Author: Timothy Pitt-Payne KC

Panopticon Feedback

Posted on | by Timothy Pitt-Payne KC

One of our readers raised a question arising out of the previous post on employment blacklists. 

According to this report on the BBC website, Steve Acheson (who was on the blacklist) was the subject of an unsuccessful attempt by his former employer to obtain an injunction to prevent him from protesting against his dismissal.  Apparently the application was made under anti-terrorism legislation.  Our reader asks if we can throw any light on the legal basis for the application.

Unfortunately the answer is no; it appears that there is no report of the case online in any of the usual places.  The best I can find is this item from the website of Mr. Acheson’s solicitors.

We haven’t enabled the comments function on the blog.  But you are very welcome to send any feedback to Lucy.Miller@11kbw.com.  We are always delighted to see that people are reading and responding.

Banned Aid

Posted on | by Timothy Pitt-Payne KC

In March this year the Information Commissioner took enforcement action against the Consulting Association, which had been operating a secret blacklist of employees in the construction industry, including details of trade union activity. We posted about this story here, earlier this year.

Today, the Guardian has extensive coverage of what has happened since.

The Department for Business, Enterprise and Regulatory Reform has now consulted on draft regulations under section 3 of the Employment Relations Act 1999. The consultation ended on 18th August 2009. The proposed regulations are intended to outlaw the compilation, dissemination and use of blacklists of trade unionists. They would make it unlawful to refuse employment, or to dismiss employees or subject them to a detriment, for reasons related to a prohibited blacklist. Individuals who suffer loss through blacklisting would be able to bring claims either in the Employment Tribunal or in the civil courts, depending on the nature of their complaint.

The trade union UCATT commissioned a report from the Institute of Employment Rights about the proposed regulations. The report, by Professor Keith Ewing, was published on 15th September 2009: it is entitled “Ruined Lives”, and deals specifically with blacklisting in the construction industry. It includes sample material from Consulting Association files.  The report gives a fascinating history of the practice of blacklisting, going back to the late 19th century. It suggests a number of changes to the draft Regulations, including: that keeping or using a blacklist, or supplying information to it, should be a criminal offence; and that there should be a right to compensation for the fact of being included on a blacklist, even if the inclusion does not lead to any loss.

A further point to note about the draft Regulations is that they deal specifically with the blacklisting of trade unionists (as does section 3 of the 1999 Act). So they would not assist individuals who had been blacklisted for other reasons; e.g. because of their political beliefs and affiliations, or because they have a history of raising concerns about health and safety issues.

A number of individuals have brought employment tribunal claims arising out of alleged blacklisting. The claims have been consolidated and there will be a case management discussion in Manchester ET on 24th November 2009. This blog gives further information.

Meanwhile the Information Commissioner’s Office (ICO) has taken control of the Consulting Association database. Individuals who think that they may have been blacklisted can contact the ICO; for more information, see this page of the ICO’s website.

WHEN WILL THEY EVER LEARN?

Posted on | by Timothy Pitt-Payne KC

We call them “data protection duck outs”.  The New Zealanders call them “BOTPAs” (standing for “Because of the Privacy Act”).  Organisations do something silly, and then blame it on data protection legislation.

There’s a nice recent example. A parcel was addressed to a 9 day old baby.  Initially the Royal Mail wouldn’t deliver it to her grandfather, apparently because the Data Protection Act required the baby to sign for it personally.  Not surprisingly, the ICO has confirmed that the Act does not require anything of the kind.

Media Law and Practice – new book from OUP

Posted on | by Timothy Pitt-Payne KC

Hot off the press is a new book from OUP on “Media Law and Practice”, edited by David Goldberg, Gavin Sutter, and Ian Walden. 

This is a multi-author book, written by a team of practitioners and academics.  It covers a wide range of media topics, including ownership, regulation, intellectual property, defamation, and commercial communications.       

I contributed a chapter on Information Law:  this discusses data protection, freedom of information, and human rights issues, including articles 8 and 10 of the Convention.  One of the book’s features is that it deals with new forms of communication (including blogging), as well as traditional print or broadcast media.  So I had to address questions such as, how would the “special purposes” defined in the DPA (ie artistic, journalistic and literary purposes) apply to web-based publications?

The impetus for the book comes from the Institute of Computer and Communications Law, based in the Centre for Commercial Law Studies, Queen Mary, University of London.  All three editors are members of the Institute.  It’s a major centre for research and teaching in areas related to information law, including intellectual property, telecoms regulation, computer law, and media law.

The book is available online from OUP’s website.

Paying for the ICO

Posted on | by Timothy Pitt-Payne KC

Organisations that process personal data must notify the Information Commissioner’s Office, and pay an annual fee. Up to now the fee has been £35, for all data controllers. With effect from 1st October 2009, some large data controllers will instead pay a fee of £500.

The changes are made by the Data Protection (Notification and Notification Fees) (Amendment) Regulations 2009 (SI 2009 No 1677). These divide data controllers into two groups: tier 1 organisations, which pay £35, and tier 2 organisations, which pay £500. All data controllers not in tier 2 are in tier 1.

A data controller will be in tier 2 if it satisfies the following three conditions: (i) it is not a charity or a small occupational pension scheme; (ii) it has been in existence for more than a month; and (iii) it has a turnover of £25.9 million or more for the data controller’s financial year and 250 or more members of staff, or it is a public authority with 250 or more members of staff. There are detailed provisions as to how turnover and staff numbers should be calculated for these purposes.

An explanatory memorandum issued by the Ministry of Justice gives the policy background to the change. Essentially it argues that large organisations cost more for the ICO to regulate, and so should pay a higher fee. The memorandum suggests that about 4% of data controllers will pay the higher fee, and that the extra annual income to the ICO will be about £4.7 million.

 A more interesting question perhaps – and one that the new Regulations do not affect at all – is who is obliged to notify the Information Commissioner. Anyone who uses a computer to process personal data is a data controller and obliged to notify, unless they are subject to an exemption. Under section 36 of the Data Protection Act 1998, personal data processed by an individual only for the purposes of that individual’s personal, family or household affairs (including recreational purposes) are exempt from the duty to notify (and indeed from most of the rest of the Act as well). This is sometimes referred to as the “domestic use”, or “Christmas card list” exemption: if you keep your family’s Christmas card list on a computer, you do not have to notify the ICO that you are processing personal data, and you can spend the £35 on something else instead.

But what if you put personal data on to the internet? The Lindqvist case in the European Court of Justice suggests that the domestic exemption would not apply here, because information posted on the internet is available to all the world. Since Lindqvist was decided, there has been an explosion of blogging, and social networking, all internet-based. How much of this activity would come within the domestic use exemption remains unclear.

 

 

Reforming the Information Tribunal

Posted on | by Timothy Pitt-Payne KC

A letter was circulated yesterday (4th August) to “stakeholders” of the Information Tribunal, giving information about the implications for the Information Tribunal of the new unified tribunal structure.

The new structure involves a system of First Tier tribunals and Upper Tribunals. The Information Tribunal will be one of a number of tribunals that transfer into the General Regulatory Chamber (GRC), one of the First Tier tribunals.

According to the letter, from January 2010 information rights cases will generally be heard in the GRC, with an appeal to the Administrative Appeals Chambers of the Upper Tribunal on a point of law. However, in some circumstances cases will be heard in the first instance in the Upper Tribunal. This will be where the appeal is complex, unusual, or particularly important. In additional national security appeals (under section 28 of the Data Protection Act 1998 or section 60 of the Freedom of Information Act 2000) will go straight to the Upper Tribunal.

The procedural rules for those tribunals moving into the GRC in September 2009 have now been finalised and laid before Parliament. This includes the Charity Tribunal, the Estate Agents Appeals Panel and the Consumer Credit Appeals Tribunal. For those jurisdictions moving to the GRC in January 2010 – including the Information Tribunal – any further specific procedural rules will be added by amendment once Parliament has approved the transfer. Approval is expected later this year.