Select an area of expertise to find out more about our experience.
Find out more about our barristers and business support teams here.
The judgment in Willis v (1) Chief Constable of South Wales Police, (2) Ministry of Justice (County Court at Cardiff, HHJ Porter-Bryant) is a recent example of claimant lawyers seeking to push the boundaries of claims under the Data Protection Act 2018. As a County Court judgment it is unreported, but worth sharing to show how claimants seek to use – and misuse – the Data Protection Act 2018.
Mr Willis was a prisoner released on home detention curfew (HDC), i.e. on early release prior to the end of the custodial part of his sentence. Officers of SWP Police arrested Mr Willis after the MoJ gave an arrest instruction to recall him to prison. The recall instruction arose as an MoJ employee recorded that Mr Willis had been arrested and convicted of a new offence, therefore breaching his HDC licence conditions. In fact, Mr Willis had not been arrested or convicted of a new offence.
Mr Willis claimed that the error amounted to a breach of the fourth data protection principle as his personal data was not accurate. He went a step further to claim that an ‘unlawful’ data breach rendered his arrest and detention a violation of Article 5 ECHR, which provides:
“No one shall be deprived of his liberty save in the following cases and in accordance with a procedure prescribed by law: (a) the lawful detention of a person after conviction by a competent court”.
He argued that the ‘prescribed by law’ condition at Article 5 was not met, as arrest and detention arose from an ‘unlawful’ data breach.
The Court rejected that argument. On a proper construction of Article 5, ‘procedure prescribed by law’ refers to the passing of the sentence by the criminal court. As Mr Willis’ sentence had not expired, his detention remained lawful pursuant to that sentence. A subsequent data breach was irrelevant to that analysis. The Supreme Court’s judgment in R (Whiston) v Secretary of State for Justice [2014] UKSC 39 was applied. The headline point is that claimant lawyers must be careful not to confuse different forms of ‘unlawfulness’ when formulating claims; a (data) wrong does not make a (human) right.
Peter Laverack acted for the MoJ.
A monthly data protection bulletin from the barristers at 5 Essex Chambers
The Data Brief is edited by Francesca Whitelaw KC, Aaron Moss and John Goss, barristers at 5 Essex Chambers, with contributions from the whole information law, data protection and AI Team.