its legal character. It declined to import any requirement of nefarious intent, a phrase it found unhelpful and absent from the controlling authorities, and distinguished Owsianik v Equifax, where a third-party hacker, rather than the defendant, committed the intrusion. Here the surgeon himself installed and operated the system.
The state of mind analysis was reinforced by a stark credibility finding. After almost five days of testimony, the court found the surgeon’s evidence neither credible nor reliable. His rationales for the cameras shifted, his website continued to claim hospital privileges he no longer held, and the December 2018 message he described as an apology contained statements the court found false, including that the cameras were always visible with signage posted, that the footage was stored on a highly secure system, and that privacy legislation had recently changed. The court concluded that he knew exactly what he was doing.
The consequence requirement. Applying an objective standard, the court held that the invasion would be regarded by a reasonable person as highly offensive. The fact that some patients said the cameras made them feel safer did not control the analysis; as the plaintiffs put it, a class action is not a popularity contest, and those witnesses, several of whom were unusually attentive to cameras, conceded on cross-examination that recording in places where people undress is inappropriate. Health records sit squarely within the category of information recognized as capable of being highly offensive to intrude upon, and recording patients in their most vulnerable moments, without consent and for no medical reason, met that threshold. The argument that the breach was ephemeral, because most of the footage was deleted and little of it was watched, missed the point: it is the creation of the recording that is the intrusion.
The damages assessment
The structural point about damages is the one most worth carrying forward. Because intrusion upon seclusion does not require proof of harm, the court could assess damages for that tort on an aggregate, class-wide basis under section 24(1) of the Class Proceedings Act, 1992. Negligence and breach of fiduciary duty, which do require proof of harm, could not be resolved in the aggregate and were left for individual determination. Intrusion upon seclusion therefore carried the award.
Following Jones v Tsige, the court treated these as symbolic or moral damages that should be modest but sufficient to mark the wrong. It fixed $5,000 for each patient who attended a surgical appointment and $500 for each patient who attended only for non-surgical injectables, declining to distinguish among patients by the number of visits. Rounded across the class, that produced an aggregate award of $21.5 million. The headline figure is therefore a product of class size rather than large individual awards, a point worth remembering when valuing an individual privacy claim with no proven harm. In reaching the figure the court drew on the British Columbia Court of Appeal’s decision in Insurance Corporation of British Columbia v Ari, which upheld aggregate privacy damages without proof of consequential harm. That decision is persuasive in Ontario rather than binding, but it aligns with the reasoning in Jones.
The court added $1 million in punitive damages, applying the test from Whiten v Pilot Insurance Co. It found the conduct reprehensible: the surgeon abused a position of trust, profited from vulnerable patients, recorded them in private spaces for his own benefit, and showed no genuine remorse. Aggravated damages were declined, on the basis that they relate to proven mental distress that individual class members can pursue separately.
The doctrinal anchors
Several doctrinal anchors emerge from the case.
The tort of intrusion upon seclusion. Jones v Tsige, 2012 ONCA 32, established the tort and its three-part test, restated in Owsianik v Equifax, 2022 ONCA 813. Proof of harm is not required, which is what permits an aggregate award.
Recording is itself the intrusion. R v Jarvis, 2019 SCC 10, and R v Campbell, 2024 SCC 42, establish that a recording is qualitatively different from mere observation. The act of creating the recording is the intrusion, whether or not the footage is later viewed or disclosed, and the fact that cameras are not concealed is only one factor in the analysis.
Mistake of law is no defence to an intentional tort. Consistent with Ahluwalia v Ahluwalia, 2026 SCC 16, what must be shown is the intention to engage in the impugned conduct, not knowledge that the conduct was unlawful. There is no requirement of nefarious intent.
The physician-patient relationship is fiduciary per se. Norberg v Wynrib, [1992] 2 SCR 226, confirms that the relationship gives rise to fiduciary obligations. A breach can be established by self-interested conduct that prefers the physician’s interests over the patient’s, even where the conduct is framed as a mistake and even absent predatory or exploitative intent.
PHIPA informs but does not create a cause of action or a trust. A breach of PHIPA does not, on its own, ground a civil claim, and the Act does not impose a trust over personal health information. PHIPA does, however, inform the duty of care and the standard expected of physicians handling patient information.
Aggregate damages in a privacy class action. Section 24(1) of the Class Proceedings Act, 1992 permits aggregate damages where liability can be determined without proof by individual class members. That is possible for intrusion upon seclusion, which requires no proof of harm, and Insurance Corporation of British Columbia v Ari, 2025 BCCA 131, supports such an award in the privacy context, though as a British Columbia authority it is persuasive only.
Punitive damages. Whiten v Pilot Insurance Co, 2002 SCC 18, confirms that punitive damages are reserved for conduct that is malicious, oppressive, and high-handed, and that their purpose is to punish rather than to compensate.
Why this case matters
For patients. The decision affirms that the privacy of the examination room is legally protected, and that a physician who records patients without consent and for no medical purpose can be held liable even where the recordings were never watched or shared.
Some practical observations:
Intrusion upon seclusion is the most potent tool in a privacy case. Liability does not depend on proof of harm, which is what allowed an aggregate award here. Mistake of law offers no shelter, and the act of recording alone can suffice.
The headline figure reflects class size, not large individual awards. The per-person amounts were modest ($5,000 and $500), consistent with the symbolic nature of these damages. An individual privacy claim with no proven harm should be valued accordingly. Class members who can establish actual harm may still pursue individual damages for negligence and breach of fiduciary duty.
The fiduciary holding may be tested on appeal. This is a first-instance decision of the Superior Court, binding at first instance but not at the appellate level. The holding that a self-interested mistake can amount to a fiduciary breach, and the rejection of a higher disloyalty threshold, are the kind of conclusions an appellate court may revisit, and an appeal would not be surprising. The process for individual damages claims and the question of costs remain to be addressed.
For more on how medical malpractice claims are evaluated in Ontario, see Suing for Medical Malpractice in Ontario: What You Need to Know.
For physicians and clinics. A few practical observations:
Surveillance in patient-care areas requires a genuine medical purpose and express consent. Cameras in consultation rooms, treatment rooms, and operating rooms are inappropriate unless they serve a care-related purpose and the patient has consented. Signage alone does not meet the standard.
Confidentiality and privacy are not the same obligation. Keeping information from third parties is not the same as respecting a patient’s control over whether and how they are recorded. Collecting private information for a non-medical purpose, even securely, can still be an intrusion.
Conduct after the event matters. Much of the damage to the defendant’s position came not from the cameras alone but from his shifting explanations, an inaccurate website, and a public message the court found false in several respects. In a case built on credibility, the response to the wrong can deepen the liability.
Decision Date: May 26, 2026
Jurisdiction: Ontario Superior Court of Justice
Citation: Coming soon.
Outcome: Liability established on the common issues. The defendants conceded that they owed patients a duty of care and breached it; the court held that the standard of care was not to operate cameras in clinic areas where patients receive care or consult their physician, absent a genuine medical purpose and the patient’s express consent. The defendants were found vicariously liable for the conduct of the corporation and its employees. The court held that the defendants breached their fiduciary duty by preferring their own interests, and rejected the argument that a genuine mistake could not amount to a fiduciary breach. The breach of trust claim was dismissed, because neither PHIPA nor the common law created a trust over the footage and certainty of intention was absent. The court found all three elements of intrusion upon seclusion established, holding that the act of recording was itself the intrusion, that mistake of law was no defence, and that the invasion would be highly offensive to a reasonable person. It awarded $21.5 million in aggregate damages for intrusion upon seclusion under section 24(1) of the Class Proceedings Act ($5,000 per patient who attended a surgical appointment and $500 per patient who attended only for injectables), together with $1 million in punitive damages. Aggravated damages were declined. Causation and damages for negligence and breach of fiduciary duty were not common issues and remain to be determined individually; the parties were directed to propose a process for those claims and to address costs.
Key authorities: Jones v Tsige, 2012 ONCA 32 (tort of intrusion upon seclusion; three-part test; proof of harm not required); Owsianik v Equifax Canada Inc, 2022 ONCA 813 (restatement of the test; intrusion by a third-party intruder distinguished); R v Jarvis, 2019 SCC 10 (reasonable expectation of privacy; recording distinct from observation); R v Campbell, 2024 SCC 42 (creating a recording differs from the underlying activity); Norberg v Wynrib, [1992] 2 SCR 226 (physician-patient relationship fiduciary per se); Ahluwalia v Ahluwalia, 2026 SCC 16 (intentional tort requires only intention to engage in the conduct); Whiten v Pilot Insurance Co, 2002 SCC 18 (punitive damages); Insurance Corporation of British Columbia v Ari, 2025 BCCA 131 (aggregate privacy damages without proof of harm; persuasive in Ontario); G.C. v Jugenburg, 2021 ONSC 3119 (certification); Personal Health Information Protection Act, 2004, SO 2004, c 3, Sched A; Class Proceedings Act, 1992, SO 1992, c 6, s 24(1).
J.C. v Jugenburg: Undisclosed Patient Surveillance and the Tort of Intrusion upon Seclusion
A cosmetic surgery clinic recorded patients in consultation rooms and the operating room without telling them. In J.C. v Jugenburg, 2026 ONSC 3061, the court awarded $21.5 million in aggregate damages and $1 million in punitive damages, and clarified how intrusion upon seclusion applies inside the doctor-patient relationship.
The privacy of the consultation room is one of the assumptions a patient makes when seeking medical care. People undress, disclose intimate information, and trust that what happens in an examination or treatment room stays there. Several overlapping doctrines protect that expectation: the physician’s duty of care, the fiduciary obligation of loyalty, the statutory rules governing personal health information, and the privacy tort of intrusion upon seclusion. A recent class action brought all four together in a single set of facts.
J.C. v Jugenburg, a decision of the Ontario Superior Court of Justice released on May 26, 2026, arises from a plastic surgeon who installed 24 surveillance cameras throughout his private cosmetic surgery clinic, including consultation rooms, treatment rooms, and the operating room, and recorded patients without telling them. The court found the conduct negligent, a breach of fiduciary duty, and the tort of intrusion upon seclusion. It awarded $21.5 million in aggregate damages to a class of roughly 7,000 patients, together with $1 million in punitive damages.
The decision is significant for several reasons. It holds that the act of creating a recording, even one never watched or shared, can constitute intrusion upon seclusion. It confirms that a mistake of law is no defence to that tort. It holds that a physician’s fiduciary duty can be breached by self-interested conduct framed as a mistake. And it illustrates how aggregate damages operate in a privacy class action where the tort requires no proof of harm.
The legal framework: intrusion upon seclusion, fiduciary duty, and patient privacy
Four bodies of law bear on the case. The first is negligence. A physician owes a duty of care to patients in collecting and handling their information, and the standard is one of reasonableness, judged on the knowledge that ought to have been possessed at the time, not perfection or hindsight. The second is fiduciary duty. The physician-patient relationship is fiduciary in nature, which obliges the physician to put the patient’s interests ahead of their own. The third is the statutory regime governing personal health information under the Personal Health Information Protection Act, 2004 (PHIPA) and the policies of the College of Physicians and Surgeons of Ontario (CPSO), which require consent for the collection, use, and disclosure of personal health information.
The fourth, and the one that did most of the work in this case, is the privacy tort of intrusion upon seclusion. Recognized in Jones v Tsige, the tort has three elements: the defendant must have invaded the plaintiff’s private affairs without lawful excuse; the conduct must have been intentional or reckless; and a reasonable person must regard the invasion as highly offensive, causing distress, humiliation, or anguish. Unlike negligence and breach of fiduciary duty, intrusion upon seclusion does not require proof that the plaintiff suffered harm. That feature is what allowed the court to assess damages on a class-wide basis.
The setting: a private cosmetic surgery clinic
The defendant, Dr Martin Jugenburg, who markets himself online as “Dr 6ix,” operates the Toronto Cosmetic Surgery Institute on two floors of a downtown Toronto hotel. The clinic is private and operates outside the public health care system; patients pay directly, sometimes in cash, and the procedures, ranging from breast augmentations and liposuction to tummy tucks and facial surgery, run to the tens of thousands of dollars. The clinic is also heavily marketed on social media, with the surgeon front and centre in daily posts that include before-and-after photographs and, in some cases, video of operations.
Between January 1, 2017 and December 13, 2018, the period the court called the Class Period, the clinic operated 24 surveillance cameras placed in reception and waiting areas, hallways, staff rooms, consultation and injection rooms, the operating room, and the post-operative recovery area. Several of the cameras recorded audio as well as video. Footage streamed to two digital video recorders that the surgeon could access remotely through an application on his personal phone and tablet. The footage was not stored in patients’ medical records, and when the recorders reached capacity, older footage was overwritten.
The facts
Patients were not told about the cameras. The only signage was a small notice in an elevator lobby outside the clinic, which most patients did not see and which on its face referred only to the lobby, and an obscured sign on a shelf in the operating room that, on the evidence, no one ever noticed. Most patients, and several staff members and a visiting surgeon, were unaware that cameras were recording in the treatment and consultation rooms. There was no mention of the cameras in any of the materials sent to patients, and the consent forms, including the social media consent forms, did not refer to them.
The system came to public attention in December 2018, when a CBC investigation aired. The CPSO disabled the system and seized the recorders that week, and the Information and Privacy Commissioner of Ontario (IPC) later found that the clinic’s blanket use of the cameras contravened PHIPA. Several days after the broadcast, the surgeon sent patients an email he described as an apology. The class action was certified in 2021 on behalf of all patients who attended the clinic during the Class Period, a class of roughly 7,000 people, and the common issues were tried over several weeks in late 2025.
At trial, twelve class members testified for the plaintiffs, describing feeling violated, humiliated, and betrayed on learning they had been recorded, and in several cases a continuing reluctance to seek medical care. The plaintiffs also called two hospital administrators, who confirmed that hospitals do not place cameras in patient rooms, examination rooms, or operating rooms except for narrow, care-related reasons, and two experts. The defendants called several patients who said they had seen the cameras or were untroubled by them, the surgeon himself, who testified for almost five days, two former employees, and statistical and forensic witnesses.
The common issues
The certified common issues fell into four groups: negligence (duty of care, standard of care, and breach), vicarious liability, breach of trust and breach of fiduciary duty, and intrusion upon seclusion, followed by two damages issues (whether aggregate damages could be awarded, and whether the conduct warranted punitive, exemplary, or aggravated damages). Causation and individual damage were not certified as common issues; for the torts that require proof of harm, those questions must be established on an individual basis.
The defendants conceded several points: that they owed a duty of care, that they breached some standard of care, that they were vicariously liable for the conduct of the corporation and its employees, and that the physician-patient relationship gave rise to a fiduciary duty. They contested the content of the standard of care, whether the fiduciary duty was breached, whether there was a trust, whether the tort of intrusion upon seclusion was made out, and whether aggregate and punitive damages should be awarded.
The court’s analysis on negligence and the standard of care
With the duty of care conceded, the live question was what the standard required. The plaintiffs argued for a near-categorical rule: a physician should not operate surveillance cameras anywhere a patient has a reasonable expectation of privacy, including consultation and treatment rooms, pre- and post-operative areas, and the operating room. The defendants proposed something narrower, namely adequate signage, secure and time-limited storage with restricted access, and, for cameras in treatment spaces, express consent with an opportunity to opt out. The narrower framing has a logic to it, treating the problem as one of notice and consent rather than a flat prohibition.
The court preferred the plaintiffs’ position. Relying on the uncontradicted evidence of a plastic surgeon, Dr Bendor-Samuel, and on the evidence of the hospital administrators, the court held that the standard of care is not to place cameras in locations in a private health clinic where patients receive care or consult their physician, unless the cameras serve a genuine medical purpose, such as a need to observe a patient or to assist in treatment and quality of care, and the patient has expressly consented. The court applied a standard of reasonableness rather than perfection, and noted that the recognized exceptions, such as cameras in a CT suite or the consented use of an operating-room recording system to study patient safety, are narrow and tied directly to patient care. None applied here, and the defendants accepted that, on the plaintiffs’ standard, they had breached it.
Two points are worth keeping in view. The standard of care was found on this evidence, in the context of a private cosmetic surgery clinic, and the carve-out for cameras with a genuine medical purpose and express consent remains intact. And because causation and damage were not common issues, the negligence claim was not perfected at trial; those questions remain for individual determination.
The court’s analysis on fiduciary duty and breach of trust
That the doctor-patient relationship is fiduciary was not in dispute. The contested question was whether installing the cameras breached that duty. The defendants argued, with support in the case law, that not every lapse by a physician is a fiduciary breach, and that a genuine mistake does not amount to the disloyalty or betrayal the doctrine requires. The court held that this set the bar too high. A physician’s mistake, it reasoned, can itself be driven by self-interest and a disregard for the patient’s interests. On the findings, the cameras were installed to protect the surgeon’s own interests and for no other reason, and that preference of self-interest over the interests of vulnerable patients was enough to constitute a breach of fiduciary duty. The duty also extended to storing and securing the footage as personal health information, which had not been done.
The breach of trust claim, by contrast, failed. PHIPA does not create a trust over personal health information; it sets rules for collection, use, and disclosure, but says nothing of trusts. Nor had the plaintiffs established a common law trust, which requires the three certainties of subject matter, object, and intention. Certainty of intention was missing: there was no evidence that the surgeon intended to hold the recordings for his patients’ benefit, and the fiduciary obligation to keep the footage confidential did not, on its own, create a trust. This part of the decision is a useful reminder that fiduciary, statutory, and trust obligations are distinct, and that pleading all three does not guarantee that each will hold. As with negligence, damages for breach of fiduciary duty require proof of harm and were left for individual determination.
The court’s analysis on intrusion upon seclusion
The most significant findings concern intrusion upon seclusion. The defendants mounted a serious defence on each element of the tort. They pointed out that the cameras were not concealed, that there was no evidence of voyeurism or of the footage being shared, and that no case had imposed liability for the mere collection of information that was never accessed. They argued that, within the clinic, patient information was already shared among staff, so the consultation and examination rooms were a shared zone of privacy in which the expectation of privacy was diminished. These are not frivolous points; they track the deliberately narrow framing of the tort.
The conduct requirement. The court held that patients had a reasonable expectation of privacy in rooms where they disrobed and discussed intimate concerns with their physician. Drawing on the Supreme Court’s reasoning in R v Jarvis and R v Campbell, the court emphasized that recording is qualitatively different from mere observation: a recording can be stored, replayed, edited, and shared, and the act of creating it is itself the intrusion, whether or not anyone later watches it. That the cameras were visible, but not obvious, did not assist the defendants, because surreptitiousness is only one consideration among many. The circle of care argument failed because the footage served no medical purpose and was collected without consent.
The state of mind requirement. The surgeon advanced what amounted to a mistake-of-law argument: he said he equated his confidentiality obligations with his privacy obligations and did not realize he was acting unlawfully. The court held that mistake of law is no defence to an intentional tort. Borrowing the principle that ignorance of the law is no excuse, and citing the Supreme Court’s recent recognition of the intentional tort of family violence in Ahluwalia v Ahluwalia, the court held that what matters is whether the defendant intended the conduct that constituted the intrusion, not whether he understood its legal character. It declined to import any requirement of nefarious intent, a phrase it found unhelpful and absent from the controlling authorities, and distinguished Owsianik v Equifax, where a third-party hacker, rather than the defendant, committed the intrusion. Here the surgeon himself installed and operated the system.
The state of mind analysis was reinforced by a stark credibility finding. After almost five days of testimony, the court found the surgeon’s evidence neither credible nor reliable. His rationales for the cameras shifted, his website continued to claim hospital privileges he no longer held, and the December 2018 message he described as an apology contained statements the court found false, including that the cameras were always visible with signage posted, that the footage was stored on a highly secure system, and that privacy legislation had recently changed. The court concluded that he knew exactly what he was doing.
The consequence requirement. Applying an objective standard, the court held that the invasion would be regarded by a reasonable person as highly offensive. The fact that some patients said the cameras made them feel safer did not control the analysis; as the plaintiffs put it, a class action is not a popularity contest, and those witnesses, several of whom were unusually attentive to cameras, conceded on cross-examination that recording in places where people undress is inappropriate. Health records sit squarely within the category of information recognized as capable of being highly offensive to intrude upon, and recording patients in their most vulnerable moments, without consent and for no medical reason, met that threshold. The argument that the breach was ephemeral, because most of the footage was deleted and little of it was watched, missed the point: it is the creation of the recording that is the intrusion.
The damages assessment
The structural point about damages is the one most worth carrying forward. Because intrusion upon seclusion does not require proof of harm, the court could assess damages for that tort on an aggregate, class-wide basis under section 24(1) of the Class Proceedings Act, 1992. Negligence and breach of fiduciary duty, which do require proof of harm, could not be resolved in the aggregate and were left for individual determination. Intrusion upon seclusion therefore carried the award.
Following Jones v Tsige, the court treated these as symbolic or moral damages that should be modest but sufficient to mark the wrong. It fixed $5,000 for each patient who attended a surgical appointment and $500 for each patient who attended only for non-surgical injectables, declining to distinguish among patients by the number of visits. Rounded across the class, that produced an aggregate award of $21.5 million. The headline figure is therefore a product of class size rather than large individual awards, a point worth remembering when valuing an individual privacy claim with no proven harm. In reaching the figure the court drew on the British Columbia Court of Appeal’s decision in Insurance Corporation of British Columbia v Ari, which upheld aggregate privacy damages without proof of consequential harm. That decision is persuasive in Ontario rather than binding, but it aligns with the reasoning in Jones.
The court added $1 million in punitive damages, applying the test from Whiten v Pilot Insurance Co. It found the conduct reprehensible: the surgeon abused a position of trust, profited from vulnerable patients, recorded them in private spaces for his own benefit, and showed no genuine remorse. Aggravated damages were declined, on the basis that they relate to proven mental distress that individual class members can pursue separately.
The doctrinal anchors
Several doctrinal anchors emerge from the case.
The tort of intrusion upon seclusion. Jones v Tsige, 2012 ONCA 32, established the tort and its three-part test, restated in Owsianik v Equifax, 2022 ONCA 813. Proof of harm is not required, which is what permits an aggregate award.
Recording is itself the intrusion. R v Jarvis, 2019 SCC 10, and R v Campbell, 2024 SCC 42, establish that a recording is qualitatively different from mere observation. The act of creating the recording is the intrusion, whether or not the footage is later viewed or disclosed, and the fact that cameras are not concealed is only one factor in the analysis.
Mistake of law is no defence to an intentional tort. Consistent with Ahluwalia v Ahluwalia, 2026 SCC 16, what must be shown is the intention to engage in the impugned conduct, not knowledge that the conduct was unlawful. There is no requirement of nefarious intent.
The physician-patient relationship is fiduciary per se. Norberg v Wynrib, [1992] 2 SCR 226, confirms that the relationship gives rise to fiduciary obligations. A breach can be established by self-interested conduct that prefers the physician’s interests over the patient’s, even where the conduct is framed as a mistake and even absent predatory or exploitative intent.
PHIPA informs but does not create a cause of action or a trust. A breach of PHIPA does not, on its own, ground a civil claim, and the Act does not impose a trust over personal health information. PHIPA does, however, inform the duty of care and the standard expected of physicians handling patient information.
Aggregate damages in a privacy class action. Section 24(1) of the Class Proceedings Act, 1992 permits aggregate damages where liability can be determined without proof by individual class members. That is possible for intrusion upon seclusion, which requires no proof of harm, and Insurance Corporation of British Columbia v Ari, 2025 BCCA 131, supports such an award in the privacy context, though as a British Columbia authority it is persuasive only.
Punitive damages. Whiten v Pilot Insurance Co, 2002 SCC 18, confirms that punitive damages are reserved for conduct that is malicious, oppressive, and high-handed, and that their purpose is to punish rather than to compensate.
Why this case matters
For patients. The decision affirms that the privacy of the examination room is legally protected, and that a physician who records patients without consent and for no medical purpose can be held liable even where the recordings were never watched or shared.
Some practical observations:
Intrusion upon seclusion is the most potent tool in a privacy case. Liability does not depend on proof of harm, which is what allowed an aggregate award here. Mistake of law offers no shelter, and the act of recording alone can suffice.
The headline figure reflects class size, not large individual awards. The per-person amounts were modest ($5,000 and $500), consistent with the symbolic nature of these damages. An individual privacy claim with no proven harm should be valued accordingly. Class members who can establish actual harm may still pursue individual damages for negligence and breach of fiduciary duty.
The fiduciary holding may be tested on appeal. This is a first-instance decision of the Superior Court, binding at first instance but not at the appellate level. The holding that a self-interested mistake can amount to a fiduciary breach, and the rejection of a higher disloyalty threshold, are the kind of conclusions an appellate court may revisit, and an appeal would not be surprising. The process for individual damages claims and the question of costs remain to be addressed.
For more on how medical malpractice claims are evaluated in Ontario, see Suing for Medical Malpractice in Ontario: What You Need to Know.
For physicians and clinics. A few practical observations:
Surveillance in patient-care areas requires a genuine medical purpose and express consent. Cameras in consultation rooms, treatment rooms, and operating rooms are inappropriate unless they serve a care-related purpose and the patient has consented. Signage alone does not meet the standard.
Confidentiality and privacy are not the same obligation. Keeping information from third parties is not the same as respecting a patient’s control over whether and how they are recorded. Collecting private information for a non-medical purpose, even securely, can still be an intrusion.
Conduct after the event matters. Much of the damage to the defendant’s position came not from the cameras alone but from his shifting explanations, an inaccurate website, and a public message the court found false in several respects. In a case built on credibility, the response to the wrong can deepen the liability.
Decision Date: May 26, 2026
Jurisdiction: Ontario Superior Court of Justice
Citation: Coming soon.
Outcome: Liability established on the common issues. The defendants conceded that they owed patients a duty of care and breached it; the court held that the standard of care was not to operate cameras in clinic areas where patients receive care or consult their physician, absent a genuine medical purpose and the patient’s express consent. The defendants were found vicariously liable for the conduct of the corporation and its employees. The court held that the defendants breached their fiduciary duty by preferring their own interests, and rejected the argument that a genuine mistake could not amount to a fiduciary breach. The breach of trust claim was dismissed, because neither PHIPA nor the common law created a trust over the footage and certainty of intention was absent. The court found all three elements of intrusion upon seclusion established, holding that the act of recording was itself the intrusion, that mistake of law was no defence, and that the invasion would be highly offensive to a reasonable person. It awarded $21.5 million in aggregate damages for intrusion upon seclusion under section 24(1) of the Class Proceedings Act ($5,000 per patient who attended a surgical appointment and $500 per patient who attended only for injectables), together with $1 million in punitive damages. Aggravated damages were declined. Causation and damages for negligence and breach of fiduciary duty were not common issues and remain to be determined individually; the parties were directed to propose a process for those claims and to address costs.
Key authorities: Jones v Tsige, 2012 ONCA 32 (tort of intrusion upon seclusion; three-part test; proof of harm not required); Owsianik v Equifax Canada Inc, 2022 ONCA 813 (restatement of the test; intrusion by a third-party intruder distinguished); R v Jarvis, 2019 SCC 10 (reasonable expectation of privacy; recording distinct from observation); R v Campbell, 2024 SCC 42 (creating a recording differs from the underlying activity); Norberg v Wynrib, [1992] 2 SCR 226 (physician-patient relationship fiduciary per se); Ahluwalia v Ahluwalia, 2026 SCC 16 (intentional tort requires only intention to engage in the conduct); Whiten v Pilot Insurance Co, 2002 SCC 18 (punitive damages); Insurance Corporation of British Columbia v Ari, 2025 BCCA 131 (aggregate privacy damages without proof of harm; persuasive in Ontario); G.C. v Jugenburg, 2021 ONSC 3119 (certification); Personal Health Information Protection Act, 2004, SO 2004, c 3, Sched A; Class Proceedings Act, 1992, SO 1992, c 6, s 24(1).
Paul Cahill
Partner, Davidson Cahill Morrison LLP | LSO Certified Specialist in Civil Litigation
Paul represents victims of medical malpractice across Ontario, with trial experience including a $11.5M jury verdict in a birth injury case. He is recognized in Best Lawyers in Canada and serves as trial counsel to other lawyers on complex medical negligence matters.
About PaulMore on medical malpractice in Ontario.
Other articles by Paul exploring the conditions, decisions, and systems behind preventable medical harm.
Gilmore v Love: A Mismanaged Labour and a Preventable Birth Injury
A BC trial judge found an obstetrician 85% liable and obstetrical nurses 15% liable for skull fractures and brain damage caused during a difficult caesarean section.
A Laboratory Susceptibility Testing Failure in Tuberculosis Treatment: Recurrent Disease and a Reconstructive Spinal Surgery
Paul Cahill settled a laboratory negligence claim where a failure to properly test tuberculosis susceptibilities led to vertebral collapse and spinal surgery.
Kotorashvili v Lee: When a Surgeon Deviates from His Own Treatment Plan
An Ontario orthopaedic surgeon was found liable after removing clavicle hardware six weeks early without revisiting his own documented treatment plan.