Tag Archives: misuse of private information

Independent Inquiry into Childhood Sexual Abuse fined £200,000 for email data leak

The Information Commissioner’s Office (the ICO) has fined the Independent Inquiry into Childhood Sexual Abuse (IICSA) £200,000 following a data leak on 27 February 2018.  The leak occurred  when a member of staff sent a ’round-robin’ email, but mistakenly used the ‘to’ field instead of the ‘bcc’ field, inadvertently disclosing the email addresses of 90 individuals (known as ‘Participants’) who had anonymously submitted evidence to the inquiry about their childhood sexual abuse.  The security breach was exacerbated because 39 ‘reply to all’ emails were sent by 22 of the recipients.

Read more

An expectation of privacy in a spent conviction? XKF provides some practical guidance

In the case of XKF v BBC [2018] EWHC 1560 (QB), Mrs Justice Elisabeth Laing granted a privacy injunction to a former police officer, anonymised in these proceedings as XKF, to prevent the BBC from broadcasting film footage of him recorded at or near his home on 13 March 2018.

Read more

Court orders Facebook to disclose information behind deletion of deceased person’s Facebook account

In Sabados v Facebook Ireland Ltd (2018; unreported) His Honour Judge Parkes QC (sitting as a Judge of the High Court) ordered Facebook Ireland to disclose information pertaining to a request which it had received (and acted upon) to delete the account of a deceased person.

Read more

Unnamed family members entitled to damages for Home Office immigration data leak

In The Secretary of State for the Home Department & Anor v TLU & Anor [2018] EWCA Civ 2217 the Court of Appeal, was asked to review one aspect of Mr Justice Mitting’s decision in TLT & Ors v The Secretary of State for the Home Department & Anor [2016] EWHC 2217 (QB). The first instance decision (discussed at our blog here) considered a number of important issues relating largely to the assessment of quantum in “data leak” cases, including whether damages for accidental leaks should be assessed in the same way as deliberate privacy breaches (no), whether there was a de minimis principle in such cases (yes) and whether regard had to paid to the objective “rationality” of the level of distress pleaded (yes). However, the appeal (brought by the Defendant Home Office) was restricted to the issue of any liability owed to individuals affected by a data leak, but not specifically named in a leaked electronic document.

Read more

Claimants entitled to issue privacy proceedings in the Chancery Division

In the recent case of Mezvinsky & Anor v Associated Newspapers Ltd [2018] EWHC 1261 (CH)
Chief Master Marsh had to decide whether there was a more appropriate division of the High Court in which a privacy claim should be brought.

Read more

High Court allows service of injunction by text message in blackmail case

The High Court has made an order in the anonymised case of NPV v QEL & ZED [2018] EWHC 703 (QB) allowing for service of an injunction by text message.  The case involves claims for misuse of private information and harassment in respect of an alleged blackmail attempt.

Read more

NT1 and NT2 v Google Inc: How to seek the delisting of search engine results following the first English decision on the “right to be forgotten”

The much-anticipated decision in NT 1 & NT 2 v Google LLC [2018] EWHC 799 (QB) was handed down on 13 April 2018.  The joint judgment in two separate claims against Google, is the first time the English courts have had to rule on the application of the ‘right to be forgotten’ principle following the decision in Google Spain SL, Google Inc. v Agencia Espanola de Proteccion de Datos (AEPD) and Mario Costeja Gonzalez (Case C-131/12).

Read more

The resurgence of the privacy injunction?

According to official statistics published by the Ministry of Justice, there were, between July and December 2017, eight new applications for interim privacy injunctions, all of which were granted (available here). This was the highest number of successful new applications in a six-month period since 2012.  Is the privacy injunction making a return?

Read more

Data Breach : Compensation claims for mass data breaches

In January 2014, Andrew Skelton, an apparently disgruntled employee of Morrisons Supermarket posted a file containing the personal data (including salaries, bank details, and National Insurance numbers) of 99,998 Morrisons’ employees on a file-sharing website.  It seems his intention was to cause mass-scale damage to the supermarket.  In March 2014, a CD containing the data was sent to three UK newspapers, one of whom alerted Morrisons.  Chief among the company’s concerns was the possibility of the data being used to aid theft or identity theft from the staff concerned.  They acted quickly to get the file removed from the Internet within a few hours.

Read more

Vlogger Chrissy Chambers secures damages in revenge porn settlement

In a widely-reported settlement, the American vlogger Chrissy Chambers has recovered damages from her former British boyfriend – anonymised in the High Court proceedings as “DCR”.

Read more

Contact us

Your Name (required)

Your Email (required)

Subject

Your Message