In a seven-page ruling released Thursday, the commissioner's office detailed how the unnamed woman attended a speed-dating event organized by FastLife International in December 2010.
The dating service brings as many as a dozen romantic hopefuls together briefly. They are each asked afterwards whether anyone caught their interest. If two people pick each other, contact details are shared through the company.
The privacy commissioner's report says the woman didn't pick anyone after the event she attended. But a few days later, two emails appeared in her inbox from a man who was there. The man said he had obtained her email from FastLife, so the woman complained to the commissioner. An investigation began in December 2011.
Adjudicator Keri Ridley ruled the lapse was due to human error. The man was not originally registered to participate and when his details were later entered into the company's system, he was mistakenly matched with the woman.
"Based on this explanation and on the information before me, the organization did make reasonable security arrangements," Ridley wrote. "I do not have evidence that this is a widespread problem. It is not reasonable to expect an organization to be able to protect against all human error."
Ridley did, however, order FastLife to make sure employees are more aware of privacy laws.
"The organization is to ensure that it does not disclose personal information that it is not authorized to disclose by ensuring that its employees are made aware of the organization’s obligations under the act," her order reads.
FastLife spokesman Justin Parfitt said that has already happened. The company is circulating copies of the Alberta case to ensure workers understand how serious it is when a mistake like this is made.
Changes have also been made to the company's computer programs to make sure information is entered as intended and mistakes are caught before they happened, Parfitt said.
"As soon as we found out what had happened, we implemented a whole new range of procedures, including training processes and manuals and so on," he said. "Nothing has gone wrong since we implemented the new processes, so we are pretty happy with that. Everything is going pretty well."
FastLife bills itself on its website as the world's largest speed-dating service with 200-plus events each month. Parfitt said there are two or three other examples in the company's 10-year history of email addresses being disclosed, but none of the others has ever resulted in a formal complaint to a public office.
"All FastLife hosts are under instructions to double-check all match data before completing the data entry process and are aware that entering match data incorrectly is cause for instant dismissal. However, very rarely, it is possible that a mistake is made when entering match data," the policy reads.
"It is therefore a condition of attending a FastLife event that you agree to hold FastLife harmless in the unlikely event that your contact information is passed to a person you did not select at an event."
Parfitt says that was added after the Alberta case came to light, just to be clear.
"At the end of the day, it's an email. That's the extent of it. There are no last names involved," he said. "Even if an email is exchanged the downside is pretty minimal, but the point more is that it is a question of trust. If they come to one of our events they really expect us to manage the process appropriately and interpret their wishes correctly and I completely understand that."
Diane McLeod-McKay, director of Alberta's Personal Information Protection Act, said people need to read privacy policies and make sure they understand how companies use their information.
"A single email address may not be that serious, but it could be depending on the circumstances," she said. "My email address, for example, if it was given to somebody that I didn't want to have my email address, I might think that is a problem."
Parfitt says the Alberta woman who complained was refunded the fee she paid to attend the event.
Also on HuffPost