High Court dismisses application by Google to strike out Mosley claim

In Mosley v Google [2015] EWHC 59 (QB) Google sought to strike out a claim brought by former Formula One President Max Mosley.  Mosley is seeking damages and an injunction, under Section 10 of the Data Protection Act 1998 (‘DPA 1998’).  The injunction is sought to block access to still images and edited footage from its search engine results. The images in question show Mosley involved in a sex act with five women in 2008.

Mosley has already obtained damages of £60,000 from the publishers of the now obsolete News of the World (who originally published the photographs) for the misuse of his private information. This is the largest award of damages in a privacy claim to date (a copy of the judgment can be found here).  Mosley has been involved in litigation against Google in a number of jurisdictions in an attempt to block access to the images.

Mosley has sued Google in relation to the processing of the images. The claim follows the important decision of the European Court of Justice in Google Spain SL, Google Inc. v Agencia Espanola de Proteccion de Datos (AEPD) and Mario Costeja Gonzalez which established Google as a ‘data controller’ for the purposes of the DPA 1998.

Anthony White QC for Google submitted Mosley’s case was ‘unsustainable in fact and law and should be struck out.’  Google argued, even in its role as data controller, that it could not be required to block the images and relied on E-Commerce Directive 2000/31: Article 13 and Article 15. Article 13 provides that a service provider, would not be liable for the ‘automatic, intermediate and temporary storage of the information.’ Further to this, Google submitted that Article 15 provides that ‘Member States shall not impose a general obligation on providers… to monitor the information they transmit or store.’

Hugh Tomlinson QC for Mosley submitted that Google did not comply with Article 13(1)(a) of the Directive because they had modified the images by reducing them to thumbnails and therefore, they cannot rely on Article 13 of the Directive. Mr Tomlinson QC also argued that Directive 95/46 and the DPA 1998 solely and exclusively govern the processing of personal data, and therefore Directive 2000/31 is not relevant in the instant case.

Ruling on Google’s application, Mr Justice Mitting held that Google had not modified the images within the meaning of Article 13(1)(a), the thumbnail images still conveyed the same information and Google had simply reduced the size. Secondly, Mitting J held that the 1995 and 2000 Directives should be read in harmony of one another, and if possible, applied in conjunction. Crucially, Mitting J went on to rule that regardless as to whether Directive 95/46 applied solely or whether Directive 2000/31 was relevant, where personal sensitive data has been wrongly processed by an internet service provider and the court could provide a remedy, that such a matter should be tried.

Addressing the prohibition on general monitoring under Article 15 of the 2000 Directive, the judge remarked:-

“Given that it is common ground that existing technology permits Google, without disproportionate effort or expense, to block access to individual images, as it can do with child pornography, the evidence may well satisfy a trial judge that it can be done without impermissible monitoring. Accordingly, even if monitoring is not permissible in a data protection case, as to which I express no view, the claimant has a viable case on this issue, which might well succeed.”

He went on to conclude:-

“For all of those reasons, in my judgment, the claimant’s primary case on the issues which I have identified is not such that it has no real prospect of success. On the contrary, it seems to be a viable claim which raises questions of general public interest, which ought to proceed to trial.”

A full copy of the judgment can be found here