Author: Anya Proops KC

EC COMMISSION PROPOSES STRENGTHENING EU DATA PROTECTION LEGISLATION

Posted on | by Anya Proops KC

On 4 November 2010, the European Commission published a communication in which it set out its vision for the future of EU data protection legislation. The communication makes clear that the Commission is intending to propose new legislation in 2011. You can find the communication here. Notable points emerging from the communication include that the Commission is considering:

       introducing a ‘general principle of transparent processing’ aimed at ensuring that data controllers are more transparent as to how they are processing personal data;

 

       whether the definition of sensitive personal data should be expanded so that it includes for example genetic data;

 

       clarifying and strengthening the rules on consent so that it will be clearer when a data subject can be taken to have consented to processing of his or her personal data;

 

       extending powers of enforcement to civil society associations as well as other associations representing the interests of data subjects;

 

       strengthening existing sanctions for non-compliance, including providing explicitly for criminal sanctions in the case of serious violations;

 

       requiring data controllers to appoint independent data protection officers (subject to a recognition of the need not to overburden small enterprises);

 

       requiring data controllers to carry out data protection impact assessments in certain cases; and

 

       imposing new rules designed to strengthen, clarify and harmonise the status and powers of national data protection authorities.

BLAIR ON FOIA: REGRETS, I’VE HAD A FEW

Posted on | by Anya Proops KC

Tony Blair has given an interview in today’s Guardian in which he robustly defends (almost) all of his actions as Prime Minister. Notable exceptions include the ban on fox-hunting and, somewhat surprisingly, the Freedom of Information Act. Thus, Martin Kettle of the Guardian reports: Some things about his record in office he does not defend. One is the Freedom of Information Act. “It’s not practical for government,” he says. “If you are trying to take a difficult decision and you’re weighing up the pros and cons, you have frank conversations. Everybody knows this in their walk of life. Whether you are in business – or running a newspaper – there are conversations you want to have preliminary to taking a decision that are frank. And if those conversations then are put out in a published form that afterwards are liable to be highlighted in particular ways, you are going to be very cautious. That’s why it’s not a sensible thing.”’ Query whether the current PM would be prepared to make a similar declaration. You can find the article here.

DISSECTING PERSONAL DATA – BRYCE V INFORMATION COMMISSIONER

Posted on | by Anya Proops KC

Section 40 FOIA provides for a number of exemptions in respect of ‘personal data’. The exemption which is most frequently prayed in aid by public authorities is the one provided for under s. 40(2), read together with s. 40(3)(a)(i). In essence, under these provisions, information will be absolutely exempt from disclosure under FOIA if: (a) it amounts to personal data, as defined in s. 1 of the Data Protection Act 1998 (“DPA”) and (b) its disclosure would contravene one or more of the data protection principles provided for under schedule 1 to the DPA. In practice, it can be very difficult to apply this exemption, particularly where the information in issue may comprise personal data relating to a number of different individuals. It was precisely this issue which the Tribunal had to tackle in the recent case of Bryce v IC & Cambridgeshire Constabulary (EA/2009/0083). In Bryce, a request had been made by Ms Bryce for disclosure of a police investigation report. The report addressed concerns which had been raised by Ms Bryce and others about the way in which the Cambridgeshire Constabulary had investigated the death of Ms Bryce’s sister, who had been killed by her husband. The Tribunal held that the report contained a multiplicity of different types of personal data including: Ms Bryce’s personal data; the husband’s personal data; personal data relating to the husband’s family; the personal data of witnesses; personal data relating to the deceased’s family; and personal data relating to officers who had conducted the investigation. Apart from Ms Bryce’s own personal data, which was exempt from disclosure under s. 40(1) FOIA, the Tribunal approached the question of how the s. 40(2) exemption applied to the remaining data by conducting a discrete analytical exercise in respect of each type of data. It is clear from the Tribunal’s analysis that it was of the view that very different considerations applied, for example, in respect of officers’ data as compared with the data relating to the husband’s family. The key implication of this judgment is that a public authority will expose itself to challenge under FOIA if it simply adopts a blanket ‘one size fits all’ approach to information comprising diffuse types of personal data. The judgment is also notable in that it applies the approach to the concept of ‘personal data’ which was approved in Durant v Financial Services Authority, rather than the arguably more liberal approach embodied in the Commissioner’s guidance: Determining What is Personal Data’.

LAW OF CONFIDENCE – THE TRUMP CARD IN MATRIMONIAL PROCEEDINGS

Posted on | by Anya Proops KC

The Court of Appeal has recently handed down an important judgment on the application of the law of confidence in matrimonial proceedings: Tchenguiz & Ors v Imerman [2010] EWCA Civ 908. The background to the case was that an application for ancillary relief had been made by Mrs Tchenguiz Imerman (TI) against her husband, Mr Imerman. Fearing that Mr Imerman may seek to conceal the nature and extent of his assets in the context of the ancillary relief proceedings, one of TI’s brothers, possibly with the help of others, accessed a computer server in an office which Mr Imerman shared with TI’s brothers and then copied information and documents which Mr Imerman had placed on that server relating to his assets. In order to prevent TI relying on the information and the documents in the ancillary relief proceedings, Mr Imerman sought to restrain the defendants from communicating the information and documents which they had obtained to any third party (including TI and her lawyers). He also sought delivery up of all copies of the documents. Eady J granted the orders sought by Mr Imerman. The defendants appealed to the Court of Appeal. The central issue for the Court of Appeal was essentially whether TI should be allowed to use the information and documents in the context of the ancillary relief proceedings, despite the fact that they appeared to have been obtained by the defendants in breach of confidence and, hence, unlawfully.  The case was rendered particularly complex as a result of what is commonly known in matrimonial proceedings as the ‘Hildebrande rules’. Historically, these rules have been applied by the courts in matrimonial ancillary relief proceedings so as generally to allow individuals to rely on evidence as to their spouses’ assets notwithstanding that that evidence has been unlawfully obtained.

In summary, the Court of Appeal held as follows:

·         the information/documents had been unlawfully obtained by the defendants as they had been obtained in breach of confidence (and, further, in breach of Mr Imerman’s right to privacy);

 

·         it may be that the obtaining of the information/documents had also amounted to: (a) criminal conduct on an application of s. 17 of the Computer Misuse Act 1990; (b) unlawful processing of Mr Imerman’s personal data under s. 4(4) Data Protection Act 1998 (DPA); and, further, (c) a criminal act under s. 55 DPA; although having found that the information/documents were obtained unlawfully in breach of confidence, the Court did not need to reach a concluded view on these issues;

 

·         the question for the Court was whether it should effectively condone the illegal self-help methods adopts by the defendants simply because it was feared that Mr Imerman may behave unlawfully and conceal that which should be disclosed in the ancillary relief proceedings. The answer to that question was: ‘No’ (see para. 107). As the Court suggested:The tort of trespass to chattels has been known to our law since the Middle Ages and the law of confidence for at least 200 years, yet no hint of any defences of the kind now being suggested is to be found anywhere in the books’ (para. 117). Thus, the Hildebrande rules could not be justified on any grounds;

 

·         if there were concerns that an individual may seek dishonestly to conceal assets in the context of ancillary relief proceedings, the correct course would be for the spouse to seek to protect her/his position through lawful means, for example by applying to the court for an anton pillar order.

The judgment is important not least because it highlights the essentially inalienable nature of the common law rights to confidentiality and privacy. There is no doubt that the judgment will be controversial, not least because of concerns that it fails to recognise the significant power imbalance which often obtains between spouses in matrimonial proceedings. 

 

EU APPROVES FINANCIAL DATA TRANSFERS TO US FOR COUNTER-TERRORISM PURPOSES

Posted on | by Anya Proops KC

On 13 July 2010, the Council of Europe promulgated a decision whereby it approved an agreement between the EU and the US for the transfer of financial messaging data from the EU to the US, specifically for the purposes of the US’s Terrorist Finance Tracking Programme. The decision has now been published in the Official Journal for the EU. See further the Council decision dated 28 June 2010 confirming the signing of the agreement, which you can find here.

RECENT TRIBUNAL RULINGS – RISKS FOR APPELLANTS

Posted on | by Anya Proops KC

The Tribunal has recently issued a ruling highlighting the dangers for a public authority if it submits an inadequately reasoned notice of appeal. In Westminster City Council v IC (EA/2010/0096), the Council had submitted a notice of appeal against the Commissioner’s decision notice within the 28 day time limit allowed for under rule 22 of the Tribunal Procedure (First Tier Tribunal) (General Regulatory Chamber) Rules 2009 (“the Rules”). However, the notice of appeal merely asserted that the Commissioner had erred in deciding that the EIR 2004 rather than the FOIA applied to the disputed information. The notice did not contain any grounds for this assertion. Thereafter, the Tribunal ordered the Council to provide grounds for its appeal. The Council was given a week to provide the relevant grounds. The Council missed that deadline. Moreover, it did so in circumstances where it had not notified the Tribunal that it needed an extension of time for lodging the grounds. The Council invited the Tribunal to overlook the three day delay in submitting the grounds. It alleged that the delay was due to staffing difficulties; the need to take legal advice; a failure to understand the tribunal procedures and a failure properly to record the date set by the Tribunal for submission of the grounds. The Tribunal refused to accept these arguments. It held that the Council was a large authority with a specialised in-house FOIA department; that an alleged lack of resources was not a valid excuse and that advice should have been sought at an earlier stage. Accordingly, the Tribunal refused to accept the grounds. There are two lessons to be derived from this ruling. First, an appellant which fails adequately to particularise its case in its notice of appeal or otherwise to follow up the notice promptly with fully reasoned grounds may well end up losing the right of appeal altogether. Second, where there are concerns that a tribunal deadline may be missed, the affected party should always consider notifying the tribunal of that fact and seeking an extension of time.

In a separate development, the Tribunal recently decided in Thackeray v IC (EA/2010/0088) that an appellant would not be allowed to proceed with his appeal in view of his refusal to provide the Tribunal with a postal address. Mr Thackeray had provided an email address in his notice of appeal but refused to provide a postal address, allegedly because he was concerned that he would face harassment if the address was disclosed. Mr Thackeray argued that provision of an email address was sufficient in order to meet the requirements of rule 22(a) and (c) of the Rules. The Tribunal decided that the notice of appeal would be invalid in the absence of the provision of a postal address. The Tribunal took the view that a postal address was a pre-requisite not least in view of: (a) the fact that parties may want, for reasons of security, to deliver documents directly rather than by email; and (b) a postal address would be required to protect the position of the other parties in the event that costs were awarded against the appellant. Unfortunately, neither of these rulings can at present be found on the Tribunal website.