The Court of Appeal Rolls out the DP Barrel

February 18th, 2019 by Christopher Knight

Sometimes a case comes along which, whether through range of issues or over-enthusiastic pleading, seems to touch on more or less every data protection provision going. To this end, at least for the DPA 1998, we give you the lengthy treatise of Sales LJ that is: Cooper v National Crime Agency [2019] EWCA Civ 16. Read more »



February 7th, 2019 by James Goudie QC

Two recent decisions of the FTT on confidential information are of interest, one under FoIA, the other under the EIR, with a local authority being the public authority in both cases.

The FoIA case is Driver v Information Commissioner and Thanet District Council, EA/2017/0218.  It concerned the absolute Section 41 exemption from disclosure: information provided in confidence to the public authority by a third party.  The FTT held that the exemption did not apply because the information was not obtained by  the Council from another person. The information was the names of parties who had been paid compensation by the Council.  This was pursuant to settlements concluded between the Council and businesses involved in the export of live animals from the Port at Ramsgate.  The Council had imposed a ban. The High Court found that the ban was unlawful and that the Council was liable in damages. Read more »


Bearing a Burden: Prosecuting under the DPA

January 25th, 2019 by Christopher Knight

A rare foray into the Criminal Division of the Court of Appeal for the Data Protection Act 1998 recently, as the Court considered the nature of the reverse burden imposed by the section 55 offence in Shepherd v Information Commissioner [2019] EWCA Crim 2. In short, Jay J held that section 55, properly construed, imposed only an evidential burden on a defendant rather than a legal burden. Read more »


GDPR financial penalties: €50m for Google in France

January 22nd, 2019 by Robin Hopkins

Perhaps the most commonplace GDPR soundbite concerns swingeing financial penalties: in the most serious cases, up to €20m or 4% of global annual turnover, whichever is the greater. We have now had our first flexing of that maximal muscle, in the form of the decision of the French supervisory authority, the CNIL, to impose a €50m penalty on Google. The CNIL’s decision, announced yesterday, is summarised here. (The penalty notice itself is not yet available in English).

Notable features of the case include the following: Read more »


Open Up: ICO Consultation on FOIA/EIR

January 15th, 2019 by Christopher Knight

News comes our way of a consultation exercise being run by the ICO on its new proposed ‘Access to Information Strategy’. You can read more about it here. Titled ‘Openness by Design’, it is a proposed strategy which will – in particular – aim to improve standards of openness, transparency and participation on the part of public authorities, including by increasing the impact of enforcement activity through targeting of systemic non-compliance. That is probably the most significant headline of the draft, but there are a number of aims to improve confidence in the openness and accountability of public authorities, by greater proactivity on the part of the ICO. Consultation responses are sought by 8 March 2019.

Christopher Knight


s35 FOIA Updates from the Upper Tribunal

January 14th, 2019 by Christopher Knight

A couple of recent Upper Tribunal cases have been handed down on the section 35(1) FOIA exemption for the formulation or development of government policy and for Ministerial communications. Both concern documents produced at the highest levels of Government. Both nudge the jurisprudence on a little bit, and both are worth being aware of for those concerned. Read more »