Brexit and Data Protection: Update

November 15th, 2018 by Christopher Knight

Panopticon has generally avoided venturing too far into Brexit-related updates: there has invariably been very little by way of actual facts to comment on (not that that has stopped people). But 14 November 2018 does mark something of a landmark, even if by the time you read this it may well all have collapsed like a particularly badly made soufflé. By the time you watch the repeat on Dave it may look like a legal history article. Here goes nothing… Read more »


Vicarious liability for data breaches: Court of Appeal dismisses Morrisons’ challenge

October 22nd, 2018 by Robin Hopkins

Large-scale civil litigation is one of the developing contours of data protection law. Last week’s judgment in Lloyd v Google – a novel representative action based on allegedly unlawful processing activities – is one illustration. When it comes to group litigation on the back of a data breach, our best illustration thus far is the groundbreaking group action against Morrisons. Read more »


Inconsequential data protection breaches: High Court blocks big-money action against Google

October 8th, 2018 by Robin Hopkins

Popular impressions of data protection range from the tedious (“the GDPR forces me to get consent for everything”) to the apocalyptic (“if you breach the GDPR, you will automatically get multi-million pound fine”, etc.). A common apocalyptic theme is that contraventions affecting large numbers of individuals may well trigger financially ruinous group litigation. They might. But this morning’s judgment of Warby J in Lloyd v Google [2018] EWHC 2599 (QB) is an important corrective to apocalyptic thinking. Read more »


The Court of Human Rights Remembers the Right to be Forgotten

August 24th, 2018 by Christopher Knight

Everyone is weighing in on the right to be forgotten these days and now, not to miss a turn on the rights bandwagon when its Luxembourg rival has got in ahead of it, the European Court of Human Rights has had a go too in ML & WW v Germany (App. No. 60798/10 and 65599/10) (judgment of 28 June 2018). Read more »


The Metaphysics of Information Separation

August 10th, 2018 by Christopher Knight

For some people, August suggests that there is more to life than blogging about how to approach cases in which requested information is environmental and some is not. At Panopticon we regard such fly-by-night lightweight losers as simply wrong. We know you agree (or at least you will, when you get back from holiday and see this). Read more »


DPA Claims Against the Press: The Stunt Continues

August 6th, 2018 by Christopher Knight

Stunt v Associated Newspapers Ltd [2018] EWCA Civ 1780 is a dispute between the Daily Mail, Mail on Sunday and Mail Online, and the eye-wateringly rich former son-in-law of Berne Ecclestone about coverage of the latter by the former. Simply googling the claimant’s name and seeing the Mail Online headines gives some idea of why he might find that coverage less than flattering. It is, in short, a dispute where most people would like both sides to lose. Read more »