Mixed Data in the Court of Appeal

July 2nd, 2018 by Rupert Paines

Hot off (Thursday’s) press comes the CA judgment in DB v GMC [2018] EWCA Civ 1497, which will now be the leading case on the treatment of mixed personal data.

Read more »


TLT in the Court of Appeal

June 18th, 2018 by Anya Proops QC

The judgment of Mitting J in the case of TLT is now routinely invoked in the context of discussions over how you go about quantifying the value of a distress damages claim where there has been a data breach. In TLT, the Home Office had accidentally disclosed online a spreadsheet containing data relating to asylum seekers and their families. As you may recall, Mitting J awarded TLT compensation of £12,500 on the basis that he had suffered distress as a result of the disclosure akin to a moderate psychiatric injury. This award was made in circumstances where the judge had concluded that the disclosure had resulted in TLT having a rational fear that he would be targeted by the Iranian authorities, to the point where he had felt compelled to relocate his entire family. The judge also held that, whilst they were not named in the spreadsheet, TLT’s wife and daughter (TLU and TLV) were also entitled to distress damages as their identity and the fact that they were seeking asylum could readily be inferred from the disclosed data. Read more »


The ‘Facebook Fan Page’ judgment: joint data controllers, cookies and targeted advertising

June 5th, 2018 by Robin Hopkins

How do I know if I am a data controller? In particular, how do data controller responsibilities work when it comes to cookies operating on my website (especially for targeted advertising purposes)? The GDPR has not invented these questions, but it has injected them with urgency and sharpness. The CJEU’s judgment in the ‘Facebook Fan Page’ case, handed down this morning, is a very significant contribution on increasingly important issues of this kind. Read more »


Media privacy cases – No monopoly for the Media & Communications List

June 5th, 2018 by Anya Proops QC

As many of you will know, last year the High Court established a new ‘Media & Communications List’ (MCL), presided over by Mr Justice Warby (see the relevant announcement here). The idea behind the establishment of the MCL was that media-related tort cases brought in the Queen’s Bench Division (QBD), including cases for misuse of private information and breach of the data protection legislation, would be allocated to the MCL. But does the establishment of the MCL mean that claimants who want to sue the media are compelled to bring their claims before the MCL in the QBD? Well according to the recent judgment of Chief Master Marsh in the case of Mevinsky & Ors v Associated News [2018] EWHC 1261 (Ch) the answer to that question is a resounding no. Read more »


The DPA 2018 has landed (finally!)

May 23rd, 2018 by Anya Proops QC

You can find it here: http://www.legislation.gov.uk/ukpga/2018/12/pdfs/ukpga_20180012_en.pdf … all 339 pages. Happy reading all.

Anya Proops QC


Morrisons group action: claimants win, but get only 40% of their costs

May 16th, 2018 by Robin Hopkins

Needless to say, group actions for data protection breaches will generally be shaped by financial considerations. Those are partly about compensation, but also about costs. To make it worthwhile, claimants need not only to win and be awarded compensation, but also to get their costs covered, or at least not have their costs eat too far into their compensation. On this issue, today’s costs judgment in the Morrisons litigation is novel, interesting and instructive in practice. Read more »