Data Protection – cearta.ie

In my previous post in this series, I argued (yet again) that Collins v FBD Insurance plc [2013] IEHC 137 (14 March 2013) was wrongly decided. It precludes a claim for damages for distress for breach of data protection rights, pursuant to section 7 of the Data Protection Act, 1988 (also here) [hereafter: section 7 DPA88]. Building on a case in which the Workplace Relations Commission ordered a company, whose CEO hacked into an employee’s phone and downloaded intimate photos of her from it, to pay her a total of €94,708 damages, I argued that, if the surreptitious download had occurred outside an employment relationship, the complainant should be able to recover damages for distress for breach of her data protection rights, pursuant to section 7 DPA88. However, when the Supreme Court was presented with an opportunity to depart from Collins, it did not take it. Instead, in Murphy v Callinan [2018] IESC 59 (30 November 2018) Baker J (Clarke CJ and Dunne J concurring) approved and applied Collins. In my previous post, I argued that Collins was wrong as a matter of domestic law, and of European law, and that Google Inc v Vidal-Hall [2016] QB 1003, [2015] EWCA Civ 311 (27 March 2015) and Case C–362/14 Schrems v Data Protection Commissioner (ECLI:EU:C:2015:650; CJEU, 6 October 2015) illustrated the EU law points and undercut the reasoning in Collins.…

Damages for Data Protection Breaches – I – Why Collins v FBD Insurance is wrong (again)

11 December, 201913 December, 2019

| 3 Comments

| Data Protection

A story in the newspapers this morning has made me think once again about some of the weaknesses in Irish law relating to damages for data protection infringements. The Workplace Relations Commission [WRC] has ordered a company, whose CEO hacked into an employee’s phone and downloaded intimate photos of her from it, to pay her a total of €94,708 damages (see, eg, Breaking News | Irish Independent | Irish Sun | Irish Times | TheJournal.ie). She had plugged her phone into his laptop to charge it, and he downloaded the images while she was in the bathroom. The award of €94,708 includes €65,000 for persistent sexual harassment, and €25,000 for unfair dismissal. The case is WRC Adjudication ADJ-00020222 An International Sales and Marketing Executive v A Fashion Company (25 November 2019); the report explains that the download occurred in October 2017, and that the complainant became aware of this in March 2018. She found herself in a terrible situation, but at least she was able to get some compensation for breaches of various pieces of workplace legislation. And the WRC Adjudication Officer ordered the respondent “to immediately destroy all photographs or images that depict the complainant or belong to her”.…

EU proposes online right ‘to be forgotten’ – Telegraph

12 January, 2011

| No Comments

| Data Protection, General, Privacy

The proposed EU rules are called “A comprehensive approach on personal
data protection in the European Union”, and suggest that an online “right
to be forgotten” and to privacy could be enshrined in criminal law.

The “right to be forgotten” would give users the power to tell websites to
permanently delete all personal data held about them.

via telegraph.co.uk

This isn’t the freshest of news. On 4 November 2010, as part of a review of the EU’s data protection legal framework, the EU Commission adopted a strategic Communication on a comprehensive strategy on data protection in the European Union (COM (2010) 609). The “right to be forgotten” is one of the Communication’s proposals. It has returned to public debate at this stage as the public consultation on the proposals included in the Communication will close on 15 January 2011.

…