Effective 1 June, we have a new address: 34 Imperial Square, Cheltenham, Gloucestershire GL50 1QZ
Get in Touch Menu

An overview of current issues surrounding data protection

22 May 2017

Data protection issues continue to gather increasing prominence with the introduction of forthcoming new legislation from Europe (which is still likely to affect the UK, despite Brexit) and several key decisions being made in the courts.

Pre-litigation subject access requests

Back in our winter 2015 we reported on the case of Dawson-Damer and others v Taylor Wessing and others in which a group of claimants were in a dispute with a trustee company based overseas. Each individual in the group had submitted individual subject access requests to the trustee’s firm of solicitors based here in the UK, asking for details of all personal data held by the solicitors relating to them.

The solicitors declined to comply on the basis of professional legal privilege, and so the group applied to the High Court for an order to require compliance. The High Court held that the requests were made with the improper motive of seeking documents related to the litigation, and therefore refused the order on the basis that the purpose of a subject access request is not as a pre-litigation disclosure tool.

However, the Court of Appeal has recently overturned this decision, ruling that the High Court was wrong to decline to enforce the request. This suggests that the courts will be increasingly tolerant of subject access requests being used as a tool to obtain disclosure of information pre-litigation. The Court of Appeal has stated in a separate case, though, that the search itself can be limited by what is proportionate to the facts and circumstances.

ICO prosecution for stealing client information

A key asset to any business is its confidential data, in particular its database of clients and potential clients. This information can often end up being the focus of confidentiality clauses and post-employment restrictions in contracts of employment, but is also governed by the Information Commissioner’s Office (ICO) in its regulatory role of enforcing the provisions of the Data Protection Act.

The ICO has recently successfully prosecuted a former recruitment agency employee, who emailed the personal data of approximately 100 existing and potential clients to her personal email address as she was leaving the company to start a new role at a rival recruitment company. She then used that personal data to contact individuals in her new job. She pleaded guilty to the offence and was fined £200, ordered to pay costs of £214 and a victim surcharge of £30.

Matthew leads our employment law department. A Chambers-rated partner, he is praised by clients for his “down-to-earth, practical and common-sense approach”. He handles the full range of contentious and non-contentious employment law issues for clients, with specialisms including complex staff restructurings and employment issues concerning business transfers.

We're here to help
Matthew Clayton MA LLM (Cantab), CIPP/E
View profile
Mathew Clayton
Related services
Share this article
Resources to help

Related articles

A new gateway for pay equality

Employment & business immigration

A recent case has paved the way for employers to be more transparent in identifying equal work and pay. For the first time, a tribunal has ordered a company to…

Jenny Hawrot LLB (Hons)

Major Supreme Court ruling finds paid holiday for part-year workers cannot be pro-rated

Employment & business immigration

On 20 July 2022, the Supreme Court upheld the Court of Appeal’s earlier decision in Harpur Trust v Brazel that part-year workers should not have their paid holiday pro-rated. Here,…

Matthew Clayton MA LLM (Cantab), CIPP/E

“It’s too hot to work” - or is it?

Employment & business immigration

If this is the cry you are hearing from your staff during the current heatwave, you may be interested to know that although health and safety laws say that working…

Matthew Clayton MA LLM (Cantab), CIPP/E
Contact us