Identity, Privacy and the Law

September 29, 2009

Legally, the concept of a right to privacy under English law derives from Article 12 of the UN Universal Declaration on Human Rights 1948. It is enshrined in Article 8 of the European Convention on Human Rights.  What these treaties in fact mandate is a right to respect for private and family life – which does not mean absolute inviolability of a private space, merely that respect should be accorded to such a concept. The implication is that the private space should not be invaded unless a greater or higher value so requires.  A balancing of objectives is thus of the essence in any discussion of privacy.  But in order to carry out that balancing, it is necessary to formulate the object these rights are established to protect.  What is private life and why does it matter?  Does identity figure in it at all?

Privacy matters because it is a precondition for autonomy, which is a fundamental requirement for the development of an authentic individual identity.[1]  Only to the extent to which I can be said to have free choices as to what I think or believe, and how I act, can those thoughts and actions fairly be attributed to me. In reality, no one ever has complete autonomy of thought: the ideas and beliefs to which one is exposed from infancy condition what is accepted as normal or, alternatively, vehemently rejected in favour of something radically opposed.  But the ideas and beliefs of a given society have in the past irradiated all members of the group more or less indiscriminately and so their influence on individuals has been tempered, and their submission to the social conditioning resulting from participation in the public sphere could be voluntary to the extent to which the individual was capable of recognising its influence. 

 

In the information society, however, the potential for amassing vast databases of information about small groups and individuals, their beliefs and behaviours, and using the data overtly or covertly to influence both thought and behaviour, is radically different from the kinds of influence which it has been possible to exercise in previous eras.  The all-pervasiveness of commercial and political communication is also new and the potential for the sapping the freedom to decide for oneself what to think and how to act is magnified.  The consequent erosion of individuality[2] presages a Brave New World society in which, provided they remain within their allotted sphere, everyone may be fed, clothed and entertained – but innovation and liberty of ideas are wholly absent.   

The right to privacy is therefore critical to set a boundary line between the individual’s submission to the social conditioning that results from participation in the public space, and the reservation of a space in which to reflect upon the influences being brought to bear upon him or her, in order to form a personal decision as to what to accept. 

What is identity?

An identity is different from an identifier, such as a name.  A name, like any other label, gives no information about the person identified – and is in fact not very much use as an identifier given the level of redundancy that common names tend to have in a given population.  Few people have names which also communicate information about them beyond a possible ethnicity – the individuals entitled to append ‘of that Ilk’ to a surname are few in number, for instance.

There was no definition of a legal identity in English law before the Identity Cards Act 2006.  Its definitions encompass both the physical and biographical realms, including set series of recordable, communicable pieces of information.  So, one’s identity includes one’s name, one’s alias (if any), one’s former name if one has changed one’s name, one’s gender, date and place of birth, date of death, and also external identifying characteristics – which could be absolutely anything about the body which is observable externally.[3] 

The definition has been introduced only so recently, compared to identity legislation in many other countries, because those pieces of information have not historically been important in English law.  Under English law one very rarely needs to prove anything about one’s identity.  In commerce, a long string of English case law confirms that the identity of a counterparty to a transaction is important only if the person in question is not present, and it is taken as an indicator of creditworthiness – going all the way back to fraudsters buying jewellery by impersonating the local baronet[4] through to modern identity fraud cases such as a fraudster buying a Mitsubishi Shogun by giving an address of a Mr Patel who (unlike the fraudster) would have been able to pay for it.[5]  The identity itself is unimportant, only figuring when used as a substitute marker for other facts.  For the purpose of travel, all that actually it is necessary to know to ascertain whether an individual is permitted to pass over national boundaries is that the person has a citizenship of a recognised country.  All other attributes making up their identity are irrelevant.

The new definition is not aimed at these issues but at the singularly modern problems of managing residents’ multiple interactions with government, both national and local, and the prevention of crime and terrorism.  Hence the legislature’s interest in linking identities to a centralised database through which an extensive history of individuals’ movements and interactions can be compiled.  Nevertheless, instinctively, this list-based approach to a definition of identity feels artificial.  Knowing a person’s name, date of birth and external physical characteristics is not the same as knowing the person.  Psychoanalysts, in contrast, view identity as a narrative, a changing but selected compilation of attributes under the direction of the ego – since necessarily an autonomous individual must have some capacity to define his or her own identity.  One’s identity is the selection one puts forward at any one time – the things one considers characteristic: student/worker, artist/sportsman, believer/consumer, parent/child.  The identity a self-aware individual relates will include their perception of how others see them.  ‘Authenticity and authority depend on a smooth continuity and a firm narrative of the self.  Most psychoanalysis is directed towards bolstering this sense of identity.’[6]  The pressure of both overt and covert influences from others simultaneously affirm and challenge the selected identity, whether as to one’s desserts as an employee or friend or the true worth of one’s attempts as a bridge player or gardener.

A related view is that an identity is a series of performances where individuals attempt to portray themselves appropriately in different environments:[7] for instance, presenting a relaxed and sociable front when in fact feeling deeply anxious about some upcoming event, in order to sustain an identity as a laid-back and gregarious person. The credibility of these portrayals depends upon a degree of coherence between them, the presence of common elements which enable the individual to remain recognisable as he or she moves between circumstances.  But in each context the identity is more than merely those common elements; rather it is a more subtle and complex persona built around them.[8] 

This analysis leads directly to the notion of partial identities –selected subsets of the individual’s attributes, either biographical or biological, which may be presented in relation to a variety of counterparties.

How is identity dependent upon privacy?

The freedom to have different partial identities is an important component of individual autonomy.  One function of the private space – the ability to keep a proportion of biographical or biological information away from the audience at any given interaction – is to make it possible to maintain inconsistent identities, since this works only if and to the extent that the apparently inconsistent sides of a life can be kept private from each other.  It would be altogether more difficult to maintain two performances if the entire audience were aware of both sets of behaviours.  It would require complicity by the audience – to know that they recognised and understood the justification for the incompatible behaviours – in order to be able to continue with both kinds of presentation without losing face.  Such complicity can only realistically be expected amongst a relatively small group with similar backgrounds and experiences.  Outside such a group of intimates, freedom to maintain different identities depends upon keeping some aspects of one’s life private from the audience at any given time.

            Forms of privacy

The individual’s privacy can be broken down into four different components: territorial, bodily, media and information privacy. 

The everyday sense of a private life is psychologically very closely derived from the idea of retreating into a private space – you go home, you close the door, no-one else can see what you do to unwind from the stresses of the public day.  The fact of that private space confers the ability to act independently of social pressures. 

Bodily privacy, the right to maintain one’s body as an integral private space which cannot be interfered with without consent, is an essential component of one’s sense of physical autonomy, the self as independent from the other individuals amongst whom one lives. 

Privacy away from the prying eye of the media is not a problem for most people: the media very rarely take any interest in individuals outside the entertainment or political spheres unless they become caught up in some newsworthy event. 

Information privacy, on the other hand, has the broader sense of not just those things which might be of interest to the gossip columns but everything which is recorded about an individual – from school exam results to tax status – and which may be mined once a third party – media, commerce or government – has some reason to take an interest in that individual.  It therefore has, in principle, the greatest potential for enabling targeted influence to be deployed.

How does the law maintain the right to privacy?    

These four areas of privacy map onto four completely different and unrelated areas of legal regulation. 

In land law, the right to shut your door to all-comers is a right sufficiently acknowledged that the exceptions generally require a judicial warrant.[9]  Nobody (apart from the TV Licensing Agency) can enter a private house without an order of the court or the owner’s consent.  It is this ability to retire within four walls and do whatever one wishes without outside observation which is the kernel of the meaning of privacy: not the right to prevent images or information being published, but simply the right not to be observed in the first place. 

Information privacy on the other hand is governed by two rather ill-fitting areas of law. 

Law of confidence

The first, the law of confidence, is an ancient area of law entitling a person who is in possession of information which is not public knowledge to restrict disclosure of it if that disclosure would be in breach of confidence.[10] That sets up a whole question as to whether that information is confidential and when disclosure would be in breach of that confidence,[11] which are complex and fact-specific issues. 

The problem is that all personal information is on a spectrum within which it may be confidential depending upon the time and circumstances.  Similarly, the circumstances in which confidentiality may arise are also variable.  Traditionally the law had recognised certain limited relationships – doctor/patient, priest/congregant, husband/wife – as importing an obligation of confidence in respect of information communicated between the parties, but the list is elastic.  One of the major cases of recent years, McKennitt v Ash,[12] concerned long-standing friends who also had something of a business relationship. The court had no hesitation in finding the relationship imported obligations of confidence such that Ms Ash was injuncted from publishing an autobiography including details of Ms McKennitt’s private life.   Friendship being a broad category, future disputes will be decided on a case-by-case basis with the court having to consider the specific relationship and context before ruling as to whether confidentiality was imposed. 

Relationships conducted over social networking sites between friends-of-friends, for instance, or in virtual worlds, may well not be considered to give rise to an expectation of confidentiality.  The mere fact that parties imagine their communication to be private is unlikely to be sufficient.  The principle that anyone using a public telephone system has to accept the risk of being overheard was laid down in Malone v DPP[13] even at a time when setting up a wire tap was a big technological issue: somebody had to go along to the exchange and clip something on to the appropriate wire.  Traffic data could not conceivably have been captured for a whole street of houses, let alone a whole population of a country.  Today, it is not only conceivable, it is routine, and thus privacy as to with whom one communicates, when and for how long is no longer attainable.  Legislation such as the Regulation of Investigatory Powers Act 2000 may be introduced for the most unimpeachable of purposes, as the experience of RIPA in practice after in its early years shows, but where such powers are useful to the holders they will rapidly be invoked simply for convenience.  Consequently, it is rarely going to be correct to assume that information transmitted by remote communications will be treated as confidential by the courts.

In these circumstances, the ordinary citizen has no real way of knowing whether anything about them is going to be protected by equity as confidential.  With the amount of information that washes around the world about each person, and the ambiguities in the legal status of the information at any given time and place, it is never going to be possible for individuals to maintain a clear boundary as to what information is or is not in the public domain.  Information privacy is no longer able to be maintained. 

But it’s my property!

The fact that information privacy cannot be effectively maintained is likely to come as a surprise to the ordinary citizen.  Many people instinctively feel that information about them is somehow their property which they should be able to give or demand back as they choose.  Unfortunately, the law is far from recognising such a right.

The legal rights pertaining to property are the fullest which may exist in and over any subject.  As Lord Walker observed in Brooker v Fisher:[14]  

‘The law of property is concerned with rights in things.  There is no concept in our law that is more absolute than a right of property. Where it exists, it is for the owner to exercise it as he pleases. He does not need the permission of the court, nor is it subject to the exercise of the court’s discretion. The benefits that flow from intellectual property are the product of this concept.’ 

Unfortunately, however, the traditional forms of intellectual property such as copyright owe their legal status as property rights to specific statutes,[15] whereas under English law the only rights acknowledged in information arise in equity.

This has not prevented some authorities from surmising that confidential information is or could be treated as a property right.  For instance, the editors of Halsbury’s Laws of England offer some interesting reflections about the legal qualification of confidential information:

‘An entrustment of confidential and intangible material may, however, be treated as a bailment of information, creating rights and duties akin to those which arise under a true bailment; this is on the basis that confidential information can be property. There is no direct authority that information may be the subject of a bailment, but there are decisions which appear to favour an analogy between bailment and the entrustment of information, or which use the language of bailment in describing such entrustment. If the analogy is accepted, a person to whom confidential information is entrusted can be restrained, by means of remedies akin to those arising on a bailment, from dealing with the information contrary to the terms of the entrustment, and monetary remedies can be awarded in similar fashion to those which issue in respect of interference with chattels.’[16]

The fundamental issue underlying the debate over information as a property right, properly so called or not, is whether the holding of information gives rise to an enforceable right in that information against third parties irrespective of whether or not the third party had any inkling that the information was in fact being kept secret.   This would align with the legal treatment of property in real or movable things, or in choses in action such as patents or copyright.  If information were to be granted the legal status of property, it would obviate the need for proof that the information had been appropriated by someone to whom it had been aware disclosed in confidence, and therefore aware that it was subject to confidentiality.  From the perspective of holders of large collections of information the removal of these complex and costly evidential requirements would add very significantly to the value of the information – not to mention making it possible to obtain remedies against those who, having untainted consciences, are not currently susceptible to any claim with regard to information, formerly confidential, which they have obtained in innocence as to its confidentiality. 

The analysis in case law of the status of information has been inconsistent, most notably in the approach taken by the courts in Douglas v Hello!.  The Court of Appeal in Douglas v Hello![17] had concluded firmly that information cannot be treated as a property right – the issue being whether the Douglases’ contract with OK! Magazine had been effective to transfer to OK! any rights in the information concerning the wedding as such rather than merely a licence under the copyright in a limited group of photographs of the event.  However, Lord Hoffmann’s opinion in the House of Lords[18] appeared to accept market value in itself as a sufficient basis for confirming the protection of information (in the form of all and any photographs of the event) without requiring a unique definition of what information was being protected.  This has attracted forthright criticism:  

‘Celebrity persona undoubtedly has market value but to conclude therefrom that it is deserving of protection is just that – a conclusion, not a reason.  It is “a massive exercise in question-begging”.  Market values arise only after certain exclusive rights are established and enforced; the decision to allocate particular rights is a prior question of social policy that requires philosophical and moral deliberations and a consideration of social costs and benefits’.[19]  

Nor did Lords Walker and Nichols agree with Lord Hoffmann’s approach, although the majority fell in with him. 

The older authorities, and even recent decisions,[20] do include various references to information being property but only in one case is there a decision expressly invoking a property right in the classical sense.  In the remainder, relationships between partners, trustees and others under fiduciary duties of various kinds were engaged which could in themselves have led to the respective outcomes.[21]  

The divergent case is Seager v Copydex,[22] which, in the liability phase, was one of the classic cases on confidential technical information.  There was therefore no need to invoke a new right in order to conclude that the information be protected in the first place. The property analogy arose only at the later stage, of deciding how the successful claimant should be compensated for the breach which had taken place.  Lord Denning in the Court of Appeal held that the damages could be assessed by analogy with damages for the conversion of goods, and went on to say that once those damages had been paid then the information would belong to the unsuccessful defendant.

This analysis provoked heated discussion by commentators and has not been followed in subsequent cases.  In particular Lord Denning’s view that payment of damages entitled the defendant to go on using the information effectively rewards the defendant for its wrongdoing, thereby substantially removing any incentive to respect confidence in future.  This is impossible to reconcile with an equitable basis for conferring the protection in the first place.  (The same could well be said of the Court of Appeal’s decision to lift the interim injunction granted in Douglas v Hello! since the Court subsequently accepted that the level of damages awarded was not an adequate remedy in view of the injury suffered, nor by way of possible deterrent to any newspaper or magazine with a large circulation.  The end of the judgment reads almost like an apology to the Douglases for the English courts’ collective failure to protect them.) 

Data protection

The second area of law governing the collection and use of information about individuals is data protection law, conferring a right on the data subject not to have personal information used without (or outside the scope of) consent. 

In practice, however, the value of this right beyond the theoretical is unclear.  It is not easily ascertained by a data subject whether a particular factoid is going to be covered by data protection laws or not.  The information must be capable of identifying an individual in order to qualify as personal data in the first place, but that also depends on other information which is held by the same data controller.  So it may or may not be possible to say at the outset whether a particular fact, for instance the school a person went to, is capable of identifying them because it depends on the other information that that particular data controller holds at the same time.

Human rights law

Bodily privacy is perhaps the oldest and most sacrosanct human right in English law, with the rule of habeas corpus having an almost sacred status. Since Somersett’s Case (R v Knowles, ex parte Somersett[23]) habeas corpus has been acknowledged as the legal basis for individual’s right to physical freedom unless under arrest or imprisoned following a legitimate trial. Even the introduction in 2000 of a police right to stop and search[24] was hugely controversial.  In the less controversial civil sphere, one has the right to refuse medical treatment provided one remains mentally capable.   

Of more direct relevance, the law of media privacy is the most rapidly developing area of human rights.  Emerging from the European Court of Human Rights’ decision in Von Hannover,[25] a law of privacy has been ‘shoe-horned’, as the Court of Appeal described it, into the law on breach of confidence.  Murray v Big Pictures,[26] prohibiting publication of photographs of JK Rowling’s infant son taken in a public place, is the most far reaching UK case to date but is arguably already out of date in the light of the ECHR’s January 2009 decision in Reklos and Davourlis v Greece.[27]  In Murray, the Court of Appeal held that a child, in particular a child of celebrity parents, has to have a reasonable expectation of privacy (the threshold for whether or not privacy has been invaded) separate from their parents’ right to an expectation of privacy, but conditioned by the expectation of privacy that the parents have for their child.  Here, the parents’ expectation was that Donald would be left alone by the press unless and until he sought or achieved some pressworthiness in his own right.  The Court of Appeal quite clearly drew a line between photographing him, which was permitted as no one can object to being photographed in a public place, and the publication of those photographs, which was found to be in violation of his rights of privacy.  But in Reklos and Davourlis the ECHR held that the actual taking of a photograph, independently of any intention to publish or not, was a breach of the Article 8 rights.  In this case, a baby born in a private clinic was literally within hours of being born removed from his parents into a separate space where, without his parent’s consent having been asked, he was photographed by the clinic’s photographer.  The objective, presumably, was to attempt to sell the photographs back to the happy parents.  Arguably, this case is authority for the proposition that the mere taking of a photograph in circumstances where the subject has an expectation of privacy is in itself a breach of Article 8.   

This decision highlights the difficult balancing act inherent in any legal right to privacy.  A person’s expectation of privacy is highly subjective – those who grew up in boarding school sleeping in a dormitory no doubt feel differently as to the right to turn one’s light on and off at night or to have one’s bad dreams observed, than do those who have had a separate bedroom with television and computer games at their sole control since the age of 3.  And the privacy which is expected likewise depends upon the circumstances: one may feel less embarrassed about an incident which occurs in a foreign city and is unlikely ever to be known to any of one’s acquaintance than about the same event on the doorstep of one’s workplace – or vice versa, depending upon whom one perceives to be one’s primary audience: the public at large or only those with whom one has some existing relationship.  The law needs to define a line which recognises a reasonable rather than a paranoid or a lackadaisical expectation of privacy, yet there is no readily available standard against which this can be assessed.  As with many other legal tests, the outcome will depend upon the judge’s own feeling of where a reasonable expectation should lie, and depend accordingly upon the judge’s own history and circumstances.  In the UK, a single judge appears to be designated to make this assessment across all cases – Eady J having decided most of the privacy cases over the last decade.  This should over time give some ability to assess where his judgment is likely to fall, increasing legal certainty.  But it also suffers from the disadvantage that Eady J’s personal and subjective feel as to privacy is becoming the legal standard, when such an important issue ought in principle to be discussed and agreed more generally. 

The impact of the Reklos decision for the increasing network of CCTV cameras notoriously surveying Britain’s streets and car parks will have to be seen.  Data protection law requires that installers of CCTV give clear notices to people entering the relevant area that they may be being observed, and constrain the field of view and use of microphones to the minimum necessary for the stipulated objective,[28] but does this notice requirement, when complied with, negate the individual’s expectation of privacy when in practice streets and car parks are littered with notices of all kinds such that the ordinary individual rarely if ever takes in much of that to which their notice is supposedly drawn?  In reality the answer has to be ‘no’ – until, that is, people become accustomed to thinking of themselves as under observation at all times in all places.  But the effect appears to be a direct clash between the surveillance culture and the theoretical right of privacy the law appears to confer.  The issues will need to be decided at the highest level.

Erosion of privacy through increased observation

The CCTV networks are not the only forms of ubiquitous observation with which the law is going to need to grapple in the future.  The increased use of RFID tagging at an individual product (rather than the former pallet) level raises the possibility that a person who wears or carries a tagged product could be observed entering and leaving spaces where suitable RFID tag readers are deployed, and a pattern of their movements and purchasing habits built up from the records.  Since the records would not of themselves be capable of identifying the individual (except in the case of the shop which sold the tagged product, which might also hold credit card or other customer data), this information would not be subject to the data protection rules and would not be subject to the individual’s consent as to how it was processed.  Nor would such information be confidential to the individuals concerned: the database may be confidential in the hands of the observers, but the information is not even in the hands of the subjects and so cannot readily be described as disclosed by them whether or not the circumstances might be such as to import an obligation of confidence. 

Once a sufficient pattern had been collected, however, such data, no less than name or address, may be able to be used to target the individual for advertising or other purposes.  Likewise, the data accumulating through ambient intelligence systems as to the behaviour of the individuals associated with a given space could ultimately be used to identify each from amongst the others even if unable to associate a name to the data.   Does this data then comprise personal data such that the individuals should be notified as to its ongoing collection and processing?  At what stage would this obligation crystallise, if the monitoring body is to change the status of the data from one day to the next?  If the obligation does bite, does that make the legitimacy of all such monitoring subject to an obligation periodically to review the data to ascertain whether individuals have become identifiable?  And what should the standards be for making that decision?

On the separate issue of the Article 8 right to privacy, the right to be notified is unlikely to diminish the extent to which one’s everyday feeling of immediate privacy – that one is not under observation at all times and places – is nevertheless destroyed.  And once that feeling has been lost then the existing test for an invasion of privacy, that the circumstances were such that one had a reasonable expectation of privacy, will lose all meaning.  It will be necessary to add the question ‘private vis-à-vis whom?’  Whilst this will no doubt continue to be effective to limit the intrusions of the paparazzi, since the intrusion of photography is of a different order from the intrusion of monitoring, nonetheless the sense of being a laboratory rat in an experiment or a call-centre worker clocked in and clocked out for every visit to the lavatory is a considerably lower expectation of privacy than that of a person who believes themselves completely unobserved.  The bargaining power between observers and observed is asymmetric, undermining not only the individual’s sense of autonomy but concomitantly their sense of responsibility: if I am not trusted to conduct myself appropriately without being monitored, then I feel less personal obligation so to do.

Of course there have always been those who were happy to conduct their ‘private’ lives with the full knowledge and engagement of a large circle of acquaintance, and this tendency has been accelerated by the move away from face-to-face interaction towards communications through social networking sites or Twitter.   But the impact of this for privacy, and eventually individuality of identity, since loss of privacy may lead to a more constant and effective pressure to conform to perceived social norms, cannot yet be evaluated since the developments are so recent. 

The data protection issues arising from SNS, with their superficial intimacy and actual lack of effective privacy safeguards, have been discussed elsewhere.  But the more insidious issue of the impact on the individual’s privacy of large scale monitoring of patterns of movement and communications remain to be addressed.  The assertion that ‘those who have nothing to hide have nothing to fear’ overlooks the long-term impact of such universal monitoring.  Why should those who have nothing to hide be subject to perpetual surveillance, unless there is an immediate and evidence-based justification in accordance with accepted social policy?  No such policy has been formulated beyond the invocation of prevention of crime or terrorism, neither of which has yet been shown to be preventable through such means, yet the monitoring is on the verge of becoming ubiquitously established at ever closer range. 

Is this really the brave new world technology is meant to be creating for us?

 

Lorna Brazell is a Partner at Bird & Bird. Lorna is a contributor to Database Law (Jordans, 1998) and The Pharmaceutical Pricing Compendium (Urch, 2003). She is the author of Electronic Signatures Law and Regulation (Sweet & Maxwell, 2004) and co-author with Trevor Cook of The Copyright Directive: UK Implementation (Jordans, 2004).



[1] This is true at least under the Romantic notion of self – separate from and in some senses opposed to society – which is the dominant Western paradigm.  This is of course only one way of looking at human identity.

[2] Dressed up of course in the advertisers’ exhortations to express a unique individuality – by buying into their message

[3] Section 1(7)

[4] Phillips v Brooks Ltd [1919] 2 KB 243

[5] Shogun Finance Ltd v Hudson [2003] UKHL 62

[6] S Maitland, A book of silence 2008

[7] Goffman, The presentation of self in everyday life 1959

[8] Indeed, in social life the success or otherwise of each performance can be a significant factor in the individual’s self-esteem.

[9] Although notably the police power to enter and search has expanded substantially over recent decades

[10] Prince Albert v Strange (1849) 1 Mac. & G 25

[11] The test set out in Coco v A N Clark (Engineers) Ltd. [1969] RPC 41 is most commonly invoked, requiring the information to have the “necessary quality of confidence” and to have been disclosed to the recipient in circumstances importing an obligation of confidence. 

[12] Ash and another v McKennitt and others [2005] EWHC 3003 (QB), [2006] EMLR 178

[13]  Subsequently ruled unlawful by the ECHR in Malone v United Kingdom (1984) 7 EHRR 14, leading to the passage of the Interception of Communications Act, the precursor to the RIPA

[14] [2009] UKHL 41

[15] Copyright, Designs and Patents Act 1988; Trade Marks Act 1994; Patents Act 1977

[16] See Halsbury’s, Laws of England, Fourth Edition, 2003 Reissue, vol 8(1), para 408

[17] [2005] EWCA Civ 595

[18] [2007] UKHL 21

[19] Tony Martino, The excremental right to triviacy [2008] Ent LR 2, 21

[20] In McKennitt v Ash, Eady J appeared to accept that confidential information is qualified as property:  “If information is my private property, it is for me to decide how much of it should be published”.

[21] See the discussion in Toulson and Phipps, Confidentiality, 2nd edition at 2-030 et seq

[22]  [1967] RPC 349

[23] (1772) 20 State Tr 1; (1772) Lofft 1

[24] Terrorism Act 2000, s 44; most notoriously used to eject a heckler from the Labour Party Conference

[25] 2004-VI ECHR 294

[26] [2008] EWCA 446

[27] 1234/05 [2009] ECHR 200

[28] Information Commissioner’s Office CCTV code of practice Revised edition 2008