At the coalface of EIR: investigative journalists win Whitehaven mine case
Rarely has a decision provoked so much ire as the last government’s approval of a new coal mine in Whitehaven in Cumbria. And not just from the usual green suspects: lesser-known eco-warriors the CBI thought it was a terrible idea, as did poor old Alok Sharma (remember him?), a member of the self-same government – perhaps because it fell to him to defend this lunacy to a sceptical world, while hosting the COP 26 climate change summit in Glasgow in 2021.
The decision was, inevitably, challenged in court, and one of the judicial review claimants sought disclosure of the ministerial submission – a briefing from civil servants to Secretary of State prior to the approval decision. Disclosure was refused in the litigation – an important part of the context in this EIR case, about a request for the same information.
The FTT has now granted the appeal against the Commissioner’s decision that the submission could be withheld under reg. 12(4)(e) EIR (Amin v IC [2025] UKFTT 221 (GRC)).
Bookings are now open for our Information, Technology and Media Law Conference 2025 on Thursday 13 March 2025. Our conference will be covering the new and exciting developments across information, technology and media Law. 11KBW speakers are expected to include Tim Pitt-Payne KC, Anya Proops KC, Andrew Sharland KC, Christopher Knight, Robin Hopkins, Jamie Susskind,Hannah Ready and Ruth Kennedy, amongst others. We are also thrilled to announce that Ofcom will also be participating in this year’s conference, with Jon Higham (Director of Online Safety Policy at Ofcom) and Rob Haywood (formerly of Twitch, now Principal, Online Safety Policy at Ofcom) coming along to speak about the evolving landscape for regulating intermediaries under the Online Safety Act and the practical challenges and opportunities surrounding online content moderation.
The conference will be covering the following topics:
Morning Session – Focus on the technology sector
AI Regulation: what next for UK government policy?
Online Safety – the view from the regulatory bridge: in conversation with Ofcom’s Jon Higham and Rob Haywood
Afternoon Session – Data, Privacy & Media Law: General
Media & privacy update
Data privacy class actions: the dog that keeps barking
Key developments in the law of data protection
Beyond the content offered through the above sessions, the conference offers a great opportunity for all ITM lawyers and practitioners to network with one another, both during the coffee breaks and lunch-break and also at our post-conference champagne tea. We look forward to seeing you there.
Full Conference Details:
Date: Thursday 13 March 2025
Time: 9am-3.30pm followed by a champagne tea
Venue: The IET, 2 Savoy Place, London, WC2R 0BL
Cost: £125+VAT per session. (£250+VAT for the whole day)
Bookings: To book your place on this year’s conference please email your name, firm and which session/s you would like to attend with any purchase order information to RSVP@11kbw.com.
Please note we do not take payment via card. You will be sent an invoice for payment via BACS.
Special requirements
If you have any special requirements please let us know at the time of booking.
Cancellations
A refund can be made up to 14 days before the conference. A substitute delegate will be accepted any time before the conference.
Additional Requirements
If you have any additional requirements e.g. wheelchair access, large print documentation or an induction loop, or if you have any particular dietary requirements please let us know.
Important Note
11KBW reserve the right at any time and without prior notice to change the venue, speakers or programme. We also reserve the right in our absolute discretion and without further liability to cancel the conference, in which event full refunds will be made.
Following a 2-day Part 8 trial, Heather Williams J has handed down a lengthy and important judgment concerning the application of the concept of “personal data”, the extent of searches required by Article 15 UK GDPR, the provision of contextual information and the proper approach to the application of the “tax exemption” under paragraph 2 of schedule 2 to the DPA 2018.
Michael Ashley v Commissioners for His Majesty’s Revenue and Customs [2025] EWHC 134 (KB) concerned a claim brought by the well-known British businessman, Mike Ashley, against HMRC for breach of his subject access rights under the UK GDPR. Mr Ashley made a subject access request (“SAR”) in the context of a (then) ongoing tax dispute. HMRC initially maintained that all of Mr Ashley’s personal data were exempt and therefore not disclosable. When it did subsequently provide Mr Ashley with some data, Mr Ashley contended that its response was incomplete and inadequate. He argued that HMRC failed: properly to construe his SAR; to conduct adequate searches when responding to it; properly to apply the concept of personal data and the tax exemption; and to provide him with copies of his personal data in a sufficiently contextualised manner so as to render them intelligible.
Heather Williams J found in Mr Ashley’s favour on each of those points, albeit rejecting his wider argument that all data relating to HMRC’s assessment of his tax liability in respect of the tax enquiry amounted to his personal data. Her judgment contains useful guidance for practitioners dealing with SARs at every stage of the process from construing a SAR when first made, to providing copies of the personal data in a manner that is intelligible and transparent for the data subject. More widely, the judgment contains important guidance as to how the foundational concept of “personal data” is to be construed and applied in practice.
Multi-party claims for misuse of data: how do you take them forward? GLOs yes, though they are often seen as too unwieldy. Straightforward multi-claimant litigation using ‘omnibus’ claim forms is fine, but doesn’t get litigation funders the maximum volumes they seek. Representative actions under CPR 19.8 are the ideal vehicle in that sense, but Lloyd v Google effectively killed them as regards data protection claims (no loss of control damages; individualised assessment needed). Can misuse of private information claims (loss of control damages available; individualised assessment perhaps not needed) fare better? The Prismall action was the leading post-Lloyd candidate on this front, but it has suffered another death this Advent. Continue reading →
Nearly five years into the life of the GDPR/DPA 2018 regime, the dust is finally settling on the first monetary penalty notice issued by the ICO under that regime. This was against Doorstep Dispensaree, whose multiple challenges to that MPN have finally run aground Continue reading →
The General Regulatory Chamber of the First-tier Tribunal has made a substitute decision in the case Garrard v Information Commissioner and the British Museum [2024] UKFTT 601 (GRC). The Appellant, Dr Christopher Garrard, was successful in part. The reasons will be of interest to those seeking to use information law to access corporate sponsorship arrangements between public institutions and fossil fuel companies, and to those seeking to resist such efforts.
The appeal concerned Dr Garrard’s request to the British Museum in 2022 for information relating to sponsorship negotiations between the British Museum and BP. Dr Garrard challenged the British Museum’s reliance on the commercial interests exemption under section 43(2) of the Freedom of Information Act 2000. He argued that the exemption was not engaged and, even if it was, the public interest was weighted in favour of disclosure. Continue reading →
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behaviour or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.