Rowling ruling bolsters privacy chief's view of data protection

Auto-breach

The Court of Appeal's ruling in JK Rowling's privacy case confirms that a breach of other laws can result in an automatic breach of the Data Protection Act, an expert has said.

That view has been held by the Information Commissioner but was previously untested in court.

In a case brought on behalf of their son, David Murray, JK Rowling and her husband argued that the taking and publication of photos of them on the street breached David's privacy. They have won the right to a full trial in the Court of Appeal after a High Court ruling that they did not have a strong enough case for a trial was overturned.

A claim had also been made under the Data Protection Act, though, which forbids the processing of someone's personal data where it would be unfair or unlawful. The judge in the Court of Appeal case said that if the actions of paparazzi agency Big Pictures Ltd (BPL) were found by a future trial judge to have breached David's legal right to privacy that could automatically lead to a breach of the Data Protection Act.

The case hinged on whether David was entitled to protection of his privacy under Article 8 of the European Convention on Human Rights (ECHR) and whether BPL was entitled to take the photographs and procure their publication under its rights to freedom of expression, which are guaranteed in Article 10 of the ECHR.

The Court of Appeal had earlier found that David was likely to have a case that his Article 8 privacy rights had been breached. Sir Anthony Clarke said in his ruling that this could have implications for the Data Protection Act (DPA) claim.

"If the trial judge were to hold that article 8 is engaged and that the article 8/10 balance should be struck in David's favour, it would follow that BPL's admitted processing of David's personal data was unlawful," he wrote. "It would also follow that the processing [of David's data] was unfair."

Rosemary Jay, head of the information law team at Pinsent Masons, the law firm behind OUT-LAW.COM, said that the ruling sends a clear message of support for the view of the UK's privacy chief.

"This apparently innocuous statement is a view from the Court of Appeal that confirms the view that a breach of other laws will render data processing unlawful," she said. "This is a view that has been taken by the Information Commissioner's Office (ICO) since the 1990s but never previously considered by a court of law."

Some data protection commentators had argued that the requirement in the DPA to process personal data lawfully means that only the provisions of the Data Protection Act itself have to be considered when deciding whether some processing is lawful or unlawful. This restrictive view of unlawful processing has not been upheld by the Court of Appeal.

Jay said that the ruling is important on this point, but that it otherwise did not touch on the DPA issues in depth, such as what the status was of letters from David's family to BPL before the publication of the images asking for them not to be published.

"The comments were thin. For example, there was no discussion about whether the letters to the company objecting to the use of the photographs amounted to objection to processing," she said.

Copyright © 2008, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Sponsored: Network DDoS protection