May 23rd, 2011 by Robin Hopkins

The Committee on Super-injunctions, established in April 2010 in the wake of the Trafigura and Terry cases, was made up largely of judges and practising lawyers, but also included legal representatives from the Guardian and Trinity Mirror. Nonetheless, the media have not received its report, “Super-Injunctions, Anonymised Injunctions and Open Justice” warmly. The Independent has commented on the “absurdity” of the current situation, while the Daily Mail called the report “a chilling exercise in judicial activism, self-delusion and – most worrying – a constitutional attack on Parliamentary sovereignty and free speech”.

Tensions have escalated since the publication of the report on Friday, and reached a head today. Footballer “CTB” (as his injunction order refers to him) has obtained a disclosure order requiring Twitter (based in California) to divulge the names of the “persons unknown” (resident, of course, in jurisdictions unknown) who have referred to his identity in their tweets. Scotland’s Sunday Herald flouted the order of the High Court of England and Wales in publishing the player’s name. This has apparently prompted calls for the Attorney-General to take action against the journalist responsible, a course of action which in the view of SNP leader Alex Salmond would be unwise. Mr Salmond neatly articulated the jurisdictional (and devolutionary) difficulties of this issue, by arguing on this morning’s Today programme that anyone wishing an injunction to be effective in Scotland should apply to a court in Scotland. Fred Goodwin was “outed” in the Lords last week, and John Hemming MP has moments ago outed CTB himself.

And so it goes on. It has been announced in the past few minutes that a joint parliamentary committee will be established to consider privacy law reform. Against this backdrop, I set out a few (rapidly evolving) thoughts on four of the thorny issues raised by the report, the accompanying press conference given by Lords Neuberger and Judge and the general aftermath. On each of these four issues, my sense at the moment is that matters may develop in favour of openness rather than privacy – despite the failure this afternoon to overturn CTB’s injunction.

First though, a synopsis of the report’s thrust and limited terms of reference.

The report: procedure, not substance

As regards its subject matter, the committee distinguished between super-injunctions (where the order states that neither the named applicant’s private information nor the existence of the order can be published), anonymous injunctions (the order does not name the applicant or parties involved) and “so-called hyper-injunctions” (the order prohibits individuals from discussing matters with third parties).

It sees no legal barrier to any of these types of injunction taking effect. It thinks all such injunctions are very rare, but recommends that statistics be maintained on the granting of injunctions so that their prevalence can be monitored.

The report proposes a tidying up of the procedure for obtaining these injunctions. The committee gives a firm “no” to the use of specialist judges to hear these kinds of application. It says that Practice Guidance should be issued, which should include model orders and the process for expediting appeals against the granting of such orders.

Overall, however, the report is not about substantive law reform: that is a matter for parliament. In fact, it is now an urgent matter for parliament. In my view, some of the key issues to be considered are as follows.

Issue 1: media presence at injunction hearings

Parliament’s committee will, like the reporting committee, take Article 10 ECHR very seriously (for a very recent example of Article 10 affecting the interpretation of FOIA, see my post here). The report observes that “it will be a very rare case where advance notice of such an application to media organisations, which are likely to be affected by any order, can be justifiably withheld”. It proposes that the press be allowed to attend application hearings – bound of course by confidentiality agreements and non-disclosure orders. This would allow the media to be properly informed of the matters on which they may not report, and would also equip them to appeal against orders where they deem this appropriate.

This is doubtless a step in the right direction in terms of Article 10. As the committee recognises, however, there are real practical difficulties with the proposal. First, interim injunction hearings are often so rushed that there is no real prospect of a blanket invitation to the media. Secondly, how does one determine who the “media” are who are allowed to attend such hearings? As Lord Judge put it “we know who you [the media attending the release of the report] are, we’re familiar with you, but someone comes along and says, “I’m from the Argyll and Orkney Express” but how do we know? Do we really expect to have cards issued? Can you imagine the bureaucracy?”.

Part of the problem is this: either anyone with an interest in reporting the matter is allowed to attend, or only the “establishment” (this is my term, but seems the sentiment reflected in Lord Judge’s rhetorical question) is allowed, even though the aim is to make everyone subject to the order, establishment or not. The former option exponentially increases the risk of leaks and disclosures on Twitter. The latter option draws distinctions which are impracticable and problematic in terms of Article 10 and fairness in a broader sense. My view is that the former option will prevail, and that we will see a very broad net of media attendees at future super-injunction hearings. This in itself might serve as a deterrent to making such applications in the first place.

Issue 2: Twitter and other “modern technology”

There has been a flexing of judicial muscle as regards Twitter. Though he described “modern technology” as “totally out of control”, Lord Judge took hope from efforts to combat online child pornography. He said this:

“Are were really going to say that someone who has a true claim of privacy, perfect well made, which the media and newspapers can’t report, has to be at the mercy of someone using modern technology? At the moment that may seem to be the case but I am not giving up on the possibility that people who in effect peddle lies about others by using modern technology may one day be brought under control, maybe through damages – very substantial damages – maybe even through injunctions to prevent the peddling of lies”.

The language of “peddling lies” is curious. That is a concept belonging to libel law, rather than privacy. Those seeking super-injunctions tend not to say the underlying material consists of lies, but simply that it is private. The damage lies not in the falsity of the material, but in the fact that people talk about it.

This distinction is important in at least two respects. First, if an applicant wants to prevent people talking about the matter, but many people have already done so (for example, on Twitter), then his or her case for an ongoing injunction is weakened; it begins to look more a matter for damages than for injunctive relief.

Secondly, foreign jurisdictions may be even less cooperative about orders from England and Wales protecting private (but often true) material than they often are about similar orders concerning libel (see for example the United States’ Speech Act of 2010). Countries co-operate against copyright infringement and child pornography because they think it important to do so in a civilised society. They may be less inclined to think that about, say, Andrew Marr’s sex life. In other words, there is a good chance that legal action, whether for injunctive relief or damages, taken in England and Wales against foreign reporters may simply be impotent.

Contrast this likely impotence with measures for after illegal file-sharers through their internet service providers, proposed under the UK’s Digital Economy Act 2010 (on which, see my discussion here in advance of BT’s judicial review of that Act): unlike Twitter, ISPs often have a commercial footing in the UK which they are concerned to protect; international (including EU) legal protection is far more advanced than for copyright than for privacy; even under the Digital Economy Act’s proposal, infringing users are to be given a number of warnings before their details are handed over to those seeking damages, unlike the old Norwich Pharmacal model being utilised in the footballer’s action against Twitter.

Issue 3: granting and maintaining super-injunctions

The report emphasises that super-injunctions are not to be permanent, but should be granted only for very short periods of time. If anyone notices a super-injunction being granted with no return date, they should complain about it, as was done in the Zac Goldsmith/Jemima Kahn case. So far so good: allowing the media to be present for application hearings would help on this front, as would minimising the time between the interim injunction and the return date.

As regards the grounds on which a super-injunction should be granted, the report’s mood music suggests that some may have been granted too readily. It stresses that “in seeking to minimise derogations from the principle of open justice, the committee envisaged that super-injunctions will only be granted in very limited circumstances”. Other than to emphasise exceptionality and Article 10, there is probably little to be said (either by the committee or by parliament) in terms of guidance to judges on granting such injunctions – this is, and will remain, largely a case-by-case business.

The thorny issue of the moment, however, is this: if a matter has been very widely disclosed on Twitter and other websites, is it fair to maintain an injunction the effect of which is to prevent the establishment media from reporting it? If, as I suggested above, the damage comes from people knowing about what you have done, hasn’t the horse bolted in such circumstances? If people wish to reject your job application or shun you at parties, they will probably do so regardless of how they learnt about your indiscretions. Part of what seemed to concern David Cameron in his ITV interview this morning is this prejudicial effect on the establishment as compared with “newer” media, which commentators have described over the weekend as existing in “parallel universes”.

Lords Neuberger and Judge both suggested on Friday that, to the extent that there are differential effects on newspapers as compared to Twitter, that difference is justified. To a degree, they are correct: rightly or wrongly, we tend to expect more noble and sophisticated ethics from mature brands of journalism than we do from little-known blogs, and applicants no doubt suffer incremental damage from the public seeing matters reported in print headlines or on major news websites which they would otherwise have had to seek out on Twitter. There must come a point, however, where the media’s interests (including under Article 10) outweigh this combination of incremental harm and ethical expectation. That too is probably a matter for case-by-case determination, but it is something parliament’s joint committee will surely wish to consider. It may well side with the media over the privacy-seeking individual if forced to give guidance on a hypothetical case.

Issue 4: parliamentary privilege and contempt of court

The constitutional stakes are highest in this strand of the current debate.

The committee was very clear that no super-injunction or any other court order could conceivably restrict or prohibit parliamentary debate or proceedings. It also recognised that, in defamation proceedings, the reproduction of extracts from Hansard attracts attaches to, while honest, fair and accurate reporting of parliamentary proceedings attracts qualified privilege. It is unclear, however, whether the same would apply in contempt proceedings. In fact, “the law relating to Contempt of Court when it comes to reporting what is said in Parliament is astonishingly unclear”, as Lord Neuberger put it. The extent to which parliamentary privilege attaches to conversations between an MP and his or her constituents (some of whom may of course be journalists) is also unclear.

Lord Judge, however, explicitly disapproved of members of either house using parliamentary privilege to circumvent super-injunctions:

“But you do need to think, do you not, whether it’s a good idea for our lawmakers, to be in effect to be flouting a court order just because they disagree with the order or for that matter because they disagree with the law of privacy which parliament has created”.

John Hemming MP clearly takes a different view.

Again, there is much of interest in Lord Judge’s remark, such as the reference to parliament having created the law of privacy, and the implicit distinction between parliament flouting a court order and an individual member doing so. It would be very surprising, however, if parliament’s joint committee were to propose a constrained version of parliamentary privilege. If that committee is robust in defence of the houses’ privileges, the door may be opened to future “outings”, such as that of Fred Goodwin or CTB. Mindful of this, the reporting committee proposed a softer form of control than the restriction of parliamentary privilege. It suggested that:

“House authorities should consider the feasibility of a streamlined system for answering sub judice queries from the Speakers’ offices. Such a communication system will require the creation of a secure database containing details of super-injunctions and anonymised injunctions held by Her Majesty’s Courts and Tribunals Service, which could be easily searchable following any query from the House authorities”.

Parliament’s committee may well endorse this as the approach best suited to preserving a balance of respect (as opposed to contempt) between parliament, the courts, the media and individuals fearful of their privacy being overridden on political platforms.

On this issue, as with so much of the UK’s constitution, the answer may turn out to be a tense but workable network of understandings, rather than hard law. Perhaps this would calm matters only temporarily. But it might also provide breathing room for the public to evolve our expectations about privacy and freedom in both establishment and “modern technology” media, without bringing the latter under any undue “control”.

Robin Hopkins



April 15th, 2011 by Robin Hopkins

The Court of Appeal has today given judgment in H and L v A City Council [2011] EWCA Civ 403. This is an important decision on Article 8 ECHR in the context of the disclosure of information on past convictions.

The case involved a seriously disabled man, H, and his partner L, who was also seriously disabled. They were active in the disability movement, both as campaigners and in running a company that provided consulting services on disability issues to public authorities. They employed personal assistants in their home, paid for with funds from the local authority. H had been convicted of a serious sexual offence against a child in 1993. His home local authority was aware of this, but took no action until 2009, when it was contacted by a second local authority where H ran a disability charity. It transpired that H had been committed for trial on another charge of an offence against a child, though he was subsequently acquitted. It also came to light that H had a previous conviction for failing to disclose his unspent convictions, and that he was being referred to the Independent Safeguarding Authority.

H’s local authority reacted by convening a number of strategy meetings involving the relevant professionals, without informing H. It decided to begin paying H and L’s care assistants directly (for audit trail reasons) rather than by payments to H and L themselves. As regards disclosure, it took three decisions: (i) it disclosed to 9 organisations with which H was involved an outline of its concerns and of all the facts giving rise to those concerns, (ii) it told H and L that it reserved the right in future to contact any other organizations or persons and express these same concerns if it felt the need arose, (iii) it informed the personal assistants of its concerns and the underlying facts.

H and L brought judicial review and Article 8 proceedings. At first instance (see the Panopticon post here), HHJ Langan QC found for the local authority on the lawfulness of disclosures (i) and (ii), but against it on disclosure (iii). He also found that the new payment regime imposed by the local authority was unlawful.

The Court of Appeal found that all of the disclosure decisions were unlawful: the crucial factor was that none of H’s current involvements brought him into contact with children. Therefore, the local authority’s blanket approach to all 9 organisations was unfair and disproportionate. Its decisions had also been procedurally unfair, in that H had not been allowed to make any representations. The new payment regime was motivated by the disclosure decisions, and therefore also unlawful.



January 13th, 2011 by Timothy Pitt-Payne QC

The system of CRB checks (established under Part V of the Police Act 1997) is currently under review:  for the review’s terms of reference, see here.   At present, where an enhanced CRB check is carried out it is for the police to decide whether there is any non-conviction information that ought to be included in the enhanced CRB certificate:  for instance, information about acquittals, or about allegations that have never been tested at a criminal trial.  The legal principles governing this exercise – in particular, the relevance of Article 8 of the Convention – were extensively discussed by the Supreme Court in R (L) v Commissioner of Police of the Metropolis [2009] UKSC 3.

The recent decision of the Court of Appeal in Desmond v Chief Constable of Nottinghamshire Police [2011] EWCA Civ 3 raises a different issue:  for the purposes of the law of negligence, do the police owe a duty of care to the individual who is the subject of the certificate?  The Court of Appeal holds that they do not.

In Desmond, the claimant’s case (put very shortly) was that adverse information about him had been included in an enhanced CRB check; that the information disclosed was misleading; and that the decision to disclose could not be justified on the basis of the material available to the police, and had been reached without making proper enquiries.  He brought a claim against  the relevant Chief Constable, alleging (inter alia) breach of Article 8, breach of the Data Protection Act 1998, and negligence.

The claim in negligence was struck out, but this decision was partly reversed on appeal by Wyn Williams J, whose judgment is at [2009] EWHC 2362 (QB).  On further appeal, the Court of Appeal restored the original decision to strike out the negligence claim in full.  There was no proper basis for concluding that the chief officer was to be taken to have assumed responsibility to Mr. Desmond; the structure and purpose of the relevant legislation strongly suggested that there should be no duty of care; there was no case which persuaded the Court of Appeal, by analogy, that a duty of care should be imposed; and the existence of various other remedies that Mr. Desmond could pursue also supported the conclusion that no duty of care was owed. 

The Court of Appeal also states that Article 8 of the Convention is likely to be applicable in every case where non-conviction information is disclosed as part of an enhanced CRB certificate, and that a breach of Article 8 would give rise to a potential damages claim under section 8 of the Human Rights Act 1998:  see paragraph 9 of the judgment.  It appears from the Court of Appeal’s judgment that Mr. Desmond’s Article 8 claim still continues, as does his claim under the Data Protection Act 1998. 



January 5th, 2011 by Robin Hopkins

The Scottish Government has published its guidance document on Identity Management and Privacy Principles. The guidance is aimed at both public sector policy makers and with those involved in devising or operating systems for proving or recording identity. Key principles include:

  • For services which are used frequently and for which identification is needed, users should be required to register only once. Thereafter, unless there is a statutory requirement to prove identity, a person should generally be able to access the service by authenticating themselves using a token (such as a bus pass or library card) that proves their entitlement without revealing personal information. In other circumstances, a user name and a password may be required.
  • A Privacy Impact Assessment (PIA) or proportionate equivalent should be conducted and published prior to the implementation of a project which involves the collection of personal information.
  • Where a public body has a contract with the private sector or the third sector, the contractor must be contractually bound to adhere to best practice as outlined in the guidance.
  • The creation of centralised databases of personal information is to be avoided.
  • If a public service organisation needs to link personal information from different systems and databases (internally or between organisations), it should avoid sharing persistent identifiers. Instead, other mechanisms – such as matching – should be considered.



November 23rd, 2010 by Anya Proops KC

Many readers of this blog will be familiar with the stringent protections which the Data Protection Act 1998 (DPA) affords in respect of personal health data (see further the definition of ‘sensitive personal data’ in s. 2 DPA). Thus, for example, if a data controller wishes to avoid contravening the first data protection principle (the fair and lawful processing principle) as and when it is processing health data, it must ensure that: (a) the particular processing is fair and lawful; (b) that it meets one of the conditions provided for in schedule 2 to the DPA and (c) that it meets one of the very narrowly drawn conditions provided for in schedule 3 to the DPA. If the processing is intended to serve the interests of medical research, the data controller will doubtless wish to look in particular at the condition provided for in paragraph 8 of schedule 3. That condition stipulates that the processing must be ‘necessary for medical purposes’ (which includes the purposes of medical research) and be undertaken either be ‘a health processional’ or ‘a person who in the circumstances owes a duty of confidentiality which is equivalent to that which would arise if the person were a health professional’. Of course, the principle which underpins this particular condition is that it is very much in the public interest that, subject to the test of necessity, health data be shared by medical researchers. A recent judgment of the European Court of Human Rights (ECHR) has highlighted the importance of this particular public interest: Gillberg v Sweden (application no. 41723/06).

In Gillberg, two researchers requested access to health data which had been accumulated by Professor Gillberg as part of a long-term project on hypheractivity and attention deficit disorders in children which he was running out of the University of Gothenburg in Sweden. The University refused access on the basis that assurances had been given to the parents of the children and later the children themselves concerning the confidentiality of the data. The researchers challenged the University’s decision relying on Sweden’s long-established and generous rules on access to official documents. The Swedish administrative court upheld the researchers’ claim and ordered that the University disclose the data to them, subject to the imposition of strict conditions on their handling and use of the data. In reaching the conclusion that the data should be disclosed to the researchers, the Swedish court took into account not least the public interest in ensuring the independent and critical evaluation of medical research in the important field of neuropsychiatry. The data was subsequently destroyed by certain of Professor Gillberg’s colleagues. Thereafter, Professor Gillberg was convicted of misuse of office by the Swedish Parliamentary Ombudsman. Having lost his appeals against conviction in the national courts, Professor Gillberg took his case to the ECHR claiming that the conviction breached his Article 8 and 10 rights, particularly in view of the assurances of confidentiality which he had given to the data subjects and their parents. The ECHR dismissed Professor Gillberg’s appeal. It found that, even if the conviction interfered with Professor Gillberg’s Article 8 right to privacy (i.e. his right to privacy in the context of his professional affairs), that interference was justified in the circumstances. It also found that there was no interference with Professor Gillberg’s Article 10 right to freedom of expression as he was convicted not for giving assurances of confidentiality but rather because he misused his office in response to the judgments of the court.

The ECHR’s judgment is interesting not least because it confirms that, at least for the purposes of human rights jurisprudence, the fact that promises of confidentiality have been given to individual patients/research subjects does not create an automatic bar on disclosures which may breach those promises, particularly where the disclosures serve important public interests such as the interests in protecting the integrity and progress of medical research. Query whether the same result would have obtained on an application of the principles embodied in the DPA, particularly in view of the relatively permissive approach to disclosures for the purposes of medical research contained in paragraph 8 of schedule 3.



August 3rd, 2010 by Anya Proops KC

The Court of Appeal has recently handed down an important judgment on the application of the law of confidence in matrimonial proceedings: Tchenguiz & Ors v Imerman [2010] EWCA Civ 908. The background to the case was that an application for ancillary relief had been made by Mrs Tchenguiz Imerman (TI) against her husband, Mr Imerman. Fearing that Mr Imerman may seek to conceal the nature and extent of his assets in the context of the ancillary relief proceedings, one of TI’s brothers, possibly with the help of others, accessed a computer server in an office which Mr Imerman shared with TI’s brothers and then copied information and documents which Mr Imerman had placed on that server relating to his assets. In order to prevent TI relying on the information and the documents in the ancillary relief proceedings, Mr Imerman sought to restrain the defendants from communicating the information and documents which they had obtained to any third party (including TI and her lawyers). He also sought delivery up of all copies of the documents. Eady J granted the orders sought by Mr Imerman. The defendants appealed to the Court of Appeal. The central issue for the Court of Appeal was essentially whether TI should be allowed to use the information and documents in the context of the ancillary relief proceedings, despite the fact that they appeared to have been obtained by the defendants in breach of confidence and, hence, unlawfully.  The case was rendered particularly complex as a result of what is commonly known in matrimonial proceedings as the ‘Hildebrande rules’. Historically, these rules have been applied by the courts in matrimonial ancillary relief proceedings so as generally to allow individuals to rely on evidence as to their spouses’ assets notwithstanding that that evidence has been unlawfully obtained.

In summary, the Court of Appeal held as follows:

·         the information/documents had been unlawfully obtained by the defendants as they had been obtained in breach of confidence (and, further, in breach of Mr Imerman’s right to privacy);


·         it may be that the obtaining of the information/documents had also amounted to: (a) criminal conduct on an application of s. 17 of the Computer Misuse Act 1990; (b) unlawful processing of Mr Imerman’s personal data under s. 4(4) Data Protection Act 1998 (DPA); and, further, (c) a criminal act under s. 55 DPA; although having found that the information/documents were obtained unlawfully in breach of confidence, the Court did not need to reach a concluded view on these issues;


·         the question for the Court was whether it should effectively condone the illegal self-help methods adopts by the defendants simply because it was feared that Mr Imerman may behave unlawfully and conceal that which should be disclosed in the ancillary relief proceedings. The answer to that question was: ‘No’ (see para. 107). As the Court suggested:The tort of trespass to chattels has been known to our law since the Middle Ages and the law of confidence for at least 200 years, yet no hint of any defences of the kind now being suggested is to be found anywhere in the books’ (para. 117). Thus, the Hildebrande rules could not be justified on any grounds;


·         if there were concerns that an individual may seek dishonestly to conceal assets in the context of ancillary relief proceedings, the correct course would be for the spouse to seek to protect her/his position through lawful means, for example by applying to the court for an anton pillar order.

The judgment is important not least because it highlights the essentially inalienable nature of the common law rights to confidentiality and privacy. There is no doubt that the judgment will be controversial, not least because of concerns that it fails to recognise the significant power imbalance which often obtains between spouses in matrimonial proceedings.