Information Technology Law Reports - Volume 17 - Issue 6

This issue of Information Technology Law Reports contains two High Court decisions and one from the Information Commissioner, all concerned with data protection. 
(1) Andrey Grigoryevich Guriev (2) Evgeniya Viktorovna Gurieva v Community Safety Development (UK) Ltd  highlights the growing importance of data protection law across a range of different contexts including any individual or company that gathers personal information. This is underlined by the recent adoption of the General Data Protection Regulation (‘GDPR’), which featured in TalkTalk Telecom Group Plc v Information Commissioner, in which the Information Commissioner’s Office took a strict approach with regard to compliance with the duty to notify personal data breaches ‘without undue delay’. TLT and Others v (1) Secretary of State for the Home Department (2) The Home Office provides helpful guidance on the approach the court will take in assessing the quantum of damages for distress in claims under the Data Protection Act 1998. 

Richard Budworth
Editor, Information Technology Law Reports

(1) Andrey Grigoryevich Guriev (2) Evgeniya Viktorovna Gurieva Community Safety Development (UK) Limited
High Court of Justice
Queen’s Bench Division
Warby J
6 April 2016
[2016] EWHC 643 (QB)

Data Protection – declaration – validity of subject access request – criminal proceedings in Cyprus – section 7 Data Protection Act 1998 – whether proportionate – crime or privilege exemption – application granted.

TLT and Others (1) Secretary of State for the Home Department (2) The Home Office
High Court of Justice
Queen’s Bench Division
Mitting J
24 June 2016
[2016] EWHC 2217 (QB)

Confidential information – asylum applicants – spreadsheets – misuse of private and confidential information – assessment of damages – Data Protection Act 1998 – damages assessed.

TalkTalk Telecom Group PLC Information Commissioner
First Tier Tribunal (GRC)
Judges Hamilton, Shaw and Stephenson 
30 August 2016
[2016] UKFTT 110 (GRC)

Telecommunications – data breach – data breach notifications – knowledge – delay – penalties – service providers – notification regulations – Public Electronic Communications Services – Service Providers – Electronic Communications (EC Directive) Regulations 2003, regulations 2, 5A and 5C – appeal dismissed.