Again, the point can be argued accepting the point of pecuniary loss. The applicant who has suffered having their personal information lost has gone to a psychologist for intensive therapy. The applicant would not have had that cost of therapy but for the breach ipso facto they have suffered damage and as a result distress.
The point, therefore, still stands. There is money to be made as people suffering large scale breaches, such as needing to move house, where someone can show the "cost" of the breach.
For example, an organisation inadvertently loses a document with allegations about a person. The community find the papers, and vigilante style, vandalise the house and explain that the person must leave the community. However, once the breach has occurred, the processing was unfair, and the person suffers damage, (see above), then distress will be a factor. The house would not have been vandalised (literally damaged), but for the improper processing. The person would not be distressed about having to move, but for the improper processing.
I think the point the courts were trying to ensure was that you cannot lose the case and still receive compensation because your reputation was ruined.
In other words, if you had fair processing that lead to the damage, then you cannot recoup any damage to reputation no matter how serious or distressful.
In Johnson V. MDU, he could not show that the damage to reputation was for improper processing. In other words, the processing was fair, his cover was withdrawn appropriately. If reputation loss follows from proper processing, that cannot be the basis for seeking damages. Moreover, I do not think that the loss of reputation can be shown to be directly related to the loss of cover. Reputation is built on a number of elements and as we know people can and do rehabilitate their reputations or their reputations survive damaging disclosures.
Best,
Lawrence
-----Original Message-----
From: Baines, Jonathan [mailto:[log in to unmask]]
Sent: 01 November 2012 13:56
To: Lawrence Serewicz
Cc: [log in to unmask]
Subject: Re: [data-protection] When will the first class action data breach suit reach the UK from the US?
Hi Lawrence
While I appreciate that point, the Court of Appeal judgment is clear on the subject of pecuniary loss (see paras 74 and 75), and the principle of stare decisis means any inferior court is bound by that.
http://www.bailii.org/ew/cases/EWCA/Civ/2007/262.html
Best wishes
Jonathan
On 1 Nov 2012, at 12:03, "Lawrence Serewicz" <[log in to unmask]<mailto:[log in to unmask]>> wrote:
Interesting point, but one that does not bear sustained examination. How does one prove financial damage in libel? I think that clever lawyers will find a way to link the two trains of thought or create a hybrid especially relating to a breach.
In Johnson V MDU, his claim was dependent upon an unsustainable causal chain<http://www.5rb.com/case/Johnson-v-Medical-Defence-Union-(No.2)-(CA)>. He claimed the improper processing, led to the loss of insurance cover, which in turn led to a loss of reputation. The causal chain could not be sustained once the issue with the fairness of the processing was considered. Moreover, he could not show that the loss of coverage was the sole and unremitting cause of loss of reputation. Immediate mitigating factors emerge, to whit someone could be worthy of a poor reputation for issues unrelated to the loss of coverage.
By its definition a data breach is unfair processing. It would take a brave soul to explain to the magistrates that someone has suffered no pecuniary damages, when the contents of an excruciatingly private document (insert your worst privacy nightmare) relating to a vulnerable person, regarding an unfair processing associated with the breach. The magistrates may agree that there is no pecuniary damage, but they may consider other damage worthy of compensation.
Best,
Lawrence
From: Baines, Jonathan [mailto:[log in to unmask]]
Sent: 01 November 2012 10:32
To: Lawrence Serewicz; [log in to unmask]<mailto:[log in to unmask]>
Subject: RE: [data-protection] When will the first class action data breach suit reach the UK from the US?
The problems is proving damage under s13 DPA. Following Johnson v MDU absence of pecuniary loss will be fatal to any claim. With most breaches there's no obvious pecuniary loss.
Jonathan Baines
Complaints and Information Rights Officer Legal and Democratic Services Buckinghamshire County Council Ground Floor, New County Offices
tel: 01296 383681
________________________________
From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Lawrence Serewicz
Sent: Thursday 01 November 2012 10:21
To: [log in to unmask]<mailto:[log in to unmask]>
Subject: [data-protection] When will the first class action data breach suit reach the UK from the US?
Dear All,
I came across this article on Mondaq service<http://www.mondaq.com/unitedstates/x/203800/Data+Protection+Privacy/Class+Actions+Adding+to+the+Cost+of+Data+Breaches&email_access=on> and I thought it would be of interest to you.
In the US attorneys are seeing the chance to make some money (and get justice (of course)) for plaintiffs in class action suits based on large scale data breaches.
In a sense, this could add to the fine issue and generate a lot more pressure on organisations. Not only do you have to worry about the regulator, now you have to worry about solicitors who will engage you in litigation to make some money.
I appreciate that the class action legislation is different in the UK, but I wonder how long it will be before it arrives. I also appreciate that anyone can, if they can show damage, bring the case to the magistrates per the ICO guidance. However, I am not aware of anyone doing this on more than an individual basis.
I am very surprised that there are not more solicitors trawling for this type of business as there is money to be made.
Do you see this as a growth area, i.e. do you think we will see more legal actions for compensation or less?
Best,
Lawrence
Principal Information Management Officer Durham County Council Room 4/140 County Hall County Durham
DH1 5UF
03000 268038
________________________________
Help protect our environment by only printing this email if absolutely necessary. The information it contains and any files transmitted with it are confidential and are only intended for the person or organisation to whom it is addressed. It may be unlawful for you to use, share or copy the information, if you are not authorised to do so. If you receive this email by mistake, please inform the person who sent it at the above address and then delete the email from your system. Durham County Council takes reasonable precautions to ensure that its emails are virus free. However, we do not accept responsibility for any losses incurred as a result of viruses we might transmit and recommend that you should use your own virus checking procedures.
________________________________
All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html
Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):
* Leaving this list: send leave data-protection to [log in to unmask]<mailto:[log in to unmask]&BODY=LEAVE%20data-protection>
* Suspending emails from all JISCMail lists: send SET * NOMAIL to [log in to unmask]<mailto:[log in to unmask]&BODY=SET%20*%20NOMAIL>
* To receive emails from this list in text format: send SET data-protection NOHTML to [log in to unmask]<mailto:[log in to unmask]&BODY=SET%20data-protection%20NOHTML>
* To receive emails from this list in HTML format: send SET data-protection HTML to [log in to unmask]<mailto:[log in to unmask]&BODY=SET%20data-protection%20HTML>
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]<mailto:[log in to unmask]>
Any queries about sending or receiving messages please send to the list owner [log in to unmask]<mailto:[log in to unmask]>
(Please send all commands to [log in to unmask]<mailto:[log in to unmask]> not the list or the moderators, and all requests for technical help to [log in to unmask]<mailto:[log in to unmask]>, the general office helpline)
________________________________
[cid:~WRD000.jpg]Like Us<http://www.facebook.com/pages/Our-Buckinghamshire/118283=198190717> [cid:~WRD000.jpg] Follow Us<http://www.twitter.com/buckscc> [cid:~WRD000.jpg] Watch Us<http://www.youtube.com/buckinghamshirecc>
[cid:image001.jpg@01CDB827.A167EB70]
Make a difference… Adopt
Give a child a place to call HOME
www.buckscc.gov.uk/adoption<http://www.buckscc.gov.uk/adoption>
Buckinghamshire County Council
Visit our Web Site : http://www.buckscc.gov.uk<http://www.buckscc.gov.uk/>
Buckinghamshire County Council Email Disclaimer
This Email, and any attachments, may contain Protected or Restricted information and is intended solely for the individual to whom it is addressed. It may contain sensitive or protectively marked material and should be handled accordingly. If this Email has been misdirected, please notify the author or [log in to unmask]<mailto:[log in to unmask]> immediately. If you are not the intended recipient you must not disclose, distribute, copy, print or rely on any of the information contained in it or attached, and all copies must be deleted immediately. Whilst we take reasonable steps to try to identify any software viruses, any attachments to this Email may nevertheless contain viruses which our anti-virus software has failed to identify. You should therefore carry out your own anti-virus checks before opening any documents.
Buckinghamshire County Council will not accept any liability for damage caused by computer viruses emanating from any attachment or other document supplied with this email.
All GCSx traffic may be subject to recording and / or monitoring in accordance with relevant legislation.
The views expressed in this email are not necessarily those of Buckinghamshire County Council unless explicitly stated.
This footnote also confirms that this email has been swept for content and for the presence of computer viruses.
________________________________
Help protect our environment by only printing this email if absolutely necessary. The information it contains and any files transmitted with it are confidential and are only intended for the person or organisation to whom it is addressed. It may be unlawful for you to use, share or copy the information, if you are not authorised to do so. If you receive this email by mistake, please inform the person who sent it at the above address and then delete the email from your system. Durham County Council takes reasonable precautions to ensure that its emails are virus free. However, we do not accept responsibility for any losses incurred as a result of viruses we might transmit and recommend that you should use your own virus checking procedures.
________________________________
All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html
Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):
* Leaving this list: send leave data-protection to [log in to unmask]<mailto:[log in to unmask]&BODY=LEAVE%20data-protection>
* Suspending emails from all JISCMail lists: send SET * NOMAIL to [log in to unmask]<mailto:[log in to unmask]&BODY=SET%20*%20NOMAIL>
* To receive emails from this list in text format: send SET data-protection NOHTML to [log in to unmask]<mailto:[log in to unmask]&BODY=SET%20data-protection%20NOHTML>
* To receive emails from this list in HTML format: send SET data-protection HTML to [log in to unmask]<mailto:[log in to unmask]&BODY=SET%20data-protection%20HTML>
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]<mailto:[log in to unmask]>
Any queries about sending or receiving messages please send to the list owner [log in to unmask]<mailto:[log in to unmask]>
(Please send all commands to [log in to unmask]<mailto:[log in to unmask]> not the list or the moderators, and all requests for technical help to [log in to unmask]<mailto:[log in to unmask]>, the general office helpline)
________________________________
Buckinghamshire County Council
Visit our Web Site : http://www.buckscc.gov.uk Buckinghamshire County Council Email Disclaimer
This Email, and any attachments, may contain Protected or Restricted information and is intended solely for the individual to whom it is addressed. It may contain sensitive or protectively marked material and should be handled accordingly. If this Email has been misdirected, please notify the author or [log in to unmask] immediately. If you are not the intended recipient you must not disclose, distribute, copy, print or rely on any of the information contained in it or attached, and all copies must be deleted immediately. Whilst we take reasonable steps to try to identify any software viruses, any attachments to this Email may nevertheless contain viruses which our anti-virus software has failed to identify. You should therefore carry out your own anti-virus checks before opening any documents.
Buckinghamshire County Council will not accept any liability for damage caused by computer viruses emanating from any attachment or other document supplied with this email.
All GCSx traffic may be subject to recording and / or monitoring in accordance with relevant legislation.
The views expressed in this email are not necessarily those of Buckinghamshire County Council unless explicitly stated.
This footnote also confirms that this email has been swept for content and for the presence of computer viruses.
________________________________
Help protect our environment by only printing this email if absolutely necessary. The information it contains and any files transmitted with it are confidential and are only intended for the person or organisation to whom it is addressed. It may be unlawful for you to use, share or copy the information, if you are not authorised to do so. If you receive this email by mistake, please inform the person who sent it at the above address and then delete the email from your system. Durham County Council takes reasonable precautions to ensure that its emails are virus free. However, we do not accept responsibility for any losses incurred as a result of viruses we might transmit and recommend that you should use your own virus checking procedures.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|