data protection


ALBA Conference 2019: A Review

7 October 2019 by

This post is the first in a series of five reports by Conor Monighan from this year’s conference held by the Administrative Law Bar Association. We will be publishing the next four posts over the next month every Monday.

This year’s ALBA conference featured an impressive list of speakers. There were talks from a Supreme Court judge, a former Lord Chancellor, top silks, and some of the best academics working in public law.

alba

The conference covered a number of practical and substantive topics. The highpoint was an address given by Lord Sumption, in which he responded to criticism of his Reith Lectures. This post, together with those that follow, summarises the key points from the conference.


Continue reading →

Browser Generated Information: “loss of control” entitles search engine users to compensation

4 October 2019 by

Richard Lloyd v. Google LLC [2019] EWCA Civ 1599

The Court of Appeal has ruled that a claimant can recover damages for loss of control of their data under section 13 of Data Protection Act 1998 without proving pecuniary loss or distress. The first instance judge, Warby J, had dismissed Mr Lloyd’s application for permission to serve Google outside the jurisdiction in the USA, so preventing the claim getting under way.

The following paragraphs are based on the Court of Appeal’s own summary of the judgment.

The central question was whether the claimant, Mr Richard Lloyd, who is a champion of consumer protection, should be permitted to bring a representative action against Google LLC, the defendant, a corporation based in Delaware in the USA. Mr Lloyd made the claim on behalf of a class of more than 4 million Apple iPhone users. He alleged that Google secretly tracked some of their internet activity, for commercial purposes, between 9th August 2011 and 15th February 2012.


Continue reading →

This week’s round up – Williamson fired over Huawei and the courts return after Easter

7 May 2019 by

1576.jpg

Former Secretary of State for Defence Gavin Williamson. Credit: The Guardian.

Despite the return of the courts on Monday, it was another relatively light week in terms of decisions in the fields of public law and human rights. However, the High Court decided a number of interesting clinical negligence cases, whilst the Court of Appeal gave judgement in the case of TM (Kenya), R (On the Application Of) v Secretary of State for the Home Department [2019] EWCA Civ 784.

TM (Kenya) concerned a 40 year old Kenyan woman who faced deportation after her applications for leave to remain and asylum were rejected by the Home Office. She had been detained at Yarl’s Wood Immigration Removal Centre in advance of proceedings to remove her from the country, during which time she had been uncooperative with staff. In light of her behaviour and in advance of her removal to Kenya, she was removed from free association with other detainees. Such detention was authorised by the Home Office Immigration Enforcement Manager at Yarl’s Wood, who was also the appointed “contract monitor” at the centre for the purposes of section 49 of the Immigration and Asylum Act 1999.

She sought judicial review of the decision to deprive her of free association. The initial application was refused. She appealed to the Court of Appeal where she advanced three grounds, including that her detention was not properly authorised.

The court found no conflict in the dual positions held by the manager at Yarl’s Wood. The Home Secretary had legitimately authorised her detention under the principles described in Carltona Limited v Commissioners of Works [1943] 2 All ER 560. In addition, there was no obligation to develop a formal policy concerning removal from free association, as Rule 40 of the Detention Centre Rules 2001 was sufficiently clear to meet the needs of transparency.
Continue reading →

$8 billion lawsuits started on GDPR day

31 May 2018 by

You would have to be a monk or, at any rate, in an entirely internet-free zone, not to have had your recent days troubled by endless GDPR traffic. The tiniest charity holding your name and email address up to the data behemoths have asked, in different ways, for your consent for them to hold your personal data. You may have observed the frankness and simplicity of the former’s requests and the weaseliness of the latter’s, who try to make it rather difficult for you to say no, indeed to understand what precisely they are asking you to do.

Just in case you have not looked at it, here is the Regulation. It is actually a good deal easier to understand than a lot of the summaries of it.

This lack of transparency in these consent forms/privacy statements had not gone unnoticed by one of Europe’s more indefatigable privacy sleuths. Max Schrems, an Austrian lawyer, who, at 30 years of age, has already been to the EU top court twice (see here and here), moved fast. By the end of GDPR day last Friday, 25 May, he sued global platforms with multibillion-euro complaints. 3 complaints said to be valued at €3.9 billion were filed in the early hours against Facebook and two subsidiaries, WhatsApp, and Instagram, via data regulators in Austria, Belgium and Germany. Another complaint valued at €3.7 billion was lodged with France’s CNIL in the case of Google’s Android operating system.

Continue reading →

Can you draw a line between this case and Anisminic?

25 November 2017 by

Privacy International v. Investigatory Powers Tribunal [2017] EWHC EWCA Civ 1868, Court of Appeal, 23 November 2017

Introduction

As all lawyers know, the great case about courts confronting a no-go area for them is the late 1960’s case of Anisminic.

A statutory Commission was given the job of deciding whether compensation should be awarded for property sequestrated, in the particular case as a result of the 1956 Suez crisis. The Act empowering it said that the

determination by the Commission of any application made to them under this Act shall not be called in question in any court of law.

The House of Lords, blasting aside arcane distinctions, said that this provision was not enough to oust judicial review for error of law.

Fast forward 50 years, and another Act which says

determinations, awards, orders and other decisions of the Tribunal (including decisions as to whether they have jurisdiction) shall not be subject to appeal or be liable to be questioned in any court.

The Court of Appeal has just decided that, unlike Anisminic, this Act does exclude any judicial review.

Why?

Continue reading →

The right to put your past behind you: Court of Appeal Art.8 ruling

4 May 2017 by

R (o.t.a P & others) v. Secretary of State for Home Department & others [2017] EWCA Civ 321, Court of Appeal, 3 May 2017 – read judgment 

The Court of Appeal has upheld challenges to the system of the police retaining information about past misconduct. It held that the system, even after a re-boot in 2013 in response to an earlier successful challenge, remains non-compliant with Article 8

The  problem is well summarised by Leveson P in the first paragraph of the judgment, namely the interface between a system of rehabilitation of offenders and the minimisation of risk to the public caused by the employment of those with misconduct in their pasts.

Continue reading →

A cyber scene of crime – in everybody’s home

1 November 2016 by

cybercrime-100534917-primary-idgeThis blog has covered a number of claims for damages arising out of the misuse of private information. The Mirror Group phone hacking case is one example (see my post here and the appeal decision here), and the fall-out from the hapless Home Office official who put private information about asylum-seekers on the Internet, being another – (Gideon Barth’s post on TLT here). See also below for related posts.

But this post is to give a bit of context, via the wider and scarier cyber crime which is going on all around us. It threatens the livelihoods of individuals and businesses the globe over – and has given and will undoubtedly give rise to complex spin-off litigation.

So let’s just start with the other week. On 21 October 2016, it seems nearly half the Internet was hit by a massive DDoS attack affecting a company, Dyn, which provides internet services infrastructure for a host of  websites. Twitter, Reddit, Netflix, WIRED, Spotify and the New York Times were affected. DDoS, for cyber virgins, is Distributed Denial of Service, i.e. an overloading of servers via a flood of malicious requests, in this case from tens of millions of IP addresses. No firm culprits so far, but a botnet called Mirai seems to be in the frame. It is thought that non-secure items like cars, fridges and cameras connected to the Internet (the Internet of Things) may be the conscripted foot soldiers in such attacks.

And now to the sorts of cases which have hit the headlines in this country to date.

Continue reading →

Suing Facebook is no easy matter

9 November 2015 by

facebook_logoRichardson v Facebook [2015] EWHC 3154 (2 November 2015) – read judgment

An action in defamation and under the right to privacy against Facebook has been dismissed in the High Court. The Facebook entity named as defendant did not “control” the publication so as to allow liability; and even if it did, no claim under the Human Rights Act could lie against FB as it could not be described as any sort of a public authority for the purposes of Section 6 of the Act.

The claimant, acting as a litigant in person, sought damages in respect of the publication in 2013 and 2014 of a Facebook profile and a posting on the Google Blogger service. The Profile and the Blogpost each purported to have been created by the claimant, but she complained that each was a fake, created by an impostor. She claimed that each was defamatory of her, and infringed her right to respect for her private life under Article 8 of the European Convention on Human Rights (ECHR).
Continue reading →

IPT rules on interception of Parliamentarians’ communications

19 October 2015 by

Photo credit: Guardian

Photo credit: Guardian

Emma-Louise Fenelon is a Pupil Barrister at 1 Crown Office Row

‘Eavesdropping, sir? I don’t follow you, begging your pardon. There ain’t no eaves at Bag End, and that’s a fact.’ (J.R.R Tolkein)

Introduction

If parliamentarians are seen to be taking a more forensic interest in matters of surveillance in the coming weeks and months, the reason is unlikely to be purely down to the publication of the greatly anticipated surveillance legislation. Last week’s Investigatory Powers Tribunal judgment has sent ripples of discontent through both Houses of Parliament, evidenced in immediate calls for an emergency debate on the subject (scheduled to take place in the House of Commons later today).

Continue reading →

Divisional Court strikes down DRIPA communications data law

19 July 2015 by

David-Davis-Tom-Watson-HOCR (ota Davis et al) v. Secretary of State for Home Department [2015] EWHC 2092 – 17 July 2015 read judgment

When a domestic Act of Parliament is in conflict with EU law, EU law wins. And when a bit of the EU Charter (given effect by the Lisbon Treaty) conflicts with an EU Directive, the EU Charter wins.

Which is why the Divisional Court found itself quashing an Act of Parliament on Friday – at the behest of four claimants, including two MPs, the Tories’ David Davis and Labour’s Tom Watson. 

The doomed Act is the Data Retention and Investigatory Powers Act 2014 or DRIPA. It was in conformity with an underlying EU Directive (the Data Retention Directive 2006/24/EC or DRD – here). However, and prior to DRIPA, the DRD had been invalidated by the EU Court (in the Digital Rights Ireland case here)  because it was in breach of the EU Charter.

All this concerns communications data, which tell us who was sending an email, to whom, from where, and when – but not the content of the email. DRIPA in effect compels telecoms providers to keep communications data for 12 months, and to make it available to public bodies such as intelligence and law enforcement agencies.

Continue reading →

Phone hacking: massive privacy damages

22 May 2015 by

_83144843_hackingcompGulati v. MGN Ltd [2015] EWHC 1482 (Ch), Mann J – judgment here

For some years in the early and mid 2000s, a routine form of news-gathering in the Mirror Group was phone hacking – listening to voicemails left for celebrities by their friends, and then dishing up revelations in their papers.  And this judgment amounts to a comprehensive pay-back time for the years of distress and upset sustained by those celebrities, as the ins and outs of their private lives were played out for the Mirror Group’s profit. The damages awarded well exceeded those previously payable, as justified in the tour de force of a judgment by Mann J. 

Warning – the judgment, compelling though it is, runs to 712 paragraphs. It concerns the assessment of damages in eight cases. The Mirror Group belatedly admitted liability and apologised, not before denying any wrongdoing to the Leveson inquiry. Other claims rest in the wings pending this trial. But with awards between £72,500 and £260,250, the bar has been set high by Mann J.

The claimants (with one exception) were the classic subjects of tabloid columns, namely EastEnders and Corrie stars (or those unfortunate to be married to them), the sometime air hostess girlfriend of Rio Ferdinand, Jude Law’s former wife, Sadie Frost, and, inevitably, Gazza. Seven sued because the hacking led to repeated articles about them. The eighth, Alan Yentob, Creative Director of the BBC, was hacked because of the information derived from the famous people who had left voicemails for him.

Continue reading →

Google’s misuse of private browsing data entitles individuals to damages – Court of Appeal

31 March 2015 by

google-sign-9Google Inc v Vidal-Hall and others [2015] EWCA Civ 311 (27 March 2015) – read judgment

This case concerned the misuse of private information by an internet provider based in the United States. Google had secretly tracked private information about users’  internet browsing without their knowledge or consent, and then handed the information on to third parties (a practice known as supplying Browser-Generated Information, or ‘BGI’).

The issue before the Court of Appeal was twofold:

  1. Was the cause of action for misuse of private information a tort, specifically for the purposes of the rules providing for service of proceedings out of the jurisdiction?
  2. What was the meaning of ‘damage’ in section 13 of the Data Protection Act 1998 (the DPA) and in particular, did it give rise to a claim for compensation without pecuniary loss?

Continue reading →

The Tale of the Black Spider: The Supreme Court speaks

27 March 2015 by

Photo credit: The Guardian

Matthew Flinn

And so, the long legal saga of the Black Spider Letters finally comes to a close.

I last blogged about this case back in October 2012. At that time, the Attorney General had ignited controversy by invoking a little-known power under section 53 of the Freedom of Information Act 2000 (FOIA).

Under that provision, he issued a certificate which effectively vetoed a decision of the Upper Tribunal that a number of items of correspondence sent by Prince Charles to seven Government Departments (characterised as “advocacy correspondence” as opposed to personal letters) had to be disclosed to Mr Rob Evans of the Guardian newspaper.

Continue reading →

Public protest, private rights

6 March 2015 by

imgres

John Catt. Photo credit: The Guardian

R (Catt) and R (T) v Commissioner of Police of the Metropolis [2015] UKSC 9

A majority of the Supreme Court has held that the retention by police of information on the Domestic Extremism Database about a 91 year-old activist’s presence at political protests was (1) in accordance with the law and (2) a proportionate interference with his right to a private life under Article 8(1) of the ECHR.

However, Lord Toulson’s dissent noted that the information was retained for many years after Mr Catt had attended these mainstream political events, and the police had concluded that he was not known to have acted violently. Accordingly, he thought its retention was unnecessary and disproportionate.

Continue reading →

Welcome to the UKHRB


This blog is run by 1 Crown Office Row barristers' chambers. Subscribe for free updates here. The blog's editorial team is:
Commissioning Editor: Jonathan Metzer
Editorial Team: Rosalind English
Angus McCullough QC David Hart QC
Martin Downs
Jim Duffy

Free email updates


Enter your email address to subscribe to this blog for free and receive weekly notifications of new posts by email.

Subscribe

Categories


Tags


Aarhus Abortion Abu Qatada Abuse Access to justice adoption AI air pollution air travel ALBA Allergy Al Qaeda Amnesty International animal rights Animals anonymity Article 1 Protocol 1 Article 2 article 3 Article 4 article 5 Article 6 Article 8 Article 9 article 10 Article 11 article 13 Article 14 article 263 TFEU Artificial Intelligence Asbestos Assange assisted suicide asylum asylum seekers Australia autism badgers benefits Bill of Rights biotechnology blogging Bloody Sunday brexit Bribery British Waterways Board Catholic Church Catholicism Chagos Islanders Charter of Fundamental Rights child protection Children children's rights China christianity citizenship civil liberties campaigners civil partnerships climate change clinical negligence closed material procedure Coercion Commission on a Bill of Rights common law communications competition confidentiality consent conservation constitution contact order contact tracing contempt of court Control orders Copyright coronavirus costs costs budgets Court of Protection crime criminal law Cybersecurity Damages data protection death penalty defamation DEFRA deportation deprivation of liberty derogations Detention Dignitas diplomacy disability disclosure Discrimination disease divorce DNA domestic violence duty of care ECHR ECtHR Education election Employment Environment Equality Act Equality Act 2010 Ethiopia EU EU Charter of Fundamental Rights EU costs EU law European Convention on Human Rights European Court of Human Rights European Court of Justice evidence extradition extraordinary rendition Facebook Family Fatal Accidents Fertility FGM Finance foreign criminals foreign office foreign policy France freedom of assembly Freedom of Expression freedom of information freedom of speech Gay marriage gay rights Gaza Gender genetics Germany Google Grenfell Gun Control Health HIV home office Housing HRLA human rights Human Rights Act human rights news Human Rights Watch Huntington's Disease immigration India Indonesia injunction Inquests insurance international law internet inuit Iran Iraq Ireland islam Israel Italy IVF ivory ban Japan joint enterprise judaism judicial review Judicial Review reform Julian Assange jury trial JUSTICE Justice and Security Bill Law Pod UK legal aid legal aid cuts Leveson Inquiry lgbtq liability Libel Liberty Libya lisbon treaty Lithuania local authorities marriage Media and Censorship mental capacity Mental Capacity Act Mental Health military Ministry of Justice modern slavery morocco murder music Muslim nationality national security naturism neuroscience NHS Northern Ireland nuclear challenges Obituary parental rights parliamentary expenses scandal patents Pensions Personal Injury physician assisted death Piracy Plagiarism planning planning system Poland Police Politics Pope press prison Prisoners prisoner votes Prisons privacy Professional Discipline Property proportionality Protection of Freedoms Bill Protest Public/Private public access public authorities public inquiries quarantine Radicalisation rehabilitation Reith Lectures Religion RightsInfo right to die right to family life Right to Privacy right to swim riots Roma Romania Round Up Royals Russia saudi arabia Scotland secrecy secret justice Secret trials sexual offence Sikhism Smoking social media social workers South Africa Spain special advocates Sports Standing starvation statelessness stem cells stop and search Strasbourg super injunctions Supreme Court Supreme Court of Canada surrogacy surveillance Syria Tax technology Terrorism tort Torture travel treason treaty accession trial by jury TTIP Turkey Twitter UK Ukraine universal jurisdiction unlawful detention USA US Supreme Court vicarious liability Wales War Crimes Wars Welfare Western Sahara Whistleblowing Wikileaks wildlife wind farms WomenInLaw Worboys wrongful birth YearInReview Zimbabwe

Disclaimer


This blog is maintained for information purposes only. It is not intended to be a source of legal advice and must not be relied upon as such. Blog posts reflect the views and opinions of their individual authors, not of chambers as a whole.

Our privacy policy can be found on our ‘subscribe’ page or by clicking here.

%d bloggers like this: