Google wins appeal, 5-0, Lord Leggatt (Lord Reed, Lady Arden, Lord Sales, and Lord Burrows, concurring)
https://twitter.com/UKSupremeCourt/status/1456195501313953792
Damages for "loss of control" rejected; damage in section 13 of the Data Protection Act 1998 refers to material (eg financial) and non-material (eg distress) damage, and not merely to breach of the Act.
The UKSC judgment in Lloyd v Google LLC [2021] UKSC 50 (10 November 2021) is available in pdf here supremecourt.uk/cases/uksc-201… and html will soon be here bailii.org/uk/cases/UKSC/…
Assessment here
https://twitter.com/Inforrm/status/1458376378391449601?s=20
The wording of s13 DPA 1998, which provides a right to compensation “for ... damage” only if the “damage” occurs “by reason of” the "contravention", is inconsistent with an entitlement to compensation based solely on proof of the contravention of the Act ([115] Lord Leggatt)
If the term “damage” in s13 encompasses simply an infringement of a data subject’s rights under the Act, that could only be because this result is required by EU law. On a purely domestic interpretation of the DPA 1998, such a reading is untenable. ([118)]
There is no reason to interpret the term “damage” in article 23 of the Data Protection Directive as extending beyond material damage and distress. ([121]).
The CJEU is likely to consider that exact point in the first question in Case C-300/21 Österreichische Post curia.europa.eu/juris/liste.js… (and perhaps the fifth question in C-340/21 - Natsionalna agentsia za prihodite curia.europa.eu/juris/liste.js…)
There is no reason why the loss-of-control basis on which damages are awarded for an English domestic tort [MoPI] in Gulati v MGN should be regarded as relevant to the proper interpretation of the term “damage” in a statutory provision implementing a European Directive ([124]).
Finally, although a claim in tort [MoPI], based on the factual allegations made in this case, would naturally lend itself to an award of "user damages" ([141]), those principles do not apply to a claim for compensation under the DPA 1998 ([143]).
Here are two very helpful interlocking threads on the decision
https://twitter.com/Tech_Litig8or/status/1458372221802528769
Also: Representation of the people: Lloyd v Google in the Supreme Court - on the Panopticon Blog, by @RPaines panopticonblog.com/2021/11/10/rep…
Another excellent take, by David Barker on @outlawnews pinsentmasons.com/out-law/analys…
Good news for data controllers: Lloyd v Google Supreme Court decision; blogpost on the @NLawGlobal Data Protection Report by @DominicHennessy and Harriet Jones-Fenleigh dataprotectionreport.com/2021/11/good-n…
Excellent analysis from the class perspective- #mustread thread
https://twitter.com/thebrieftweet/status/1458427867902226436
• • •
Missing some Tweet in this thread? You can try to
force a refresh
