[1999] HCA 6
Woolworths Ltd v McQuillan [2017] NSWCA 202
Ashby v Slipper (2014) 219 FCR 322
[2014] FCAFC
Precision Plastics Pty Limited v Demir (1975) 132 CLR 362
Ho v Powell 51 NSWLR 572
[2001] NSWCA 168
Blatch v Archer (1774) 1 Cowp. 63
Du v Jameson Bank 2017 ONSC 2422
Cattanach v Melchior (2003) 215 CLR 1
[2003] HCA 38
Egerton v Brownlow (1853) 4 HL Cas 1
Source
Original judgment source is linked above.
Catchwords
[1999] HCA 6
Woolworths Ltd v McQuillan [2017] NSWCA 202
Ashby v Slipper (2014) 219 FCR 322[2014] FCAFC
Precision Plastics Pty Limited v Demir (1975) 132 CLR 362
Ho v Powell 51 NSWLR 572[2001] NSWCA 168
Blatch v Archer (1774) 1 Cowp. 63
Du v Jameson Bank 2017 ONSC 2422
Cattanach v Melchior (2003) 215 CLR 1[2003] HCA 38
Egerton v Brownlow (1853) 4 HL Cas 1
Judgment (11 paragraphs)
[1]
Judgment
This is a tale of two builders who have fallen out. Dean McIsaac (Dean) is one of them. His wife, Vanessa McIsaac (Vanessa), is a schoolteacher. Both are directors of the plaintiff. Trevor Callaway (Trevor) is the sole director of the defendant. The plaintiff and defendant are building companies. Each of them enjoyed a pleasant and profitable business relationship going back to 2013. It has now broken down irretrievably.
They are both in discord. Their quarrel has reached the Local Court and found its vent in a dispute about money. Both are unwitting victims of a 'cybercrime'. Money has been paid and lost. Each blames the other. Regrettably, one of them must bear that loss.
The plaintiff brought proceedings in the Local Court claiming money due to it by the defendant for work it performed under a building contract. The Defendant claims it has paid the plaintiff as it was directed, or ostensibly directed, by the plaintiff even though the funds found their way into the hands of a scoundrel. So far as it is concerned, it is now the plaintiff's problem and that is the end of the matter.
These proceedings have had a long, protracted and a somewhat circuitous history. Lamentably, significant costs have been incurred by both parties, particularly when contrasted with the amount in dispute.
The resolution of the matter has been unavoidably delayed by the COVID-19 pandemic. Whilst the factual matrix is not particularly complex the dispute has raised some important issues for determination one of which has not been assisted by the dearth of legislation and case law with respect to a recent phenomenon concerning what is often referred to as 'cybercrime' - a feature of modern technology and the vexing question about who bears the loss when an imposter secures funds meant for another.
[2]
Pleadings
In its Statement of Claim, the plaintiff claimed that:
1. In early August 2017 it entered into a contract with the defendant to carry out building work at Harden (the contract);
2. The building work was satisfactorily performed over the period between 7-18 August 2017;
3. On 21 August 2017 the plaintiff forwarded an invoice for payment in the sum of $29,550.40 which it says the defendant has failed or refused to pay.
In its Amended Defence, the Defendant admitted that the building work was performed by the plaintiff pursuant to the contract but denied that it had failed or refused to pay the contract price to the plaintiff on the basis that the defendant paid the amount due into an account nominated by the plaintiff pursuant to an email from the plaintiff or ostensibly from the plaintiff.
Issues are defined by the pleadings. Each party is required to specifically plead any matter that may otherwise take the other party by surprise [1] . The court in Banque Commerciale SA, En Liquidation v Akhil Holdings Ltd [2] observed:
The function of pleadings is to state with sufficient clarity the case that must be met… In this way, pleadings serve to ensure the basic requirement of procedural fairness, that a party should have the opportunity of meeting the case against him or her and, incidentally, to define the issues thereof.
I should observe at this point something about the pleadings. During March this year and between the first day of the substantive hearing at Young and prior to the second day of hearing at Cowra on 29 March 2021 (after Mr Trebeck of counsel was briefed to appear for the plaintiff in late 2020 following the retirement of the plaintiff's solicitor, Mr Casey, who hitherto had carriage of the matter and who appeared as the plaintiff's advocate during the early stages of the proceedings). Mr Trebeck, not uncommonly in circumstances where a new advocate takes up the cudgels for a party to litigation, brought a 'fresh pair of eyes' to the matters in dispute and the issues to be resolved.
There followed a flurry of correspondence between the solicitors for each party during which the plaintiff's solicitors identified what they considered to be fundamental deficiencies in the amended defence (having regard to the assertions made by the defence about the plaintiff's breach of duty and otherwise with respect to allegations of negligence on the part of the plaintiff with respect to the maintenance of its computer security system).
An invitation was extended by the plaintiff to the defence to consider filing a further amended defence (if they wished to pursue a claim in negligence) particularising in detail firstly the facts relied upon to establish the existence of negligence and the duty owed by the plaintiff to the defendant and secondly how that duty was breached identifying what conduct on the part of the plaintiff was relied upon to demonstrate how that duty was breached. For that purpose, the defendant was invited to forward a draft amended defence for consideration by a certain date so as to ensure those questions could be considered in a timely manner having regard to the plaintiff's counsel's availability to consider them prior to the next hearing date.
A further amended defence was filed 'on-line' without the knowledge or consent of the plaintiff and without the leave of the court. Nevertheless, a copy was sent to the plaintiff's solicitors as a 'fait accompli'. In response, the plaintiff's solicitors wrote to the defendant's solicitors opposing any application for leave to rely upon that draft further amended defence on the basis that the claims of negligence did not meet the criteria contained in the Civil Liability Act 2002 (NSW).
The plaintiff's solicitors also observed that the defendant sought to plead an 'off-setting' claim for loss and expense which was not available because setoffs were only possible where there is a debt owed by the plaintiff to the defendant. In reality the document relied upon to support a claim for damages, they asserted, had to comply with the Legal Profession Uniform Law Application Act 2014 (NSW), Schedule 2, cl.4 by the provision of a certificate. Should the proposed amendment be pressed, they reminded the defendant's solicitors, it would require a Notice of Motion supported by an affidavit to be filed with the court in a timely manner which, as it turned out, was not done.
In reply, and without addressing the specific issues raised in the earlier correspondence, the defendant's solicitors contended that the proposed pleading reflected new evidence from the experts that the plaintiff's computer system was 'hacked' and that the fault for that having occurred had already been identified as a principal issue. They asserted that the proposed pleading raised a 'set-off' argument in the event that the court found that the defendant had not paid the plaintiff because, they averred, the plaintiff caused its own loss, and the defendant should not have to pay again.
Further, the defendant's solicitors asserted, to oppose the filing of the proposed amended defence was contrary to s 56 of the Civil Liability Act because the real issue was whether the plaintiff should have to pay again having regard to the fact that it had paid money into an account as a result of inaccurate information - the fault for which lay entirely with the plaintiff. They also contended that the plaintiff's solicitors had on an earlier mention, neither consented nor opposed the proposed amended defence and that the court had considered it was not required to address the question at the time when the matter was before the court for mention.
The plaintiff's solicitors took issue with most of what was posited in that correspondence and agreed that they had been prepared to consider the proposed pleading after a draft was sent but they had not anticipated one which did not address the criteria in the Civil Liability Act (supra).
On the morning of the hearing at Cowra on 29 March 2021 a copy of a further proposed further amended defence (not previously provided) was served on the plaintiff's counsel, Mr Trebeck, by Mr McKeown for the defendant who then sought leave of the court to file the document over the plaintiff's objection. The oral application was not supported by an affidavit. Mr McKeown argued that the pleading simply "clarified the issues" between the parties and ought not and would not otherwise take the plaintiff by surprise or prejudice the plaintiff in the conduct of the proceedings. That view was not shared by the plaintiff's counsel.
The document sought to be filed in court that morning constituted a further variation of the further amended defence that had been filed on-line (without leave or consent) that had been sent to the plaintiff's solicitors previously and would have, if allowed, constituted the fourth further amended defence. No warning, as I have already observed, of those changes had been foreshadowed.
The draft document pleaded (in addition to what was already in the amended defence) that:
1. the plaintiff was aware of the defendant's reliance upon accurate account details for payment of its invoice.
2. an implied term contained within the contract that the plaintiff would provide such accurate information.
3. negligence of the part of the plaintiff by failing to:
1. ensure emails received from its email system were truthful and otherwise accurate and specifically,
2. maintain proper or any security on its email system.
1. the plaintiff's claim for non-payment of the contract price was offset by the fact that the defendant had suffered loss and expense as a result of the breach of duty.
After extensive argument which occupied a significant portion of the time set aside to adduce evidence from the parties and their experts, I considered that the motion was belated and otherwise without merit having regard to its timing (and having regard the time which had elapsed since the matter had commenced) and that it otherwise sought to achieve more than to simply 'clarify the issues' but rather to 'move the goal posts' without providing adequate notice and without addressing the clear deficiencies identified by the plaintiff's solicitor's earlier correspondence to which I have referred. It was submitted that the reason for seeking leave to file that document arose from issues raised in the expert's reports when in fact the first amended defence had already been filed (over the plaintiff's objection) after both expert's reports had been filed and served and, on the day, when both experts were first to have been 'hot tubbed' at Young.
Accordingly, I refused leave the file the document. In any event the matter proceeded on the basis that the fraudster's email was sent or ostensibly sent from the plaintiff's email system and the defendant continued to raise issues of negligence over objection from the plaintiff that the fault for that fact lay with the plaintiff and which was consistent with the way in which the parties had conducted the litigation thus far. The plaintiff maintained that negligence cannot be pleaded as a defence to a claim in contract. I will return to those arguments later in this judgment.
[3]
Factual Matrix
Despite the length of the hearing, the factual matrix is not particularly complex and can be condensed to what follows hereafter.
In August 2017 the plaintiff carried out building work to the bistro located within the Carrington Hotel, Harden for the defendant at its request. The defendant was happy with the work and Trevor said as much to Dean [3] . The plaintiff submitted a tax invoice for payment which included information about its credit union account conducted by it with the South West Credit Union at Young of which Trevor was already well aware from his prior dealings with the plaintiff the details of which he kept in his address book.
An unscrupulous rogue, a fraudster from Nigeria, impersonating the plaintiff, interposed at a critical time by sending an email to the defendant with revised instructions to pay the amount due into a different account with a different bank which had nothing to do with the plaintiff (the 'mule account'). Dean and Vanessa were oblivious to this mendacious deception.
In due course and following the exchange of a number of emails between Trevor and the rogue, the defendant duly obliged, and the funds were unwittingly remitted into the mule account as directed by the fraudster and which the fraudster later accessed. The missing funds are now considered to be irrecoverable. No attempt has been made by the defendant to claw back those funds paid by it into the mule account.
The plaintiff asserts it has still not been paid for its work performed under the contract and furthermore it is the obligation of a debtor, in this case the defendant, to seek out and pay his creditor, the plaintiff.
To better appreciate the issues which arise for determination, it is instructive to painstakingly review the critical events following completion of the work carried out by the plaintiff which are revealed by the evidence and summarised below:
1. at 12:39 PM on 27 August 2017 the plaintiff sent an email to the defendant attaching a tax invoice for the work performed by the plaintiff for the defendant pursuant to the contract in the sum of $29,550.40;
2. at 8:24 PM on the next day the fraudster sent an email to the defendant (masquerading as Dean) to the effect that he had forgotten to mention that the plaintiff had updated its banking details for EFT payment and that new account details would be provided for payment;
3. at 4:51 PM on 31 August 2017 Trevor rang Dean and left a voice message (converted to text) to the effect that the plaintiff's bank details set out on the tax invoice were already in his address book and requested that Dean confirm the new account details;
4. sometime shortly thereafter Trevor called Dean by phone and asked him to check his account details and confirm them by email. Dean replied that the bank details on the tax invoice had not changed and were correct, but he would confirm by email;
5. at 6:50 PM later that evening Dean sent an email to Trevor to advise the plaintiff's bank account details (which were the same as those details particularised in the tax invoice that had been sent previously). One minute later Vanessa sent an email to the same effect but with the sign-off "Thanks Vanessa";
6. at 7:34 PM, some 44 minutes later, the fraudster (impersonating Vanessa) sent an email to the Trevor to the effect that [she] had mistakenly sent details of the old account and then directed payment to the mule account;
7. at 7:38 PM (4 minutes later) the fraudster sent another email to the defendant to the same effect as the previous email;
8. at 7:39 PM (one minute later) the fraudster sent another email to the same effect as the previous two emails;
9. at 7:40 PM (one minute later) the fraudster sends an email to the defendant to the same effect as the previous three emails;
10. at 10:41 AM on 2 September 2017 Trevor unsuccessfully tried to speak to Dean by telephone and left a message;
11. at 10:43 AM (two minutes later) Trevor replied to the email sent by the fraudster acknowledging the new account details and notifying (unwittingly) the rogue that the funds would be transferred when he returned to Sydney that night;
12. at 8.56 AM the following day the fraudster thanked Trevor for the update and sought notification when payment was made (presumably so that the funds could be accessed before the fraud was discovered);
13. at 10.19 AM on 4 September 2017 Trevor attempted to pay the funds due to the plaintiff into the mule account by Netbank transfer but the funds were later returned;
14. 6 minutes later, Trevor sent a text message to Dean to advise the transfer of funds and that a receipt would follow;
15. 33 minutes later Trevor sent an email (again unwittingly) to the fraudster asking Dean to check the bank details because the funds were returned to the defendant apparently because the account details were incorrect;
16. At 7.49 AM on 5 September 2017 the fraudster sent an email to Trevor (pretending to be Dean) with the account details for the mule account (this time with the correct account details of the mule account by reversing the BSB and account numbers which explained why the funds had been returned initially);
17. 1 hour and 7 minutes later Dean sent Trevor an email (on-forwarding Trevor's email of 31 August at 6.51pm) with instructions to pay the funds into the plaintiff's account - the details of which remained unchanged from his earlier emails;
18. 15 minutes later Trevor received another email from the fraudster with account details for the mule account;
19. over the course of the next 3 minutes Trevor received 3 further emails from the fraudster to the same effect as the previous email;
20. Trevor replied at 9.15 AM (a minute later and again unwittingly) to the fraudster to tell Dean that he would make another attempt to transfer the funds;
21. The fraudster acknowledged Trevor's email nearly 4 hours later and explained that the BSB and account number had been "flipped" causing the problem;
22. At 8.51 PM that evening (5 September 2017) Trevor deposited the funds into the mule account;
23. At 9.38 AM the next morning Trevor sent an email, ostensibly to Dean, but in reality, as a reply to the fraudster's email, that the funds had been paid (thus unknowingly alerting the fraudster to access the funds before the fraud was discovered);
24. The fraudster acknowledged the payment of the funds about 30 minutes later;
25. 9 days later Dean sent Trevor a text message to follow up payment of the contract price;
26. Trevor responded 2 hours later by text informing Dean the account had been paid and that a copy of the transaction receipt had been previously emailed. Trevor sent Dean an email about 20 minutes later (this time to Dean's correct email address) on forwarding the receipt for the deposit of the money.
It became clear during Trevor's cross examination that the email header from the fraudster differed in appearance from genuine emails from Dean. The email header on the genuine email appeared thus:
Dean McIsaacdeanmcisaac@bigpond.com.
Additionally, each genuine email had a MailGuard "Virus Free" stamp on the copy received by Trevor.
The fraudster's email appeared as:
deanmcisaac deanmcisaacdeanmcisaac @bigpond.com.
None of the fraudster's emails bore the MailGuard stamp. The grammar and syntax used in some of the fraudster's emails also suggest either a laxity or lack of familiarity with English - even in informal exchanges.
It is evident that Trevor did not notice the absence of the MailGuard "Virus Free" stamp on the fraudster's emails, nor did he pay any attention to the different email header which in any event he, in his evidence to the court, dismissed as something which might arise from using different servers and therefore, he maintained, was irrelevant.
As was observed by another court in a different jurisdiction but, in not dissimilar circumstances to the matter before this court, to review, with the wisdom and benefit of hindsight and knowing how the events eventually played out, the course of events including the various email exchanges leading up to the loss of the funds to an unscrupulous scoundrel, is analogous to "watching a train wreck". [4]
[4]
Plaintiff's submissions
Mr Trebeck for the plaintiff in his comprehensive written submissions advanced that (and I paraphrase):
1. On the pleadings the only issue for determination is whether the defendant has discharged its obligation to pay the plaintiff by paying the amount due to the plaintiff into the mule account.
2. The ordinary common law rule of debtor and creditor applies, i.e., it is the duty of the debtor to seek out his or her creditor and pay him or her [5] .
3. The manner of payment was a matter for the defendant, i.e., there were a number of methods by which the defendant could have paid the plaintiff, e.g., by post or internet banking and in each case the defendant accepts the risk of non-delivery [6] .
4. Negligence on the part of the plaintiff in maintaining a system for payments does not arise on the pleadings even though the defendant (over objection) has conducted its defence on that basis.
5. In the event that the defendant (over objection) is entitled to maintain an action in negligence (which has not been pleaded) the defendant has sought to reverse the onus of proof. In other words, the plaintiff does not have to prove that it was not negligent with respect to the email communications but rather it is for the defendant to prove that the failure by the plaintiff to receive the contract price from the defendant was due to the plaintiff's negligence. In this regard the defendant has not addressed imperatives required by the Civil Liability Act 2002.
6. Following on from the previous paragraph, it was the defendant's negligence which led to the contract price being paid to the fraudster by negligently and recklessly acting on 'bogus emails' sent by the fraudster in which the defendant has at all times attempted to assign blame from Trevor to Dean and Vanessa.
7. Additionally, the defendant has made no attempt to pursue the account holders of the mule account or of the financial institution in which that account was held, namely, Westpac.
[5]
Defendant's submissions
Mr McKeown for the Defendant addressed the court on the final day of the hearing and made it clear that he did not agree with the position adopted by the plaintiff with respect to the availability to plead negligence as a defence to a claim in contract and in his written submissions acknowledged that:
1. The defendant accepts that the plaintiff has not been paid for its work.
2. The defendant has paid a sum of money equal to the contract price [albeit to an unknown third party, the fraudster].
3. The plaintiff's email system was 'hacked' which permitted [7] a fraudster (from Nigeria) to send false information to the defendant.
Mr McKeown in his written submissions, submitted that:
1. There are two questions for the court to determine, firstly 'fault' (and presumably where it lies) and secondly to consider questions of "fairness, justice and good public policy" (presumably in determining fault).
2. Both experts agree that the plaintiff's email account was controlled by the fraudster but the plaintiff's expert does not explain how this occurred - although Mr McKeown posits that he knows, i.e. that the fraudster obtained the password from one of the plaintiff's devices and posed two questions - On what basis should the defendant be responsible for the plaintiff's conduct and failure? and - Why should, in this case, the defendant, (likening it to a hapless visitor lured to a room where he is robbed in one of his earlier scenarios) pay again?
3. The court should draw an adverse inference from the fact that failure by the plaintiff to commission its expert to conduct an empirical inspection of its computer taken together with the failure to adduce evidence by the business entity from which that computer was purchased and installed as well as security program which operated on that machine.
4. The court should find in favour of the defendant as a matter of "good public policy" based on the notion that responsibility for computer frauds should rest with the party whose system has perpetrated the fraud thus ensuring that all operators of computers are required to maintain their systems in such a way so as to protect others who have dealings with their system and to promote computer security. In this regard I was referred to a number of authorities with respect to the doctrine of the 'public good', the 'public safety' and the 'public interest'.
5. These events can be 'insured against' and asked - Why the defendant should be required to insure itself against "the plaintiff's mistake"? - attempting to distinguish this risk from what is covered by comprehensive motor vehicle insurance.
6. The fraudster gained access to the plaintiff's computer system positing that the fraudster acquired the 'password' proffering a number of possibilities but maintaining all the while that the defendant had nothing to do with it.
7. The court can draw an adverse inference that there was no evidence to show that the plaintiff's computer system was running properly or that the plaintiff ran its claim on the basis that it was operating a secure computer system.
8. A review of cited authorities supported a finding in favour of the defendant.
For the purpose of ascertaining the solution to the two questions posed by Mr McKeown in subparagraph (b) of the previous paragraph, Mr McKeown postulated two hypothetical scenarios involving a notional victim suffering injustice at the hands of ruffians or rogues within premises managed by a notional owner and posited questions about who would bear the loss in those scenarios. I am not entirely sure that the analogous scenarios are necessarily apposite or indeed helpful or relevant to the matters which are raised in these proceedings.
The submission set out in sub-paragraph (g) ignored the fact that the plaintiff based its claim in contract and therefore was not required to plead those matters as part of its claim. Likewise, and whilst on the question of negligence having regard to the invitation to draw an adverse inference referred to in (c) above, the onus to prove negligence, if indeed it is an issue raised on the pleadings, rests with the defendant.
Mr McKeown raised a particular issue in his submissions which it is important to address at this time. In his written submissions and with reference to a High Court decision about the question of public policy, Mr McKeown observed that the court had not permitted the defence to file "a tort amended cross-claim". He opined that "[t]he deterrence argument… is a good one" and that the defendant should not be denied 'the opportunity of the benefit of the general argument of public interest" in the event that its prima facie defence of complying with (the plaintiff's) direction is not found. I have already addressed this issue when reviewing the history of the pleadings in this matter and the way in which the defendant sought again (during the second day of the substantive proceedings) to further amend its defence [8] . In addition, Mr McKeown did not specifically address the issue raised by Mr Trebeck with respect to 'contributory negligence' as a defence to a claim in contract other than to say in oral submissions that he did not agree with what had been said.
[6]
Issues
The primary issues, it seems to me, having carefully considered the very helpful, erudite, and comprehensive written submissions from both Mr Trebeck and Mr McKeown, which arise to be determined by this court are these:
Firstly - has the defendant discharged its obligation under the contract to pay the plaintiff by having paid the money due to the plaintiff into the mule account controlled by a third party?
Secondly, if not, who should bear responsibility for the loss of money otherwise due to the plaintiff?
Thirdly, if the fault does not lay with the defendant, should the court award a verdict in favour of the defendant on the grounds of 'public policy'?
[7]
First Issue
The defendant claimed that it had discharged its obligation under the contract because it paid the money due to the plaintiff into an account to which it had been directed from an email emanating from the plaintiff's email account, ergo, by the plaintiff or ostensibly by the plaintiff. Whilst it conceded that the email upon which the defendant acted was authored by the fraudster, the fault for this, Mr McKeown submitted must lay with the plaintiff.
Mr Trebeck submitted that the plaintiff has brought its claim arising from a breach of the contract, namely non-payment of the contract price. Negligence, therefore, does not arise, either on the pleadings nor is it available as a matter of law but if it did (which is not accepted) the onus of proof lies with the defendant.
In this regard the plaintiff's clear and unequivocal position is that contributory negligence is not available to a claim for breach of contract [9] . It was the long-held position that contributory negligence operated as a total bar to an action in negligence, i.e., if the party making the claim suffered the loss partly by his or her own negligence or default, no claim could be made irrespective of whether or not another party had also caused or contributed to that loss. This position was eventually resolved by legislation enacted throughout the Commonwealth which allowed for damages to be reduced to the extent that the party making the claim had contributed by that party's negligence to their loss.
The question remained however as to whether this legislation applied in circumstances where the plaintiff had a claim in contract and particularly where the plaintiff had a parallel claim in tort for negligence.
This was the issue which came before the High Court in Astley & Ors v Austrust Ltd (1999) 197 CLR 1. This was a decision which concerned a trustee company, acting on the advice of its solicitors, which had acquired property in its capacity as trustee of a trust. The trust was wound up due to insolvency. Losses were incurred. The trustee company brought an action against its legal advisers in the tort of negligence and for breach of contract claiming that it should have been advised to include in the trust of documents a provision limiting the liability of the trustees to the value of the trust assets.
The court held that the lawyers were negligent but that the trustee was also guilty of contributory negligence. The court at first instance determined that the apportionment legislation applied to claims in contract as well as in tort. On appeal, the High Court held that the apportionment legislation did not give rise to a defence of contributory negligence where the claim was for a breach of duty owed in contract.
The learned author of Annotated Civil Liability Act 2002 (NSW) usefully observes [10] :
"At common law, contributory negligence was a complete defence to an action in negligence. This common law rule was abolished by the Law Reform (Miscellaneous Provisions) Act 1965 which allowed for the apportionment of damages by reference the plaintiff's share in the responsibility for the damage."
The relevant provisions of the Law Reform (Miscellaneous Provisions) Act 1965 are now in the following terms:
Definitions
In this Part:
"claimant" - see section 9 (1).
"contributory negligence" - see section 9 (1).
"court", in relation to any claim, means the court by or before which the claim falls to be determined.
"damage" includes loss of life and personal injury.
"wrong" means an act or omission that:
(a) gives rise to a liability in tort in respect of which a defence of contributory negligence is available at common law, or
(b) amounts to a breach of a contractual duty of care that is concurrent and co-extensive with a duty of care in tort.
9 Apportionment of liability in cases of contributory negligence
(1) If a person (the "claimant") suffers damage as the result partly of the claimant's failure to take reasonable care ("contributory negligence") and partly of the wrong of any other person:
(a) a claim in respect of the damage is not defeated by reason of the contributory negligence of the claimant, and
(b) the damages recoverable in respect of the wrong are to be reduced to such extent as the court thinks just and equitable having regard to the claimant's share in the responsibility for the damage.
(2) Subsection (1) does not operate to defeat any defence arising under a contract.
(3) If any contract or enactment providing for the limitation of liability is applicable to the claim, the amount of damages recoverable by the claimant by virtue of subsection (1) is not to exceed the maximum limit so applicable.
It should be noted that the statutory apportionment of liability in cases of contributory negligence is limited to situations where the act or omission of the defendant either gives rise to a liability in tort in respect of which a defence of contributory negligence is available at common law or an act or omission that amounts to a breach of a contractual duty of care that is concurrent and coextensive with the duty of care in tort.
The learned author also usefully observes that:
"The definition of "wrong" in its current form was first introduced by the legislation under discussion to overcome the effect of the decision of the High Court of Australia in [Astley (supra)] where it was held that no reduction of damages could properly be made where the defendant had a concurrent liability to the plaintiff in both contract and in tort because the doctrine of contributory negligence was not a defence at common law to a claim in contract, and the plaintiff was entitled to recover from the defendant in contract rather than in tort if it so desired".
The learned author of Contract: General Principles -The Laws of Australia also makes this useful observation [11] :
With some exceptions, a plaintiff can no longer avoid the defence of contributory negligence by framing the action in contract rather than tort. Previously one view of the construction of the apportionment legislation was that it did not apply to actions for breach of contract. Other cases held that it did apply whether contractual obligation was a duty of care in the plaintiff could have elected to frame the duty of care in tort in [Astley (supra)] a majority of the High Court found that contributory negligence was not a ground for reduction of damages where there was a concurrent liability in contract and in tort, even in circumstances where the breach of the implied contractual duty to take care was commensurate with the duty to take reasonable care imposed by the law of tort, if the plaintiff had elected to pursue the contractual claim. The plaintiff could thereby recover for all the damage resultant from the defendant's breach, regardless of whether their own conduct had contributed to it. This has since been reversed in all states and territories.
Employers and employees may owe each other concurrent duties in tort and contract, and the apportionment legislation applies in actions between those parties. When the relationship between the parties is that of professional person and client, the apportionment legislation may be pleaded as a defence.
Other methods of dealing with contributory negligence in contract actions exist apart from the statutes. One way is through the application of the rules of causation and ascertaining which persons act caused the loss, but this is frequently a crude method, because instead of apportioning blame and financial responsibility, the result is usually that the plaintiff either recovers all of the loss or none me:
But in determining whether or not a defence of contributory negligence should succeed or fail it is not sufficient merely to pose the question whether the plaintiff's negligence contributed to the accident which caused his injuries… Expressions such as effective cause, direct cause, real cause, decisive cause and approximate cause, amongst others, have been seized upon, not for the purpose of excluding factors which might be thought to constitute causes in the widest philosophical sense, but for the purpose of placing the defendant's ultimate responsibility upon a practical common sense basis [12] .
Another method of dealing with these cases is through implied terms. The suggestion is that when there is a contractual obligation on the defendant to use care, the plaintiff also has an implied obligation to take care [13] .
I have included these references from texts dealing with the question of contributory negligence in so far it is apposite to defences to a claim in contract and it is clear that the availability of contributory negligence could only be relevant where there was a concurrent liability in tort which is clearly not applicable to the facts which are present in these proceedings. For that matter and with respect to the question of any implied term (which had been raised in the draft further amended defence which was sought to be filed over the objection of the plaintiff) is my view that that defence, were it allowed, would not have afforded the defendant any defence having regard to the terms of the contract about which the claim has been brought.
Thus, contributory negligence by a plaintiff is not a defence in an action for breach of contract. No concurrent duty by the plaintiff has been established in this matter. I will return to this aspect shortly.
[8]
Second Issue
The defendant propounds that it has discharged its obligations to the plaintiff even though it concedes that the plaintiff did not receive the money paid by the defendant and made its way to the fraudster. It contends that it did what it was directed to do by the plaintiff even though the author of the "rogue" or "bogus" emails was a fraudster because the fraudster used the plaintiff's email system and therefore, ipso facto, the loss arose as a consequence of the plaintiff's fault or neglect. The defendant contends that it is blameless and ought not to pay the amount due again.
Notwithstanding that two further amended defences were not allowed the defendant ran its case against the plaintiff on the basis that if the plaintiff had maintained a proper security system with respect to its computer system the loss would not have been incurred. The defendant claimed that the fraudster was able to steal the plaintiff's password possibly because of a weak password and then gain control over the plaintiff's computer system.
To the extent that evidence adduced by the defendant (rather than in the pleadings) sought to establish that the plaintiff was negligent, Mr Trebeck submitted, such evidence is not admissible as it went outside the pleadings. In the plaintiff's case summary, Mr Trebeck contended that, even if such evidence was admissible, it did not arise on the evidence either and highlighted the fact that nowhere in the evidence does the defendant specify the matters, facts, and circumstances upon which the defendant relies to give rise to a duty of care.
Additionally, the defendant, he submitted, did not identify the risk of harm required by s 5B nor the elements required by s 5C of the Civil Liability Act 2002 which relevantly provide:
5B General principles
(1) A person is not negligent in failing to take precautions against a risk of harm unless -
(a) the risk was foreseeable (that is, it is a risk of which the person knew or ought to have known), and
(b) the risk was not insignificant, and
(c) in the circumstances, a reasonable person in the person's position would have taken those precautions.
(2) In determining whether a reasonable person would have taken precautions against a risk of harm, the court is to consider the following (amongst other relevant things) -
(a) the probability that the harm would occur if care were not taken,
(b) the likely seriousness of the harm,
(c) the burden of taking precautions to avoid the risk of harm,
(d) the social utility of the activity that creates the risk of harm.
5C Other principles
In proceedings relating to liability for negligence -
(a) the burden of taking precautions to avoid a risk of harm includes the burden of taking precautions to avoid similar risks of harm for which the person may be responsible, and
(b) the fact that a risk of harm could have been avoided by doing something in a different way does not of itself give rise to or affect liability for the way in which the thing was done, and
(c) the subsequent taking of action that would (had the action been taken earlier) have avoided a risk of harm does not of itself give rise to or affect liability in respect of the risk and does not of itself constitute an admission of liability in connection with the risk.
I note the decision of the court in Woolworths Ltd v McQuillan [2017] NSWCA 202 which is authority for the proposition that in order to satisfy s 5B (1) the plaintiff only has to take reasonable measures - not perfect measures. Likewise, I am cognizant of the provisions of s 5R of that legislation.
The thrust of Mr McKeown's submissions focuses upon the fact that the fraudster was able to send bogus emails to the defendant by obtaining the plaintiff's password and proffered a number of ways this could have happened without identifying which of those ways it managed to do so. It is not for the court to speculate. It is for the defendant, if indeed contributory negligence is an issue, to establish to the civil standard that the plaintiff had failed in discharging its duty of care to the defendant which has not been raised or particularised in the pleadings.
I agree with Mr Trebeck's submissions that it is not for the plaintiff to prove that it was not negligent with respect to the manner of the email communications or indeed in the maintenance of its computer security. It would be for the defendant to prove (assuming negligence is available as a defence) that the plaintiff's negligence gave rise to the non-receipt of money otherwise due to it pursuant to the contract.
To the extent that the plaintiff has, in the defendant's submissions, failed to produce evidence about how the fraudster acquired the password to enable the transmission of emails to the defendant is beside the point. It is for the defendant to prove that the plaintiff failed in some way in its duty of care to the defendant. The defendant asks the court to draw inferences from the absence of this evidence when the onus is on the defendant to prove contributory negligence to the requisite standard. I accept that submission and am satisfied that in this regard, the defendant has failed to do so.
In any event, on an examination of the evidence, and assuming that contributory negligence is a live issue in these proceedings, the defendant did not notice or observe a number of discrepancies which ought to have alerted it to the likely intervention of an imposter, such as the change in the domain name, the absence of the MailGuard "Virus Free" stamp which ordinarily accompanied genuine emails from the plaintiff not to mention the poor grammar in some of those emails as well as the unusual frequency of a number of emails only minutes apart.
The plaintiff provided the defendant with its correct account details (all the while oblivious to the reference to the mule account in the bogus emails sent by the fraudster none of which were, quite mystifyingly, ever raised or queried by the defendant with the plaintiff) on more than one occasion. It was not advised or informed that the defendant had received emails [from the fraudster] directing payment into an account with Westpac.
The defendant retained an expert, Adam Daniel, to prepare a report for these proceedings (the Daniel's Report). In a report dated 12 April 2019 the author, in answer to a question put by the defendant's solicitors about whether the plaintiff could have prevented or detected that another party was using its email address, observed at [54]:
When an email account is compromised and used to obtain funds fraudulently, it is common for the malicious actor to constantly monitor the account and manipulate the email traffic to ensure the compromise is not identified until the funds can be obtained. Subsequently, depending on the competency of the malicious actor, it can be difficult to identify that an email account is being accessed without authorisation based on email traffic alone.
In the same report, the author when asked what security standards or practices should be employed to protect against fraudulent interference of email addresses by third parties, opined at [55]:
In regard to email, the most common and effective safeguard to prevent unauthorised access to an account is to use two factor authentication. Two factor authentication requires a user who is logging into an account to verify on a mobile device or security token that the access is legitimate and being made by them. Using two factor authentication means that the user is alerted on every access to their account, particularly those from unusual IP addresses, and needs to authorise that access.
Later in the Daniel's report the author observed at [59]-[60]:
I have not been provided with a copy of the computer system used by Mr McIsaac so [I] am unable to comment on the level of security that has been implemented on that system at the time the emails were sent beyond what is stated in Mr Towers report of 4 December 2018 and annexures of that report. I am also unable to comment on the level of competency of the users of the Mr McIsaac's computer system in identifying social engineering threats, nor am I able to comment on whether they operated their system prudently with regards to Internet browsing activity and identification of phishing attacks.
I note that none of the security measures discussed in Mr Towers' report would prevent the user's password from being compromised by a malicious fishing website or through other social engineering techniques.
With reference to the email display name ("deanmcisaac deanmcisaac vs Dean McIsaac") the Daniel's report observes at [62]:
I again noted that consistent display names are necessary for the delivery of email, and neither are inconsistent Display Names a specific indicator of a falsified email, as the Display Name may change if someone uses two different devices to access their email account.
The Daniel's report continued at [66]:
With reference to the fact that a person was using valid credentials to access and send emails from the "deanmcisaac@bigpond.com" email account from a Nigerian location, it is evident that the password for this account was known to persons other than the plaintiff. Email account credentials (usernames and passwords) are commonly compromised either by the reuse of the email account password on an insecure website or through direct phishing attacks perpetrated via emails to the email account owner. I note that none of the factors listed by Mr Towers to support his opinion that the plaintiff's operation of the computer was "prudent" would prevent loss of the email account credentials via these methods which exploit the imprudent operation of the computer by the user.
The expert retained by the plaintiff, Mr Clinton Towers, provided a lengthy report (the Towers Report) dated 19 February 2020 in which the author opines that:
a. email systems may have vulnerabilities which enable persons to send emails from email accounts without knowing the account passwords for those accounts;
b. computer systems may have configurations or vulnerabilities which enable the sender to access an email account used on the computer and send an email without entering or knowing the email account password;
c. in an open email system a user may be enabled to send an email from an email address without knowledge of the email account password and that depending on how sophisticated the system is it may be evident to varying degrees that the email has been spoofed.
The author of the Tower Report was unable to express an opinion as to the best method for the plaintiff to prevent unauthorised access. He was however able to opine that if Telstra provided effective two factor authentication it may have helped prevent access from an unrecognised computer if indeed that was how unauthorised access was perpetrated in this instance. Based on his enquiries, two factor authentication was not available to Telstra Bigpond users in September 2017.
With respect to attacks by third parties on an email system the author of the Towers Report offered an example which requires no user interaction such as an attempt to guess or 'brute force' the email account password. He continued at [62] -[64]:
So, an attacker may navigate to the Telstra Bigpond login page, and guess the email account password corresponding to a known email account. The attacker may utilise existing software which inputs different passwords one after another automatically or if they are sophisticated, they may write their own software to guess account passwords and/or account names.
Alternatively, an attacker may exploit some vulnerability in the email system, login, or password recovery process. (After citing examples, he continued) a simple example, for an unsophisticated system might be to imagine an email system which challenges users for credentials and on successfully validating those credentials directs authorised users to a web URL in the following format once and successfully logged in:
http://bigpond.telstra.com/[username]/inbox
in this instance an attacker may exploit this vulnerability in the system by directly entering in the address bar
'http://bigpond.telstra.com/deanmcisaac/inbox',
without entering any passwords and be granted access to the account without a valid password.
The evidence from both Dean and Vanessa revealed that the computer user account password and email account password were limited to business owners and not divulged. On that basis the author of the Towers Report opines that social engineering attacks were not responsible because they require the divulging of confidential information such as email account passwords and the plaintiff strenuously maintained that email account passwords were restricted to the business employees, Dean and Vanessa, and would not have been divulged.
The evidence adduced by Dean and Vanessa disclosed that they had recently purchased the computer from their computer supplier and at the same time purchased an antivirus software program which, so far as they were aware, was updated monthly. It was their evidence that no one, apart from themselves, had access to and operated the computer.
Both witnesses remained steadfast in their evidence despite rigorous cross examination. In Ashby v Slipper [14] the observations of the court in Precision Plastics Pty Limited v Demir [15] were noted with approval:
….that is, as a general proposition, evidence, which is not inherently incredible and which is unchallenged, ought to be accepted… The evidence may of course be rejected if it is contradicted by facts otherwise established by the evidence or the particular circumstances point to its rejection.
In my view the experts' reports take the matter no further and there is nothing contained within either of the reports which identifies any duty owed by the plaintiff to the defendant and, if such a duty was established, what act or omission on the part of the plaintiff gave rise to a breach of that duty such as to cause the loss about which of these proceedings were instituted.
In so far as the question of negligence is concerned and to the extent that it is an issue at all having regard to Astley (supra),the fact that it is not pleaded in the amended defence (indeed the 4th further amended defence, if filed, pleaded breach of an implied term of the contract) or otherwise by inference from the defence, I am not satisfied that the defendant has discharged the onus placed upon it to establish a duty of care on the part of the plaintiff and if it had been established that it failed to discharge its duty such as to lead to the causation of the loss. In Ho v Powell [16] the court concluded that it is important to have regard to the ability of the parties, particularly parties bearing the onus of proof, to lead evidence on a particular matter and the extent to which they have in fact done so. Lord Mansfield observed in Blatch v Archer [17] :
All evidence is to be weighed according to the proof which it was in the power of one side to have produced, and in the power of the other to have contradicted.
As I observed earlier in this judgment, there is a dearth of authority on this particular area involving cybercrime. There are a number of decisions within American jurisprudence bearing on claims made against insurers by victims of cybercrime. Two Canadian decisions, where the facts bear some similarity to the factual matrix in these proceedings, were cited by Mr McKeown in his written submissions. Both decisions originate from the province of Ontario.
The first authority in point of time was Du v Jameson Bank [18] a decision of the Superior Court of Justice in Ontario in 2017. This was a case in which the plaintiff, Du, a customer held a foreign currency account with the defendant bank. It was an express term of their account agreement that the defendant was authorised to rely upon electronic communications from or purporting to be from the plaintiff and which the defendant believed in good faith to be genuine. Du had provided the bank with an authorised email address for the purpose of their email communications. Du contracted to purchase real estate and was communicating with the defendant by email to arrange for the transfer of funds from Du's account to complete the transaction. (emphasis added)
In the course of the email exchanges a swindler (later discovered to be operating from Singapore) assumed control of Du's email account and sent two emails to the defendant providing instructions to transfer funds to the swindler's account. The defendant duly obliged, and the funds did not arrive into the account of the intended recipient. The funds were unable to be recovered. Du sued his bank alleging breach of contract and negligence on the part of the bank.
In arriving at a decision in favour of the defendant, the court found that, having regard to the express terms of the account agreement, the bank was not obliged to query any transaction nor question any instructions it received from its customer, in this case, Du. The defendant was acting in accordance with its agreement with Du and was entitled to rely upon the exclusion clause contained within the contract between them which operated as a bar to the claim made by Du. Clearly, in that scenario negligence was available as a defence to a claim in contract. That is not the case in the present matter. That decision can also be distinguished from the present matter having regard to the express terms contained within their agreement.
In the second decision of St. Lawrence Testing & Inspection Co. Ltd. v Lanark Leeds and Schokking (supra), another decision of the Superior Court of Ontario, determined some two years after Du, the plaintiff pursued a claim for payment for services which were not paid. The matter was ultimately resolved in terms encapsulated within 'Terms of Settlement' filed with the court which made express provision for the payment of money in settlement of the claim to a specified bank account.
Shortly after the Terms were executed and before the funds were paid, an unscrupulous rogue interposed sending revised instructions with the result that the defendant remitted the funds into a rogue account which bore no semblance at all to the account of the plaintiff's solicitor, the intended recipient to where they were properly destined. The funds were lost.
The plaintiff brought a claim on the basis that the terms of the agreement were not satisfied by virtue of the fact that the settlement funds were not paid in accordance with the agreement embodied in the settlement terms. The defendant's counsel (similarly to Mr McKeown in this matter) queried how "in this world" the defendant could be expected to question email instructions that arrived in an email from the plaintiff's email account.
After carefully considering the email exchanges leading up to and after the funds were transferred to the rogue account, the court noted the conclusions expressed by the administrator, through which the plaintiff accessed the Microsoft subscription services, as follows:
1. a malicious user managed to gain access to the plaintiff's Microsoft credentials. This may have been the result of a phishing attack or by a matter of 'brute strength'. The password is in question was considered strong …"
2. After logging in to the plaintiff's Microsoft portable, they (the malicious user) would have had access to all email information which would enable that user to obtain a copy of the style and format of the day-to-day communications.
The trial judge determined that there was no evidence to suggest that the plaintiff's email Security failed to meet the standard to be reasonably expected of a law firm user.
In a submission (not dissimilar to an assertion made by the defendant in these proceedings after receipt of the deposit slip from CBA) that if the plaintiffs had acted sooner the fraud might have been avoided, the court considered that the plaintiff had acted promptly and appropriately in all of the circumstances. Indeed, having no knowledge that the email account had been hacked the plaintiff had no way of knowing that her emails were not reaching the defendant until a date when she called by phone.
The court also found no evidence to support a submission from the defendant that the plaintiff could have easily monitored their email/IT system and prevented the hacking of their email account.
The factual matrix in that decision is not entirely dissimilar to the present matter. The court in that matter found in favour of the plaintiff having been satisfied that there was no contract between the parties which would allow the defendant in that case to rely on fraudulent payment instructions emanating from [the plaintiff's] email server and that there was no evidence to support a finding of negligence on the part of [the plaintiff] with respect to its computer/email security system.
The court having reviewed legal commentary on computer fraud opined at [60] that:
"…this is clearly an area that would benefit from legislation to establish clear principles and guidelines for the allocation of liability in the event of computer fraud, which are increasing in number".
He also observed that commentary with respect to the Uniform Commercial Code provisions dealing with wire transfer fraud and which applies in the United States suggests that:
"…in most cases and in the absence of evidence of negligence or malfeasance by the [party entitled to the funds], it is the "originator" of the transfer who is in fact dealing with the fraudster (albeit unknowingly) and is therefore in the best position to recognise potential indicia of fraud (i.e., such as changed your unusual payment instructions)" [19] .
Each of the decisions cited above can be distinguished from the position in this State for the reasons which have already been articulated with respect to negligence as a defence to a claim in contract. However, were contributory negligence available in this situation, I am satisfied, on all of the evidence which I do accept, and having regard to the authorities which must inform my decision, that the fraud was perpetrated by the fraudster upon the innocent and hapless defendant (without the plaintiff's knowledge or consent) in circumstances where the defendant (which bears the onus) has been unable to establish anything other than that the plaintiff took no more than the usual precautions with respect to its computer system security.
[9]
Third Issue
The matter however does not the end there. The defendant, in written submissions tendered to the court at the close of the defence case, raised the question of 'public policy' and 'fairness' in support of a verdict for the defendant which, as I apprehend from earlier remarks made by Mr McKeown at the start of these proceedings and indeed in later remarks when the matter was before the court at Cowra, in addition to the question of negligence (although not pleaded) was at the forefront of the defendant's mind in preparing its defence. Indeed, as I apprehend from the conduct of these proceedings from their inception, the defendant has primarily relied on this issue even though it has not been specifically pleaded - i.e., that it would be unconscionable for the defendant to pay twice for a fault that lay with the plaintiff.
My attention was directed to certain remarks made by the court [20] in Cattanach v Melchior [21] citing the observations of Pollock LCB in Egerton v Brownlow [22] as support for the submission that the defendant should not be denied the general argument of public interest in the event its prima facie defence of compliance with the plaintiff's direction or ostensible direction and payment is not found.
Mr McKeown submitted that "the benefit of denying the plaintiffs claim because of the public interest" is to ensure entities maintain security over their computer systems and would act as a deterrent so as to ensure they do so and are responsible for computer frauds emanating from their system. Public policy, he advanced, supports a finding for the defendant should the court find that there was no payment by the defendant to the plaintiff. One view might suggest that this approach is somewhat counterintuitive having regard to the considerable effort expended by many governments, consumer protection agencies and financial institutions to alert the public to be assiduously alert and attuned (in the context of scam communications) to the unrelenting efforts of unscrupulous rogues and thieves constantly seeking more devious and creative ways to part people and institutions from their hard-won money.
As the learned author of Contract - General Principles (supra) observed [23] :
The common law principles governing the denial of relief on public policy grounds were formulated by the English courts in the second half of the 18th century. The approach that developed was summarised by Lord Mansfield in Holman v Johnson (1775) 1 Cowp 341; 98 ER 1120
No court will send its aid to a man who founds his cause of action upon an immoral or illegal act. If, from the plaintiff's own stating or otherwise, the cause of action appears to arise ex turpi causa [from a base cause], or the transgression of a positive law of this country, there the court says he has no right to be assisted.
The learned author proceeds to discuss the range of objectionable conduct, observing that public policy has no fixed definition. He then observes [24] :
Returning to the general question of how public policy is to be defined, behaviour may be considered to be contrary to public policy if it involves conduct that is:
(1) unlawful in itself
(2) injurious to good government
(3) injurious to foreign relations injurious to the proper working of justice
(4) an attempt to oust the jurisdiction of the courts
(5) inconsistent with prevailing sexual mores.
In my view and with unfeigned respect for Mr McKeown, this submission can be dealt with quickly. It does not in my judgement come to the aid of the defendant as a vehicle to resist the plaintiff's claim. It should be rejected. The authority to which Mr McKeown cited and to which the defendant relies on related to a claim in negligence in which the appellants were found to have been negligent and the expense incurred by the respondents would not to have been incurred if the first appellant had not given negligent professional advice.
The defendant considers that it would be unfair to pay the plaintiff's account twice and that as a matter of public policy this court should afford relief by way of a verdict in its favour. It is no doubt a victim of fraud. Whilst the temptation to "make new law" as Mr McKeown considered the court would be doing when the time came to judge the respective merits of the competing claims on the issue of cybercrime might be irresistible, I am satisfied, having regard to the authorities that must inform my decision, considered objectively, that as between the position of the respective parties to this litigation, the notional concepts of fairness and public policy do not derogate from the difficulties which confront the defendant in resisting the plaintiff's claim.
[10]
Determination
In all of the circumstances I am satisfied to the required standard, i.e., on the balance of probabilities, that:
1. The defendant has not discharged its obligation to pay the plaintiff pursuant to the contract notwithstanding that the contract price was paid into the account, accessed by a fraudster, and not associated with the plaintiff from an email authored by that fraudster;
2. That contributory negligence does not arise on the pleadings to assist the defendant or to afford it any kind of defence to the claim and that if it did, the defendant has not established to the civil standard the plaintiff was the cause of the loss of funds or was otherwise at fault.
3. That the concept of public policy or principles of fairness does not arise for consideration so as to afford relief to the defendant.
Accordingly, there is a verdict for the plaintiff.
I will hear the parties as to costs.
Magistrate M O'Brien
Wollongong Local Court
[11]
Endnotes
Uniform Civil Procedure Rules 2005 (NSW) r 14.14(1)
(1990) 169 CLR 279 at 286
Text message from Trevor to Dean at 10.25am on 4 September 2017 - affidavit of Dean sworn 4/3/2018 at page 74
St. Lawrence Testing & Inspection Co. Ltd. v Lanark Leeds Distribution Ltd 2019 CanLII 69697 (ON SCSM) at [20] per Deputy Judge Kelford
Fowler v Midland Electric Corporation [1917] 1 Ch 656 per Warrington LJ at 661
Altamara Ltd v Camp (1980) 5 ACLR 513 per McLelland J at 518
Or perhaps more correctly 'enabled'
the first amended defence was allowed on the first day of the hearing at Young. The second further amended defence was filed on line without consent or leave of the court and the final further amended defence was not allowed following lengthy argument
Astley & Ors V. Austrust Limited (1999) 197 CLR 1
At [1A.Div8.020]
At [7.9.680].
Fitzgerald v Penn (1954) 91 CLR 268, Taylor J at 284 - 285. See Alford v McGee (1952) 85 CLR 437, at 451
Harper v Ashton's Circus Pty Ltd [1972] NSWLR 395 (CA), Hope JA at 404 - 405
(2014) 219 FCR 322 as per Mansfield and Gilmour JJ at [77]
(1975) 132 CLR 362 per Gibbs J at 370
51 NSWLR 572; [2001] NSWCA 168
(1774) 1 Cowp. 63 at [55]
2017 ONSC 2422
Jamestown v Pillbury Co 801 F 2d 1036 (8th Cir.1986)
Hayne, Callanan, McHugh and Gummow JJ
(2003) 215 CLR 1
(1853) 4 HL Cas 1; 10 ER 359
At [7.2.850]
At [7.2.860]
DISCLAIMER - Every effort has been made to comply with suppression orders or statutory provisions prohibiting publication that may apply to this judgment or decision. The onus remains on any person using material in the judgment or decision to ensure that the intended use of that material does not breach any such order or provision. Further enquiries may be directed to the Registry of the Court or Tribunal in which it was generated.
Decision last updated: 30 August 2022
Parties
Applicant/Plaintiff:
DC & VJ McIsaac Building Pty Limited
Respondent/Defendant:
Trevor J Callaway Pty Limited
Legislation Cited (6)
Villa Dominic, Annotated Civil Liability Act 2002(NSW)