WordPress + Bootstrap

It has long been clear that, so far as the common law is concerned, there is no neat dividing line between information which is private and that which is public. Thus, depending on the circumstances, information relating to an individual’s private life which has entered the public domain may yet engage privacy rights (see further e.g. McKennitt v Ash [2005] EWHC 303 (QB) and Green Corns v Claverley [2005] 958 (QB) and Rocknroll v News Group [2013] EWHC 24 (Ch)). However, what is the position where, notwithstanding that an injunction restrains the publication of the information domestically, the information is being extensively published and shared online elsewhere around the world?

This is the difficult issue which the English Court of Appeal was required to address in the high profile case of PJS v News Group Newspapers [2016] EWCA Civ 393. In PJS, the English Court of Appeal had granted the claimant an interim injunction restraining publication of information concerning his engagement in a particular sexual encounter, the notorious ‘celebrity threesome’. There had been no legal challenge to the granting of the injunction. However, after the injunction was granted, the story was published overseas and promptly spread like wildfire on the internet. This led to an application by NGN to discharge the injunction, on the basis that, because PJS’s identity was now so widely known, it was in effect not worth the paper it was written on. Continue reading →

We have crossed the Rubicon. Several years of tortuous haggling, drafting and editing have culminated in the new General Data Protection Regulation, which will become the bedrock for EU data protection law. In the last couple of hours, the European Parliament has voted on and approved the final agreed text of the GDPR. The GDPR is expected to come into force around mid-2018. You can read the final text here, and (courtesy of @PrivacyMatters), you can find a photo here of the GDPR’s champion, Jan Albrecht, smiling at the outcome, in his trademark jaunty stiped shirt and jacket.

In the meantime, the immediate future of EU-US personal data transfers is much less certain. Chris Knight has previously explained the ‘Privacy Shield’, a kind of emergency sticking plaster measure introduced in the wake of the Schrems litigation, which killed off the Safe Harbor arrangements for transatlantic transfers. The Article 29 Working Party – perhaps the EU’s most authoritative voice on data protection matters – has this week endorsed aspects of Privacy Shield as an improvement on Safe Harbor. Crucially, however, the A29 WP is far from convinced that Privacy Shield is up the answer. It has ‘strong concerns’, which you can read about here. No Rubicons crossed on this issue just yet.

Robin Hopkins @hopkinsrobin

Suppose confidential, private and sensitive information is sold, leaked or otherwise wrongly disclosed by a rogue employee: is the employer vicariously liable? This question is a troubling one for many an employer and data controller. A new judgment on a claim for misuse of private information sheds some light on this question – and will not be comforting for employers and data controllers. The case is Axon v Ministry of Defence [2016] EWHC 787 (QB).

The Claimant was the commanding officer of a Royal Navy frigate when, in December 2004, he was summoned to London and relieved of his command following an investigation into his alleged bullying of officers on his ship. In that same month, the Sun published articles about the incident (‘Mutiny Skipper Sacked’ and so on). Continue reading →

Gurieva & Anor v Community Safety Development (UK) Ltd [2016] EWHC 643 (QB), a judgment of Warby J of 6 April 2016, is the High Court’s latest word on subject access requests. It illustrates some of the emerging trends in subject access litigation. It is also a salutary reminder to ensure that, for subject access request cases as for any other, adequate evidence is presented. Continue reading →