Data in UK Law

Leading Cases
  • Various Claimants v WM Morrisons Supermarket Plc
    • Queen's Bench Division
    • 01 Dic 2017

    However, it is clear that the principle is a qualified one. The mere fact of disclosure or loss of data is not sufficient for there to be a breach. Rather, "appropriate" sets a minimum standard as to the security which is to be achieved. This is expressly subject to both the state of technological development and the cost of measures. This is itself intended to be a combination of the nature of the harm in itself and the importance of the data to be safeguarded from that harm.

    First, I reject Ms Proops' argument that the disclosure on the web of the payroll data was disconnected by time, place and nature from Skelton's employment. I find, rather, that as Mr Barnes submitted there was an unbroken thread that linked his work to the disclosure: what happened was a seamless and continuous sequence of events.

  • Football Dataco Ltd and Others v Sportradar GmbH and Others Same v Stan James Plc and Others
    • Chancery Division
    • 08 May 2012

    I think that the larger collection of data for non-televised matches was, on balance, likely to have used sufficient data derived from the PA database to amount to a qualitatively substantial part.

    The position is different, however, when one considers only the goals and timings. Mr Mellor submitted that the same set up would be necessary to collect even that amount of data, and that therefore the investment would be exactly the same. Accordingly, even if every goal included in the data extracted by a punter was derived from the claimants' database (which is not by any means established), I would hold that the data so extracted would not be sufficient to amount to a substantial part.

  • Alireza Ittihadieh v 511 Cheyne Gardens Rtm Company Ltd and Others
    • Court of Appeal (Civil Division)
    • 03 Mar 2017

    In some cases, it has been said that the supply of information does not tell the data subject anything he or she did not already know. To take a simple example: everyone knows their own name and date of birth. Moreover where the focus of a SAR is (as is often the case) a request for copies of documents rather than personal data, the fact that the data subject was either the author or recipient of the document in question would also be highly relevant to the exercise of discretion.

    Even so, it is not an obligation to supply documents: Dunn v Durham CC [2012] EWCA Civ 1654, [2013] 2 All ER 213 at [16]. It is of critical importance to distinguish between the two. Although it may be more convenient and cheaper in some cases for a data controller to supply copy documents, there is no legal obligation to do so. This is, I think, borne out by article 12 of the Directive which requires the data controller to inform the data subject of the " categories of data concerned".

  • R v Brown (Gregory)
    • Court of Appeal (Criminal Division)
    • 28 May 1993

    That would have arisen if the defendant, having accessed the information, then proceeded in the ordinary sense of the term, to make some use of it, so as for example in his own business affairs to deploy the information obtained against the interests of somebody else. Since, on the facts here, it is in effect accepted that Mr Brown did no such thing, it seems that the appeal must succeed on that short point alone, which has been argued before us.

See all results
Legislation
See all results
Books & Journal Articles
  • Data Validation
    • Núm. 90-4, Abril 1990
    • Industrial Management & Data Systems
    • 3-5
    Four stages of data validation are discussed by operators as they input data, validating them against their own experience; by an integrated database once the data are input; by systems auditors, c...
  • CHOOSING DATA COMMUNICATIONS
    • Núm. 81-1, Enero 1981
    • Industrial Management & Data Systems
    • 42-42
    TSB Computer Services Consultancy Division has released Communications Choice, the final part of its trilogy of working guides for the selection of computing equipment and facilities. The first two...
  • Using Data Intensively
    • Núm. 86-9/10, Septiembre 1986
    • Industrial Management & Data Systems
    • 14-17
    Most commercial organisations have the hardware and software to gather and process as much, if not more, information than they can use. If the amount of information is not controlled it can lead to...
  • New data strategies: nonprobability sampling, mobile, big data
    • Núm. 26-2, Abril 2018
    • Quality Assurance in Education
    • 303-314
    Purpose: Researchers now have more ways than ever before to capture information about groups of interest. In many areas, these are augmenting traditional survey approaches – in others, new methods ...
See all results
Law Firm Commentaries
  • Data Breaches
    • JD Supra United Kingdom
    Ready for the Inevitable? Barely a day goes by without a data breach hitting the headlines. It is becoming a fact of life for any firm holding data that, from time to time, some of that ...
  • Bigger, Better Data
    • Mondaq UK
  • BREXIT: Data Protection
    • JD Supra United Kingdom
    This Brexit Bite assesses the post-Brexit landscape with respect to the UK’s data protection laws. It is important to remember that the UK remains a member of the European Union until the terms of ...
  • UK data protection authority publishes data breach statistics
    • LexBlog United Kingdom
    The UK data protection authority, Information Commissioner’s Office (ICO), has published statistics regarding breach incidents in the first quarter of this year (1 April – 30 June 2013). In a relat...
See all results

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT