Prism and Tempora: Privacy International commences legal action

Panopticon has reported in recent weeks that, following the Edward Snowden/Prism disclosures, Liberty has brought legal proceedings against the UK’s security bodies. This week, Privacy International has announced that it too is bringing a claim in the Investigatory Powers Tribunal – concerning both the Prism and Tempora programmes. It summarises its claim in these terms:

“Firstly, for the failure to have a publicly accessible legal framework in which communications data of those located in the UK is accessed after obtained and passed on by the US National Security Agency through the Prism programme.  Secondly, for the indiscriminate interception and storing of huge amounts of data via tapping undersea fibre optic cables through the Tempora programme.”

Legal complaints on Prism-related transfers have been made elsewhere on data protection grounds also. A group of students who are members of a group called Europe vs. Facebook have filed complaints to the data protection authorities in Ireland (against Facebook and Apple), Luxembourg (against Skype and Microsoft) and Germany (against Yahoo).

European authorities have expressed concerns on these issues in their own right. For example, the Vice President of the European Commission, Viviane Reding, has written to the British Foreign Secretary, William Hague, about the Tempora programme, and has directed similar concerns at the US (including in a piece in the New York Times). The European Parliament has also announced that a panel of its Committee on Civil Liberties, Justice and Home Affairs will be convened to investigate the Prism-related surveillance of EU citizens. It says the panel will report by the end of 2013.

In terms of push-back within the US, it has been reported that Texas has introduced a bill strengthening the requirements for warrants to be obtained before any emails (as opposed to merely unread ones) can be disclosed to state and local law enforcement agencies.

Further complaints, litigation and potential legal challenges will doubtless arise concerning Prism, Tempora and the like.

Robin Hopkins

RIPA: hacked voicemails and undercover officers

The Regulation of Investigatory Powers Act 2000 (RIPA) has featured prominently in the news in recent weeks, both as regards undercover police officers/“covert human intelligence sources” and as regards the phone-hacking scandal.

Hacked voicemails

This morning, the Court of Appeal gave judgment in Edmonson, Weatherup, Brooks, Coulson & Kuttner v R [2013] EWCA Crim 1026. As is well known, the appellants face charges arising out of the News of the World phone-hacking controversy – specifically, conspiring unlawfully to intercept communications in the course of their transmission without lawful authority contrary to section 1(1) of the Criminal Law Act 1977.

The communications in question are voicemails. Under section 1(1)(b) of RIPA, it is an offence intentionally to intercept, without lawful authority, any communication in the course of its transmission by means of a public telecommunications system (my emphasis). The central provision is section 2(7) of RIPA:

“(7) For the purposes of this section the times while a communication is being transmitted by means of a telecommunication system shall be taken to include any time when the system by means of which the communication is being, or has been, transmitted is used for storing it in a manner that enables the intended recipient to collect it or otherwise to have access to it.”

The appellants applied to have the charges dismissed on the grounds that the words “in the course of transmission” in section 1(1) of RIPA do not extend to voicemail messages once they have been listened to (by the intended recipient, that is, rather than by any alleged phone-hacker). They argued that the ordinary meaning of “transmission” is conveyance from one person or place to another and that section 2(7) is intended to extend the concept of “transmission” only so as to cover periods of transient storage that arising through modern phone and email usage, and when the intended recipient is not immediately available. Thus, once the message has been listened to, it can no longer be “in the course of transmission”.

The point had previously been decided against the appellant. The Court of Appeal (the Lord Chief Justice, Lloyd Jones LJ, Openshaw J) took a similar view. While it accepted that the application of section 2(7) may differ as between, for example, voicemails and emails, “there is nothing in the language of the statute to indicate that section 2(7) should be read in such a limited way” (as the appellants had contended) (paragraph 23). Further, the words “has been transmitted” in section 2(7) “make entirely clear that the course of transmission may continue notwithstanding that the voicemail message has already been received and read by the intended recipient” (paragraph 26).

The same conclusion was reached by focusing on the mischief which section 2(7) is intended to remedy, “namely unauthorized access to communications, whether oral or text, whilst they remain on the system by which they were transmitted. As the prosecution submits, unlawful access and intrusion is not somehow less objectionable because the message has been read or listened to by the intended recipient before the unauthorized access takes place” (paragraph 28, quoting an earlier judgment in this matter from Fulford LJ).

The Court accepted that section 2(7) went further than the prohibitions imposed by Directive 97/66/EC concerning the processing of personal data and the protection of privacy in the telecommunications sector (which RIPA sought to implement) and its successor, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector (which postdates RIPA).  The Court found, however, that the Directives imposed minimum harmonisation; Parliament was entitled to go further and to set higher standards for the protection of privacy of electronic communications, provided that those additional obligations are compatible with EU law (paragraph 42).

Both the Data Protection Act 1998 and the Computer Misuse Act 1990 also raised their heads. The DPA, for example, contains a public interest defence which is not available under RIPA. It was argued that this risked creation parallel offences without parallel defences, violating the principle of legal certainty. This submission too was rejected (paragraphs 44-45).

The cases will now proceed to trial, apparently to commence in September.

Undercover officers

As regards the activities of undercover police officers, the major issue this week has concerned the alleged smearing of the family and friends of Stephen Lawrence: see for example The Guardian’s Q&A session with undercover-officer-turned-whistleblower Peter Francis.

The other major ongoing case regarding a former undercover officer concerns Mark Kennedy, who (together with others) infiltrated political and environmental activists over a period of years. Claims were commenced in the High Court, with part of the conduct complained of involving ensuing sexual relations between activists/their partners and undercover officers.

Earlier this year, J and others v Commissioner of Police for the Metropolis [2013] EWHC 32 (QB) saw part of the claims struck out. The Court held that the Investigatory Powers Tribunal had exclusive jurisdiction over the claims under the Human Rights Act 1998; it struck out these parts accordingly. It observed that conduct breaching Article 3 (inhuman and degrading treatment) – which included the claims relating to sexual activity – could not be authorised under RIPA, but conduct breaching Article 8 (privacy) could be authorised. Sexual activity with undercover officers did not necessarily engage Article 3.

Those parts of the claims which did not concern the Human Rights Act 1998 (actions at common law and for alleged breaches of statutory duties) were not exclusively within the Investigatory Powers Tribunal’s jurisdiction and were thus not struck out as an abuse of process, notwithstanding the police’s difficulties in presenting its case due to the ‘neither confirm nor deny’ approach to covert sources.

Unlike with the phone-hacking cases, it is not clear when this case will resume before the Court/Tribunal.

Robin Hopkins

New CCTV Code of Practice: surveillance and the protection of freedoms

Surveillance of the covert and digital variety has been dominating the news of late. The legal contours of the practices leaked by Edward Snowden (the NSA’s obtaining of internet metadata) and covered by The Guardian (most recently, GCHQ’s monitoring of certain communications of ‘friendly’ foreign allies) may be matters of some debate.

In the meantime, the legal contours of a more overt and physical variety of surveillance – CCTV – have been somewhat clarified.

Panopticon indeed.

As its name suggests, the Protection of Freedoms Act 2012 expressed the incoming Coalition Government’s commitment to keeping in check the state’s surveillance of ordinary citizens. By that Act (sections 29-36), the Home Secretary was to present to Parliament a Code of Practice governing the use of surveillance camera systems including CCTV and Automatic Number Plate Recognition (ANPR). Following a consultation exercise – the response to which can be read here – the Home Secretary has now done so. The Code was laid before Parliament on 4 June 2013. A draft order (the Protection of Freedoms Act 2012 (Code of Practice for Surveillance Camera Systems and Specification of Relevant Authorities) Order 2013) is currently being considered by Parliament’s Joint Committee on Statutory Instruments.

Pending its coming into force, Panopticon summarises the key features of the new Code.

To whom does the Code apply?

The Code imposes duties on ‘relevant authorities’, which are those listed at section 33(5) of the Protection of Freedoms Act 2012 – in the main, local authorities and policing authorities.

The draft order proposes to add the following to the list of relevant authorities:

(a) The chief constable of the British Transport Police;

(b) The Serious Organised Crime Agency;

(c) The chief constable of the Civil Nuclear Constabulary; and

(d) The chief constable of the Ministry of Defence Police.

The Code recognises that concern about the use of surveillance cameras often extends beyond these sorts of full-blooded ‘public’ authorities. It recognises that the list of relevant authorities may need to be expanded in future to encompass shopping centres, sports grounds, schools, transport centres and the like.

For now, however, only those listed as ‘relevant authorities’ are subject to the duties imposed by the Code. Others who use such surveillance systems are ‘encouraged’ to abide by the Code.

What duty is imposed by the Code?

The Code imposes a ‘have regard to’ duty. In other words, relevant authorities are required to have regard to the Code when exercising any of the functions to which the Code relates. As regards its legal effects:

“A failure on the part of any person to act in accordance with any provision of this code does not of itself make that person liable to criminal or civil proceedings. This code is, however, admissible in evidence in criminal or civil proceedings, and a court or tribunal may take into account a failure by a relevant authority to have regard to the code in determining a question in any such proceedings” (paragraph 1.16).

It may well be that the Code also weighs heavily with the ICO in its consideration of any complaints about the use of surveillance cameras breaching the DPA 1998.

Remember that the Home Office Code sits alongside and does not replace the ICO’s CCTV Code of Practice.

What types of activity are covered by the new Code?

Relevant authorities must have regard to the Code ‘when exercising any of the functions to which the Code relates’. This encompasses the operation and use of and the processing data derived from surveillance camera systems in public places in England and Wales, regardless of whether there is any live viewing or recording of images and associated data.

The Code does not apply to covert surveillance, as defined under the Regulation of Investigatory Powers Act 2000.

What about third party contractors?

Where a relevant authority instructs or authorises a third party to use surveillance cameras, that third party is not under the ‘have regard to’ duty imposed by the Code. That duty does, however, apply to the relevant authority’s arrangements.

By paragraph 1.11:

“The duty to have regard to this code also applies when a relevant authority uses a third party to discharge relevant functions covered by this code and where it enters into partnership arrangements. Contractual provisions agreed after this code comes into effect with such third party service providers or partners must ensure that contractors are obliged by the terms of the contract to have regard to the code when exercising functions to which the code relates.”

The approach

The guiding philosophy of the Code is one of surveillance by consent:

 “The government considers that wherever overt surveillance in public places is in pursuit of a legitimate aim and meets a pressing need, any such surveillance should be characterised as surveillance by consent, and such consent on the part of the community must be informed consent and not assumed by a system operator…. [legitimacy] in the eyes of the public is based upon a general consensus of support that follows from transparency about their powers, demonstrating integrity in exercising those powers and their accountability for doing so” (paragraph 1.5).

In a nutshell, the expectation is this:

“The decision to use any surveillance camera technology must, therefore, be consistent with a legitimate aim and a pressing need. Such a legitimate aim and pressing need must be articulated clearly and documented as the stated purpose for any deployment. The technical design solution for such a deployment should be proportionate to the stated purpose rather than driven by the availability of funding or technological innovation. Decisions over the most appropriate technology should always take into account its potential to meet the stated purpose without unnecessary interference with the right to privacy and family life. Furthermore, any deployment should not continue for longer than necessary” (paragraph 2.4).

The guiding principles

The Code then sets out 12 guiding principles which systems operators should follow:

(1) Use of a surveillance camera system must always be for a specified purpose which is in pursuit of a legitimate aim and necessary to meet an identified pressing need.

(2) The use of a surveillance camera system must take into account its effect on individuals and their privacy, with regular reviews to ensure its use remains justified.

(3) There must be as much transparency in the use of a surveillance camera system as possible, including a published contact point for access to information and complaints.

(4) There must be clear responsibility and accountability for all surveillance camera system activities including images and information collected, held and used.

(5) Clear rules, policies and procedures must be in place before a surveillance camera system is used, and these must be communicated to all who need to comply with them.

(6) No more images and information should be stored than that which is strictly required for the stated purpose of a surveillance camera system, and such images and information should be deleted once their purposes have been discharged.

(7) Access to retained images and information should be restricted and there must be clearly defined rules on who can gain access and for what purpose such access is granted; the disclosure of images and information should only take place when it is necessary for such a purpose or for law enforcement purposes.

(8) Surveillance camera system operators should consider any approved operational, technical and competency standards relevant to a system and its purpose and work to meet and maintain those standards.

(9) Surveillance camera system images and information should be subject to appropriate security measures to safeguard against unauthorised access and use.

(10) There should be effective review and audit mechanisms to ensure legal requirements, policies and standards are complied with in practice, and regular reports should be published.

(11) When the use of a surveillance camera system is in pursuit of a legitimate aim, and there is a pressing need for its use, it should then be used in the most effective way to support public safety and law enforcement with the aim of processing images and information of evidential value.

(12) Any information used to support a surveillance camera system which compares against a reference database for matching purposes should be accurate and kept up to date.

Points to note

The Code then fleshes out those guiding principles in more detail. Here are some notable points:

Such systems “should not be used for other purposes that would not have justified its establishment in the first place” (paragraph 3.1.3).

“People do, however, have varying and subjective expectations of privacy with one of the variables being situational. Deploying surveillance camera systems in public places where there is a particularly high expectation of privacy, such as toilets or changing rooms, should only be done to address a particularly serious problem that cannot be addressed by less intrusive means” (paragraph 3.2.1).

“Any proposed deployment that includes audio recording in a public place is likely to require a strong justification of necessity to establish its proportionality. There is a strong presumption that a surveillance camera system must not be used to record conversations as this is highly intrusive and unlikely to be justified” (paragraph 3.2.2).

“Any use of facial recognition or other biometric characteristic recognition systems needs to be clearly justified and proportionate in meeting the stated purpose, and be suitably validated. It should always involve human intervention before decisions are taken that affect an individual adversely” (paragraph 3.3.3).

“This [the requirement to publicise as much as possible about the use of a system] is not to imply that the exact location of surveillance cameras should always be disclosed if to do so would be contrary to the interests of law enforcement or national security” (paragraph 3.3.6).

“It is important that there are effective safeguards in place to ensure the forensic integrity of recorded images and information and its usefulness for the purpose for which it is intended to be used. Recorded material should be stored in a way that maintains the integrity of the image and information, with particular importance attached to ensuring that meta data (e.g. time, date and location) is recorded reliably, and compression of data does not reduce its quality” (paragraph 4.12.2).


The Surveillance Camera Commissioner is a statutory appointment made by the Home Secretary under section 34 of the Protection of Freedoms Act 2012. The Commissioner has no enforcement or inspection powers. However, in encouraging compliance with the Code, he “should consider how best to ensure that relevant authorities are aware of their duty to have regard for the Code and how best to encourage its voluntary adoption by other operators of surveillance camera systems” (paragraph 5.3). The Commissioner is/is to be assisted by a non-statutory Advisory Council with its own specialist subgroups.

Given the limited remit of the Surveillance Camera Commissioner, it may be that the Code shows its teeth more effectively in complaints to the ICO and/or the courts.

Robin Hopkins

T v Manchester goes to the Supreme Court

One of the most important privacy judgments of the year thus far has been that of the Court of Appeal in R (T & others) v Chief Constable of Greater Manchester & others [2013] EWCA Civ 25, on which Chris Knight blogged in January. In a nutshell, the Court of Appeal held that the criminal records disclosure regime (including the exceptions to the Rehabilitation of Offenders Act 1974) violated Article 8 ECHR.

Permission has been granted for a further appeal to the Supreme Court, which will hear the case on 24 and 25 July of this year. Watch this space.

Robin Hopkins

Supreme Court: Articles 3, 6 and 8 ECHR in child protection PII case

There have been a number of important privacy judgments in recent weeks, particularly concerning Article 8 ECHR in cases with child protection elements. I have blogged on two Court of Appeal judgments. In the matter of X and Y (Children) [2012] EWCA Civ 1500 (19 November 2012) (Pill, Touslon and Monby LJJ; appeal against a decision of Peter Jackson J in the Family Division) concerned the tension between Articles 8 and 10. A second, more recent Court of Appeal judgment in Durham County Council v Dunn [2012] EWCA Civ 1654 (13 December 2012) (Maurice Kay, Munby and Tomlinson LJJ; appeal against a decision of HHJ Armitage QC) focused on balancing competing rights under Articles 8 (private and family life) and 6 (fair trial).

The Supreme Court has this week handed down an important judgment of the latter variety (Articles 8 and 6, as well as an Article 3 claim) in Re A (A Child) [2012] UKSC 60 (12 December 2012) (Lady Hale, with whom Lords Neuberger, Clarke, Wilson and Reed agreed;  appeal against a decision of McFarlane, Thorpe and Hallett LJJ).

Lady Hale began by summarising the case thus:

“We are asked in this case to reconcile the irreconcilable. On the one hand, there is the interest of a vulnerable young woman (X) who made an allegation in confidence to the authorities that while she was a child she had been seriously sexually abused by the father of a little girl (A) who is now aged 10. On the other hand we have the interests of that little girl, her mother (M) and her father (F), in having that allegation properly investigated and tested. These interests are not only private to the people involved. There are also public interests, on the one hand, in maintaining the confidentiality of this kind of communication, and, on the other, in the fair and open conduct of legal disputes. On both sides there is a public interest in protecting both children and vulnerable young adults from the risk of harm.”

In essence, X made the allegations of past sexual abuse by F to the local authority, but did not wish to take action against F. She asserted her rightsto privacy and confidentiality under Article 8  and argued that disclosure of her identity and the details of her allegations would amount to inhuman or degrading treatment contrary to Article 3.

The local authority asserted public interest immunity from disclosure. Lady Hale held that, analysed in terms of common law principles, disclosure should be ordrerd despite the important public interest in preserving the confidence of people who come forward with allegations of child abuse. At paragraph 30, she said this:

“Those allegations have to be properly investigated and tested so that A can either be protected from any risk of harm which her father may present to her or can resume her normal relationship with him. That simply cannot be done without disclosing to the parents and to the Children’s Guardian the identity of X and the detail and history of the allegations which she has made.”

The same conclusion was reached by analysing the matter in Convention terms. X’s case was primarily based on Article 3. Lady Hale agreed with the Court of Appeal that disclosure would not violate those rights: “The context here is not only that the state is acting in support of some important public interests; it is also that X is currently under the specialist care of a consultant physician and a consultant psychiatrist, who will no doubt do their utmost to mitigate any further suffering which disclosure may cause her” (paragraph 32).

Leaving aside Article 3, Lady Hale concluded that the rights of C, M and F under Articles 8 and 6 outweighed the Article 8 rights of X in the circumstances. A closed procedure seeking to minimise the impact on X’s privacy was not possible here. Furthermore, disclosure would not automatically expose X to the trauma of cross-examination: medical evidence and other means of giving evidence could, for example, be appropriate.

The case is an illuminating instance of extremely strong privacy rights being trumped by a combination of the family life rights of others, and in particular their right to a fair trial. In particular, it illustrates how, when serious allegations are made against individuals, the notion of privacy can cut both ways.

Robin Hopkins

CPR disclosure applications: ignore the DPA; balance Articles 6 and 8 instead

It is increasingly common for requests for disclosure in pre-action or other litigation correspondence to include a subject access request under section 7 of the Data Protection Act 1998. Litigants dissatisfied with the response to such requests often make applications for disclosure. Where an application is made in the usual way (i.e. under the CPR, rather than as a claim under section 7 of the DPA), how should it be approached? As a subject access request, with the “legal proceedings” exemption (section 35) arising for consideration, or as an “ordinary” disclosure application under CPR Rule 31? If the latter, what role (if any) do data protection rights play in the analysis of what should be disclosed?

As the Court of Appeal in Durham County Council v Dunn [2012] EWCA Civ 1654 observed in a judgment handed down today, there is much confusion and inconsistency of approach to these questions. Difficulties are exacerbated when the context is particularly sensitive – local authority social work records being a prime example. Anyone grappling with disclosure questions about records of that type will need to pay close attention to the Dunn judgment.

Background to the disclosure application

Mr Dunn alleged that he had suffered assaults and systemic negligence while in local authority care. He named individual perpetrators. He also said he had witnessed similar acts of violence being suffered by at other boys. He brought proceedings against the local authority. His solicitors asked for disclosure of various documents; included in the list of requested disclosure was the information to which Mr Dunn was entitled under section 7 of the DPA. Some documents were withheld from inspection, apparently on data protection grounds.

Mr Dunn made a disclosure application in the usual way, i.e. he did not bring a section 7 DPA claim. The District Judge assessed the application in data protection terms. He ordered disclosure with the redaction of names and addresses of residents of the care facility – but not those of staff members and other agents, who would not suffer the same stigmas or privacy incursions from such disclosure.

Mr Dunn said he could not pursue his claim properly without witnesses and, where appropriate, their contact details. He appealed successfully against the disclosure order. The order for redaction was overturned. The judge’s approach was to consider this under the CPR (this being a civil damages claim) – but to take the DPA into account as a distinct consideration in reaching his disclosure decision.

The relevance of the DPA

The Court of appeal upheld the use of the CPR as the correct regime for the analysis. It also upheld the appeal judge’s ultimate conclusion. It said, however, that he went wrong in treating the DPA as a distinct consideration when considering a disclosure application under the CPR. With such applications, the DPA is a distraction (paragraphs 21 and 23 of the judgment of Maurice Kay LJ). It is potentially “misleading to refer to a duty to protect data as if it were a category of exemption from disclosure or inspection. The true position is that CPR31, read as a whole, enables and requires the court to excuse disclosure or inspection on public interest grounds” (paragraph 21).

This was not to dismiss the usefulness of a subject access request to those contemplating litigation. See paragraph 16:

“I do not doubt that a person in the position of the claimant is entitled – before, during or without regard to legal proceedings – to make an access request pursuant to section 7. I also understand that such a request prior to the commencement of proceedings may be attractive to prospective claimants and their solicitors. It is significantly less expensive than an application to the Court for disclosure before the commencement of proceedings pursuant to CPR31.16. Such an access may result in sufficient disclosure to satisfy the prospective claimant’s immediate needs. However, it has its limitations. For one thing, the duty of the data controller under section 7 is not expressed in terms of disclosure of documents but refers to communication of “information” in “an intelligible form”. Although this may be achieved by disclosure of copies of original documents, possibly redacted pursuant to section 7(5), its seems to me that it may also be achievable without going that far. Secondly, if the data subject is dissatisfied by the response of the data controller, his remedy is by way of proceedings pursuant to section 7 which would be time-consuming and expensive in any event. They would also engage the CPR at that stage: Johnson v Medical Defence Union [2005] 1 WLR 750; [2004] EWCH 2509 (Ch).”

Instead, the CPR disclosure analysis should balance Article 6 and Article 8 rights in the context of the particular litigation.

Maurice Kay LJ summed up the requisite approach as follows:

“What does that approach require? First, obligations in relation to disclosure and inspection arise only when the relevance test is satisfied. Relevance can include “train of inquiry” points which are not merely fishing expeditions. This is a matter of fact, degree and proportionality. Secondly, if the relevance test is satisfied, it is for the party or person in possession of the document or who would be adversely affected by its disclosure or inspection to assert exemption from disclosure or inspection. Thirdly, any ensuing dispute falls to be determined ultimately by a balancing exercise, having regard to the fair trial rights of the party seeking disclosure or inspection and the privacy or confidentiality rights of the other party and any person whose rights may require protection. It will generally involve a consideration of competing ECHR rights. Fourthly, the denial of disclosure or inspection is limited to circumstances where such denial is strictly necessary. Fifthly, in some cases the balance may need to be struck by a limited or restricted order which respects a protected interest by such things as redaction, confidentiality rings, anonymity in the proceedings or other such order. Again, the limitation or restriction must satisfy the test of strict necessity.”

How to approach disclosure of social work records in litigation

This issue was dealt with by Munby LJ. In short, the main question was whether those seeking to withhold or redact social work records in litigation should analyse the issue in terms of public interest immunity (as some textbooks, older authorities and even the White Book appeared to suggest) or in terms of a balancing between competing rights under the ECHR (in particular, Articles 6 and 8).

Munby LJ made clear that the right answer is the latter. Where information contained in social work records is to be withheld in legal proceedings, this should not now be on the basis of a claim to public interest immunity; we are “a world away from 1970 or even 1989” (paragraph 43). This was despite the fact that “the casual reader of the White Book” (paragraph 31.3.33 in particular) could be forgiven for thinking that PII applies to local authority social work records. Here Munby LJ said he “would respectfully suggest that the treatment of this important topic in the White Book is so succinct as to be inadvertently misleading” (paragraph 48).

Importantly, Munby LJ also went on to explain how (and with what stringency) Article 8 rights to privacy and the protection of personal information should be approached when disclosing information pursuant to litigation. At paragraph 50, he gave the following guidance:

“… particularly in the light of the Convention jurisprudence, disclosure is never a simply binary question: yes or no. There may be circumstances, and it might be thought that the present is just such a case, where a proper evaluation and weighing of the various interests will lead to the conclusion that (i) there should be disclosure but (ii) the disclosure needs to be subject to safeguards. For example, safeguards limiting the use that may be made of the documents and, in particular, safeguards designed to ensure that the release into the public domain of intensely personal information about third parties is strictly limited and permitted only if it has first been anonymised. Disclosure of third party personal data is permissible only if there are what the Strasbourg court in Z v Finland (1998) 25 EHRR 373, paragraph 103, referred to as “effective and adequate safeguards against abuse.” An example of an order imposing such safeguards can be found in A Health Authority v X (Discovery: Medical Conduct) [2001] 2 FLR 673, 699 (appeal dismissed A Health Authority v X [2001] EWCA Civ 2014, [2002] 1 FLR 1045).”

Robin Hopkins