Tag: Spiliada Maritime Corp v Cansulex Ltd

Posted on

Lloyd v Google. Court of Appeal overturns High Court, establishes jurisdiction viz US defendant. Takes a wider approach to loss of control over personal (browser-generated information) data constituting ‘damage’.

Update 4 June 2021 see a reference by the Austrian Supreme Court here, on the issue of whether loss of date control constitutes damage.

Update 16 July 2020 the Supreme Court has granted leave to appeal.

I reported earlier on Lloyd v Google at the High Court. The case involves Google’s alleged unlawful and clandestine tracking of iPhone users in 2011 and 2012 without their consent through the use of third party cookies.

The Court of Appeal in [2019] EWCA Civ 1599 has now overturned the High Court’s approach, nota bene just a day before the CJEU’s Eva Glawischnig-Piesczek v Facebook judgment.

Warby J in  [2018] EWHC 2599 (QB) Lloyd v Google (a class action suit with third party financing) had rejected jurisdiction against Google Inc (domiciled in the US) following careful consideration (and distinction) of the Vidal Hall (‘Safari users) precedent. In essence, Warby J held that both EU law (reference is made to CJEU precedent under Directive 90/314) and national law tends to suggest that “damage” has been extended in various contexts to cover “non-material damage” but only on the proviso that “genuine quantifiable damage has occurred”. This did not mean that misuse of personal data could not be disciplined under data protection laws (typically: by the data protection authorities) or other relevant national courses of action. But where it entails a non-EU domiciled party, and the jurisdictional gateway of ‘tort’ is to be followed, ‘damage’ has to be shown.

The Court of Appeal has now overturned. A first question it considered was whether control over data is an asset that has value. Sir Geoffrey Vos C at 47 held ‘a person’s control over data or over their BGI (browser-generated information, GAVC) does have a value, so that the loss of that control must also have a value’. Sir Geoffrey did not even have to resort to metanalysis to support this:  at 46: ‘The underlying reality of this case is that Google was able to sell BGI collected from numerous individuals to advertisers who wished to target them with their advertising. That confirms that such data, and consent to its use, has an economic value.’ And at 57: ‘the EU law principles of equivalence and effectiveness (‘effet utile’, GAVC) point to the same approach being adopted to the legal definition of damage in the two torts which both derive from a common European right to privacy.’

(The remainder of the judgment concerns issues of reflection of damage on the class).

Conclusion: permission granted to serve the proceedings on Google outside the jurisdiction of the court.

All in all an important few days for digital media corporations.

Geert.

Posted on

Lloyd v Google. High Court rejects jurisdiction viz US defendant, interprets ‘damage’ in the context of data protection narrowly.

Update 11 December 2018 leave to appeal applied for.

Warby J in  [2018] EWHC 2599 (QB) Lloyd v Google (a class action suit with third party financing) considers, and rejects, jurisdiction against Google Inc (domiciled in the US) following careful consideration (and distinction) of the Vidal Hall (‘Safari users) precedent.

Of note is that the jurisdictional gateway used is the one in tort, which requires among others an indication of damage. In Vidal Hall, Warby J emphasises, that damage consisted of specific material loss or emotional harm which claimants had detailed in confidential court findings (all related to Google’s former Safari turnaround, which enabled Google to set the DoubleClick Ad cookie on a device, without the user’s knowledge or consent, immediately, whenever the user visited a website that contained DoubleClick Ad content.

In essence, Warby J suggests that both EU law (reference is made to CJEU precedent under Directive 90/314) and national law tends to suggest that “damage” has been extended in various contexts to cover “non-material damage” but only on the proviso that “genuine quantifiable damage has occurred”.

Wrapping up, at 74: “Not everything that happens to a person without their prior consent causes significant or any distress. Not all such events are even objectionable, or unwelcome. Some people enjoy a surprise party. Not everybody objects to every non-consensual disclosure or use of private information about them. Lasting relationships can be formed on the basis of contact first made via a phone number disclosed by a mutual friend, without asking first. Some are quite happy to have their personal information collected online, and to receive advertising or marketing or other information as a result. Others are indifferent. Neither category suffers from “loss of control” in the same way as someone who objects to such use of their information, and neither in my judgment suffers any, or any material, diminution in the value of their right to control the use of their information. Both classes would have consented if asked. In short, the question of whether or not damage has been sustained by an individual as a result of the non-consensual use of personal data about them must depend on the facts of the case. The bare facts pleaded in this case, which are in no way individualised, do not in my judgment assert any case of harm to the value of any claimant’s right of autonomy that amounts to “damage”…”

The judgment does not mean that misuse of personal data cannot be disciplined under data protection laws (typically: by the data protection authorities) or other relevant national courses of action. But where it entails a non-EU domiciled party, and the jurisdictional gateway of ‘tort’ is to be followed, ‘damage’ has to be shown.

Geert.

 

Posted on

KMG International v Chipper: Textbook forum non conveniens.

A flag simply to lead readers to a recent textbook application of Spiliada forum non conveniens authority: Moulder J in [2018] EWHC 1078 (Comm) KMG v Chipper. held: it was not established that in the circumstances of this case, England is not an appropriate forum for the trial and further that the Dutch courts are clearly or distinctly more appropriate than the English courts.

Geert.

(Handbook of) EU private international law, 2nd ed. 2016, Chapter 2, Heading 2.2.14.5

Posted on

Chinachem: Forum non conveniens, non-exclusive choice of court and concurrent proceedings in Hong Kong and Mainland China.

I reported earlier on the waiver of privilege issues in Chinachem. The Hong Kong High Court has now also ruled on the issue of application of forum non conveniens in the event of concurrent proceedings in Hong Kong and mainland China. In a lengthy judgment (particularly resulting from extensive summary of counsel arguments but also of relevant precedent), Ng J recalls English precedent on forum non conveniens (Spiliada evidently being featured) and the way in which said precedent has been applied in Hong Kong. (Carrie Tai has excellent overview here).

Contract between the parties included choice of court and choice of law as follows: ‘This Agreement shall be governed by the laws of Hong Kong and it shall be construed by the laws of Hong Kong. Both parties agree to submit to the non-exclusive jurisdiction of the courts of Hong Kong.’

Ng J in the end rejects all arguments suggesting a stay in favour of the mainland proceedings. In doing so, she confirmed the tendency of Hong Kong courts (like indeed their English common law counterparts) to only brush aside choice of court in exceptional circumstance. Even if that choice of court is, such as here, non-exclusive. The concurrent proceedings stand.

Geert.

 

Posted on

The High Court accepts jurisdiction in ‘Safari users’ [Vidal-Hall et al v Google] case. European privacy rules bolstered?

Update October 2018 upon revisting the issues I can now add that the claim was settled before the Supreme Court heard the case.

[Postscript 26 august 2015: the UKSC granted Google leave to appeal on 28 July 2015]

[Postscript 27 March 2015: today the Court of Appeal confirmed the High Court ruling. Emma Cross has immediate analysis here.]

In Vidal-Hall et al v Google Inc, the High Court assessed its jurisdiction against Google Inc and found no reason to apply forum non conveniens. Google UK was not involved, the Jurisdiction Regulation (44/2001) does not apply.

Claimants allege that Google misused their private information, and acted in breach of confidence, and/or in breach of the statutory duties under the Data Protection Act 1998 s.4(4) (“the DPA”), by tracking and collating, without the claimants’ consent or knowledge, information relating to the claimants’ internet usage on the Apple Safari internet browser. Applying the Spiliada criteria, Tugendhat J first of all dismissed the relevance of the location of documents, serving Google a dose of its own medicine: ‘In any event, in the world in which Google Inc operates, the location of documents is likely to be insignificant, since they are likely to be in electronic form, accessible from anywhere in the world. ‘ ‘By contrast, the focus of attention is likely to be on the damage that each Claimant claims to have suffered. They are individuals resident here, for whom bringing proceedings in the USA would be likely to be very burdensome (Google Inc has not suggested which state would be the appropriate one). The issues of English law raised by Google Inc are complicated ones, and in a developing area. If an American court had to resolve these issues no doubt it could do so, aided by expert evidence on English law. But that would be costly for all parties, and it would be better for all parties that the issues of English law be resolved by an English court, with the usual right of appeal, which would not be available if the issues were resolved by an American court deciding English law as a question of fact.’ (at 132-233)

Forum non conveniens dismissed – the case can go ahead.

The judgment, in reviewing the prima facie case on the merits, also bolsters the existence of a tort of ‘misuse of private information’ and surely adds to the growing authority of European-based data protection rules.

(On an aside, note the rather delightful observation by Tugendhat J (at 56) that ‘civil law jurisdictions have managed to develop civil liability for breaches of an obligation of confidence in relation to personal information without the benefit of a historical equivalent of the law of equity.’).

Geert.