Data protection breaches – warning for solicitors bringing low-value claims

Words By: iLaw

A High Court judge has cautioned solicitors to avoid over-pleading and subsequently incurring unnecessarily large costs for uncomplicated data protection litigation in the High Court.

In Cleary v Marston (Holdings) Ltd , a claimant brought proceedings for (1) breach of data protection legislation; (2) misuse of private information; and (3) breach of confidence, after his colleague was wrongly emailed by a debt recovery company. The claimant was looking to obtain £3,000 in damages for the breaches.

Remarkably, the solicitors acting for the claimant took the decision to bring proceedings in the High Court. They reasoned that a low-value claim, such as this one, could be brought in the High Court (rather than in the County Court) as their estimated costs in bringing the claim were £46,908.

At the initial case management hearing, the judge re-allocated the case back down to the County Court, stating that an attempted threat from the claimant’s solicitors to dissuade the defendant from seeking to have the case allocated to the County Court was “inappropriate and without foundation”.

The judge maintained that solicitors advising claimants on low-value data protection claims need to think carefully about which causes of action they decide to bring in their cases. He stated that there can often be “several overlapping claims” in this area; for instance, the three separate causes of action Mr Cleary pursued. He continued that bringing multiple causes of action in this manner was simply characterising what is essentially the same complaint in different ways. Mr Justice Nicklin acknowledged that it will often be “in the best interests of the client and simplicity of the litigation” to bring one claim in straightforward cases. Applying this to the case at hand, he proclaimed that there would be no real value for Mr Cleary to unnecessarily complicate his case by bringing additional claims for misuse of private information and breach of confidence.

Additionally, the judge also made clear that where there is little or no dispute between the parties as to the data breach event occurring, this is further evidence to support a single and straightforward claim being brought in the County Court. In Cleary’s case, the data breach itself was not in dispute and could easily have been dealt with by a County Court judge.

Therefore, the case was transferred down to Mr Cleary’s home County Court. It made “no sense for My Cleary” either financially or in the interests of time for his case to remain in the High Court.

Conclusions

Cleary v Marston (Holdings) Ltd has outlined that:

• straightforward data protection breach claims should not be unnecessarily complicated with additional causes of action where simple breaches of applicable legislation have occurred;
• where basic facts are not in dispute, small claims data protection breach cases should be brought in the County Court; and
• consequently, lawyers should not needlessly be over-complicating simple claims to intimidate opposing parties and/or incurring large costs for their clients.

------------------------------------------------------

[1] Cleary v Marston (Holdings) Ltd [2021] EWHC 3809 (QB)