The Data Brief

A monthly data protection bulletin from the barristers at 5 Essex Chambers

Every day’s a school day

18 November 2021

Rolfe v Veale Wasbrough Vizards [2021] EWHC 2809 (QB)

The Claimants sought damages for misuse of confidential information, breach of confidence, negligence and damages under s169 of the Data Protection Act 2018 after the Defendant law firm sent a letter meant for them to a wrong email address. The letter concerned a demand for payment for outstanding school fees, the Defendant being instructed by the school. The Claimants were two parents and their child.

The letter, sent by email, contained the Claimants’ names, their home address, the amount of school fees owed, the name of the Educational Trust to which it was owed, and a list of payments which had been made in the previous five years.

The recipient of the email promptly alerted the Defendant that they had received the letter in error. The Defendant asked the recipient to delete the email. There was no evidence that they had done anything but follow this instruction.

The Defendant said that any damage and/or distress caused was so los as not to satisfy the de minimis threshold. Master McCloud agreed and gave summary judgment. Moreover, the Court ordered that the Defendant’s costs be paid on the indemnity basis.

The Master held that there was no credible case that distress or damage over the de minimis threshold would be proved, so as to resist the summary judgment application, saying “in the modern world it is not appropriate for a party to claim, (especially in the High Court) for breaches of this sort which are, frankly, trivial.” Importantly, this judgment provides a clear authority for the principle that non-material damage such as distress includes an objective element: it is not only the distress caused that should be considered, but the distress a person of reasonable fortitude would have experienced. There is no room for eggshell skulls in data protection, it seems.

Claimants and defendants alike should read this judgment with July’s decision of Saini J in Warren v DSG Retail Limited. In that case, the Court transferred a low value claim from the High Court to the County Court, having struck out and/or dismissed the majority of the claims, there being no positive act on the part of the defendant and no duty of care. It has been a good few months for data controllers.

Further reading

Rolfe v Veale Wasbrough Vizards 

Warren v DSG Retail Ltd 

The Data Brief

A monthly data protection bulletin from the barristers at 5 Essex Chambers

The Data Brief is edited by Francesca Whitelaw KC, Aaron Moss and John Goss, barristers at 5 Essex Chambers, with contributions from the whole information law, data protection and AI Team.

Visit the Information Law, Data Protection and AI area

Search The Data Brief

Portfolio Builder

Select the practice areas that you would like to download or add to the portfolio

Download    Add to portfolio   
Title Type CV Email

Remove All


Click here to share this shortlist.
(It will expire after 30 days.)