Free tools and resources for Data Protection Officers!

Category Archives for "Court cases"

Vicarious liability in the data breach context – bad news for UK employers?

The Court of Appeal has upheld a decision of the High Court holding that an employer can be vicariously liable for data breaches caused by the actions of an employee, even where the employee’s actions were specifically intended to harm the employer.

Full article: Vicarious liability in the data breach context – bad news for UK employers?

Morrisons data leak ‘a wake-up call for business’

In 2014, bank, salary and National Insurance details of almost 100,000 members of staff were posted on the internet and sent to newspapers and data sharing websites by a disgruntled Morrisons employee, Andrew Skelton, in what is believed to be the biggest such leak in British corporate history. Court found that Morrisons was legally responsible for the data leak. Morrisons appealed against the decision which was upheld by the Court of Appeal stating that they agreed with the Judge that Morrisons was vicariously liable for the torts committed by Mr Skelton against the claimants.

Full article: Morrisons data leak ‘a wake-up call for business’

Walmart Sued for Alleged Sharing of Video Purchase Data With Facebook

Walmart Inc. allegedly shared information on customers’ DVD and video game purchases with a third party without their consent, in violation of a federal video privacy law, two customers alleged in a lawsuit against the retail giant.

The plaintiffs alleged that Walmart installed Facebook Pixel, an advertising analytics tool, on Walmart.com. The tool “systematically” disclosed customers’ Facebook identities and information about specific products customers purchased when they bought DVDs, Blu-Ray discs, video games, and other videos, the plaintiffs alleged.

Source: Walmart Sued; Allegedly Shared Video Purchase Data With Facebook | Bloomberg Law

Facebook Supreme Court appeal to be heard in December

Facebook has got a provisional date of December 19th for its unprecedented Supreme Court appeal aimed at halting a referral to the European Court of Justice (CJEU) concerning the validity of EU-US data transfer channels.

The issues to be decided by the Supreme Court include whether there is any entitlement in the first place to appeal such a reference to the CJEU.

The High Court’s Ms Justice Caroline Costello previously ruled there was no such entitlement and she had made the referral before the Supreme Court agreed in July last to hear Facebook’s appeal.

Source: Facebook Supreme Court appeal to be heard in December

UK high court blocks mass privacy action against Google

UK high court has blocked a mass lawsuit against Google that aimed to collect as much as £3bn in compensation for the company’s historical practice of collecting data on iPhone users whose privacy settings should have prevented surveillance.

The litigation was brought by the campaign group Google You Owe Us. The group sought permission to have the case heard as a “representative action”, a form of class-action lawsuit that would have allowed one legal team to represent the millions of affected users without needing to individually gain their support.

Source: UK high court blocks mass privacy action against Google | Technology | The Guardian

EU Court Endorses Minor Privacy Intrusion for Petty Crime

On Tuesday, the Grand Chamber of the European Court of Justice concluded that invasions of privacy are justified not just by the objective of fighting serious crime. “When the interference that such access entails is not serious, that access is capable of being justified by the objective of preventing, investigating, detecting and prosecuting ‘criminal offenses’ generally,” the ruling states.

As such, the ruling concludes, it would not unduly interfere with privacy rights to let police access “data for the purpose of identifying the owners of SIM cards activated with a stolen mobile telephone, such as the surnames, forenames and, if need be, addresses of the owners.” Such interference “is not sufficiently serious to entail that access being limited, in the area of prevention, investigation, detection and prosecution of criminal offenses, to the objective of fighting serious crime,” the ruling continues.

Source: EU Court Endorses Minor Privacy Intrusion for Petty Crime

Justice Department Sues to Stop California Net Neutrality Law

U.S. Justice Department on Sunday sued California to stop the state’s new law that would guarantee full and equal access to the internet, a principle known as net neutrality, in the latest legal fight between the state and the Trump administration. The law is one of the strongest efforts in the nation to restore internet access rules since they were rolled back by the Federal Communications Commission last year.

Source: Justice Department Sues to Stop California Net Neutrality Law – The New York Times

UK intelligence agencies illegally spied on Privacy International

UK intelligence agencies MI5, MI6 and GCHQ violated the law by collecting and examining data of human rights group Privacy International. The data was collected as part of two mass surveillance programmes called Bulk Communications Data and Bulk Personal Datasets.

Source: UK intelligence agencies illegally spied on privacy organisation | UK News | Al Jazeera

GCHQ data collection regime violated human rights, court rules

UK’s spy agency GCHQ’s methods for bulk interception of online communications violated privacy and failed to provide sufficient surveillance safeguards, the European court of human rights has ruled. However, court found that GCHQ’s regime for sharing sensitive digital intelligence with foreign governments was not illegal and explicitly confirmed that bulk interception with tighter safeguards was permissible.

The ruling, which follows Edward Snowden’s whistleblowing revelations, is a comprehensive assessment by the ECHR of interception operations carried out until recently by UK intelligence agencies.

Source: GCHQ data collection regime violated human rights, court rules | UK news | The Guardian

>