An overview of current issues surrounding data protection
22 May 2017
Data protection issues continue to gather increasing prominence with the introduction of forthcoming new legislation from Europe (which is still likely to affect the UK, despite Brexit) and several key decisions being made in the courts.
Pre-litigation subject access requests
Back in our winter 2015 we reported on the case of Dawson-Damer and others v Taylor Wessing and others in which a group of claimants were in a dispute with a trustee company based overseas. Each individual in the group had submitted individual subject access requests to the trustee’s firm of solicitors based here in the UK, asking for details of all personal data held by the solicitors relating to them.
The solicitors declined to comply on the basis of professional legal privilege, and so the group applied to the High Court for an order to require compliance. The High Court held that the requests were made with the improper motive of seeking documents related to the litigation, and therefore refused the order on the basis that the purpose of a subject access request is not as a pre-litigation disclosure tool.
However, the Court of Appeal has recently overturned this decision, ruling that the High Court was wrong to decline to enforce the request. This suggests that the courts will be increasingly tolerant of subject access requests being used as a tool to obtain disclosure of information pre-litigation. The Court of Appeal has stated in a separate case, though, that the search itself can be limited by what is proportionate to the facts and circumstances.
ICO prosecution for stealing client information
A key asset to any business is its confidential data, in particular its database of clients and potential clients. This information can often end up being the focus of confidentiality clauses and post-employment restrictions in contracts of employment, but is also governed by the Information Commissioner’s Office (ICO) in its regulatory role of enforcing the provisions of the Data Protection Act.
The ICO has recently successfully prosecuted a former recruitment agency employee, who emailed the personal data of approximately 100 existing and potential clients to her personal email address as she was leaving the company to start a new role at a rival recruitment company. She then used that personal data to contact individuals in her new job. She pleaded guilty to the offence and was fined £200, ordered to pay costs of £214 and a victim surcharge of £30.
Matthew leads our employment law department. A Chambers-rated partner, he is praised by clients for his “down-to-earth, practical and common-sense approach”. He handles the full range of contentious and non-contentious employment law issues for clients, with specialisms including complex staff restructurings and employment issues concerning business transfers.
Disclaimer: All legal information is correct at the time of publication but please be aware that laws may change over time. This article contains general legal information but should not be relied upon as legal advice. Please seek professional legal advice about your specific situation - contact us; we’d be delighted to help.
From 6 April, flexible working laws are changing, making it easier for employees to make statutory flexible working requests. The Employment Relations (Flexible Working) Act 2023 will make the following…
Last December, the Home Secretary announced a five-point plan to reduce immigration in the UK, with most measures to be implemented early this year. Tomorrow, these significant changes to business…
Constructive dismissal and delayed resignation can prove to be difficult situations for some employers. Our team of experts look into a case that could help when looking to tackle issues…
Our website uses cookies to improve your experience while you navigate through our website. Out of these cookies, the cookies that are categorised as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyse and understand how you use our website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies but it may affect your browsing experience on our website. You can find our cookie policy here.
Necessary cookies are absolutely essential for our website to function and enable core functionality such as security and accessibility. These cookies do not store any personal information. You can block these cookies by changing your browser settings, but this may affect how the website functions.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Cookie
Duration
Description
__cf_bm
30 minutes
This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
mgref
1 year
This cookie is set by Eventbrite to deliver content tailored to the end user's interests and improve content creation. It is also used for event-booking purposes.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Cookie
Duration
Description
_ga
2 years
The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat
1 minute
This cookie is installed by Google Universal Analytics to restrain request rate and thus limit the collection of data on high traffic sites.
_gid
1 day
Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
G
1 year
Cookie used to facilitate the translation into the preferred language of the visitor.
vuid
2 years
Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos to the website.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
