Are ‘the times a-changin’’ for the future of English privacy claims?

UK privacy law is a slow-evolving story. Most of its principles have developed from case law since the Millennium, yet awards of damages by the courts in compensation for harm suffered as a consequence of privacy infringements (such as for distress and loss of dignity suffered by claimants) have typically been low.

However, there have been indications that award levels may not always remain that way. As Tugendhat J commented in 2012 (Spelman v Express Newspapers, para 114): “If a remedy in damages is to be an effective remedy, then the amount that the court may award must not be subject to too severe a limitation“.

In 2008, the highest compensatory damages awarded by an English court for infringement of a claimant’s right to privacy (at that time) was made against the publishers of the News of the World by the High Court. In that case, Max Mosley received £60,000. Recent awards in the much publicised decision in Gulati & Ors v MGN Limited [2015] EWHC 1482 (Ch), however, far exceed sums awarded to a claimant in any reported privacy case then and since. You might otherwise know of the case as the outcome of phone-hacking admissions by the Mirror newspaper group, whereby it illegally obtained private information relating to eight celebrities to publish stories about them. The High Court was tasked with considering the proper approach to the assessment of damages for infringement of these individuals’ privacy rights.

The judge – Mann, J – concluded that substantial awards were justified on the facts of each case because of the serious nature of the privacy invasions involved, bearing in mind the frequent and prolonged infringements that had occurred. For that same reason, the judge decided to award several awards per claimant to compensate them for the wrongs they suffered because of the defendant’s conduct. These reflected instances of different types of activities by the defendant: the hacking; the publication of articles; the collection and disclosure of private information by private investigators; and, the general level of distress caused to each claimant.

The judgement is of particular interest in relation to what Mann, J says about the heads of compensation that can be considered when assessing damages in invasion of privacy claims. In reaching his decision, he comments that a damages award should provide compensation for the act of misuse of private information ‘per se’ to reflect the infringement, and not just for distress caused therewith. This is despite the fact the former is not easily quantifiable in monetary terms.

The relevant passage from the case follows (para 132):

“What is still open is to allow for compensation to be given for the act of misuse itself, where appropriate. I do not see in principle why that should not be allowed, and good reasons why it should be. If one assumes for the moment that what each claimant alleges to have happened has happened, the defendant will have helped itself, over an extended period of time, to large amounts of personal and private information and treated it as its own to deal with as it thought fit. There is an infringment of a right which is sustained and serious. While it is not measurable in money terms, that is not necessarily a bar to compensation (distress is not measurable in that way either). Damages awarded to reflect the infringement are not vindicatory…They are truly compensatory.”

In other words, the judge was at pains to point out that he was not thereby seeking to vindicate the right to privacy to reflect e.g. a sense of public outrage over the phone-hacking controversy, but truly to compensate the claimants for loss suffered. He acknowledges a head of compensation, therefore, that recognises specifically the interests that the right to privacy was intended to protect (as reflected in Article 8 of the Human Rights Act 1998). Namely, to be an effective remedy, the right to have one’s privacy respected is ‘per se’ valuable in and of itself. Thus, if an infringement impacts on those interests, a proper assessment of damages should recognise this independently of other types of compensation that might be justified to be assessed on the facts. Furthermore, to do otherwise, says the judge, would render the right to privacy largely illusory.

This aspect of the decision could have far-reaching effects on compensation claims for privacy infringements in England and open the door to more English lawsuits regarding misuse of private information? Does this signify that ‘the times are a-changin’ for the future of English privacy claims? Or is this case an anomaly based on its peculiarly unique set of facts, that had resulted in a “sustained and serious” level of privacy intrusion of such a magnitude that it is unlikely ever again to be experienced, making this aspect of the judgement superfluous to future cases?

Certainly, Mann, J recognised that the level of damages was high in the case because the defendant had been helping itself, over an extended period of time, to large amounts of private information that it treated as if it was its own property to deal with as it saw fit. The average breach of privacy that finds its way to the courts (such as the photographing of a celebrity or their relatives) is non-recurrent and brief, thus far less impactful in terms of potential misuse. Yet, one cannot help but think that those spearheading collective damages actions for privacy infringements for UK claimants (mirroring US class actions) will no doubt be sitting up and taking notice.

(Analogies can be drawn here with the trend that might be forthcoming with data protection claims following the recent Vidal-Hall litigation – see my earlier post. While involving an entirely distinct area of statutory law, this judgement can also be read as opening a crack of light in a door to the award of damages as a result of breaches of data protection rules in England where no economic or physical harm is alleged. Unfortunately, on this point, the data protection claim brought by Max Mosely against Google for failing to block search engine results under section 13 of the Data Protection Act 1998 recently settled, precluding anticipated further judicial guidance on this issue by the High Court).

In spirit at least, therefore, English privacy (and data protection) law principles may be entering a new stage of evolution. In reality, however, it will take a long time for such impact to be felt in the lower courts to the benefit of the average man or woman. In the meantime, it is likely that the stage is set for an official review of damages for breach of privacy (and data protection) in the UK– with a view to ensuring proportionate compensation – that would undoubtedly result in future reform at some stage.

Separately, even if the Human Rights Act was withdrawn (a scenario guaranteed to give technology lawyers headaches thinking about the possible implications), the progress made so far by the courts in enunciating the principles of the UK law of privacy looks like it won’t be undone.

Alison Knight

Thank you to Neil Brown – author of www.neil.brown.co.uk and research colleague at the University of Southampton – for his valued comments in discussing this case.