Posts Tagged browser-generated information
Lloyd v Google. Court of Appeal overturns High Court, establishes jurisdiction viz US defendant. Takes a wider approach to loss of control over personal (browser-generated information) data constituting ‘damage’.
I reported earlier on Lloyd v Google at the High Court. The case involves Google’s alleged unlawful and clandestine tracking of iPhone users in 2011 and 2012 without their consent through the use of third party cookies.
Warby J in  EWHC 2599 (QB) Lloyd v Google (a class action suit with third party financing) had rejected jurisdiction against Google Inc (domiciled in the US) following careful consideration (and distinction) of the Vidal Hall (‘Safari users) precedent. In essence, Warby J held that both EU law (reference is made to CJEU precedent under Directive 90/314) and national law tends to suggest that “damage” has been extended in various contexts to cover “non-material damage” but only on the proviso that “genuine quantifiable damage has occurred”. This did not mean that misuse of personal data could not be disciplined under data protection laws (typically: by the data protection authorities) or other relevant national courses of action. But where it entails a non-EU domiciled party, and the jurisdictional gateway of ‘tort’ is to be followed, ‘damage’ has to be shown.
The Court of Appeal has now overturned. A first question it considered was whether control over data is an asset that has value. Sir Geoffrey Vos C at 47 held ‘a person’s control over data or over their BGI (browser-generated information, GAVC) does have a value, so that the loss of that control must also have a value’. Sir Geoffrey did not even have to resort to metanalysis to support this: at 46: ‘The underlying reality of this case is that Google was able to sell BGI collected from numerous individuals to advertisers who wished to target them with their advertising. That confirms that such data, and consent to its use, has an economic value.’ And at 57: ‘the EU law principles of equivalence and effectiveness (‘effet utile’, GAVC) point to the same approach being adopted to the legal definition of damage in the two torts which both derive from a common European right to privacy.’
(The remainder of the judgment concerns issues of reflection of damage on the class).
Conclusion: permission granted to serve the proceedings on Google outside the jurisdiction of the court.
All in all an important few days for digital media corporations.
B2C, BGI, browser-generated information, Damage, Data protection, Data protection authorities, Data protection Directive, E-commerce, FNC, Forum non conveniens, GDPR, Google, harm, http://www.bailii.org/ew/cases/EWHC/QB/2014/13.html, http://www.bailii.org/uk/cases/UKHL/1986/10.html, https://www.bailii.org/ew/cases/EWCA/Civ/2019/1599.html, https://www.bailii.org/ew/cases/EWHC/QB/2018/2599.html, https://www.judiciary.gov.uk/wp-content/uploads/2015/03/google-v-vidal-hall-judgment.pdf, https://www.judiciary.uk/judgments/richard-llyod-v-google-llc/, Internet, Jurisdiction, Lloyd v Google, Misuse of private information, Privacy, Safari, Safari users, Spiliada, Spiliada Maritime Corp v Cansulex Ltd, third party cookies, Tort,  EWCA Civ 311,  EWHC 2599 (QB),  EWCA Civ 1599
- Wallis v Air Tanzania. A good reminder of the (soon to be resurrected) UK reservation viz the Rome Convention. 03/04/2020
- Aspen Underwriting: The Supreme Court overrules on the issue of economically weaker parties in the insurance section. 02/04/2020
- Lamesa Investments v Cynergy. Rome I-like ‘mandatory law’ provisions applied to US secondary sanctions. 31/03/2020
- CJEU confirms Saugmandsgaard ØE in Libuše Králová v Primera Air Scandinavia: ‘contractual relation’ broadly interpreted, restraint on the consumer section, even for package travel. 29/03/2020
- Brexit in transit. Bournemouth, Christchurch and Poole Council v KC et al. Exequatur insisted on. 26/03/2020
Also of noteMy Tweets