The judgment in Vidal-Hall v Google [2014] EWHC 13 has now been published. The case concerns claims by a number of representative claimants that Google has misused their private information, and acted in breach of confidence, and/or in breach of the statutory duties under the Data Protection Act 1998 s 4(4), by tracking and collating, without the claimants’ consent or knowledge, information relating to their Internet usage on the Safari browser.
This judgment from Tugendhat J actually addresses only the issue of whether or not permission was rightly given for the claim to be served on Google Inc in California. It was Google’s contention that the nature of the claim was such that it could only be properly brought in California and that the claim did not have the characteristics necessary for permission to serve out of the jurisdiction to be granted. However, this apparently narrow point opens a can of worms of considerable width. The judgment touches upon major data protection issues (eg what is personal data), the extent to which misuse of personal information amounts to a tort and whether minor ‘test’ claims can be restricted on the basis that the value of each is too small to justify complex litigation. However, it needs to be remembered that Tugendhat J is concerned only to establish whether the claims are arguable and is not determining their merits, notwithstanding some very solid hints as to his view.
SCL members will no doubt recall that, following the discovery of how Google Inc had been collecting the information from Safari browsers in the period to which the claim relates, Google Inc agreed to pay a civil penalty of $22.5 million to settle charges brought by the FTC that it misrepresented to certain users of the Safari browser that it would not place tracking cookies or serve targeted advertisements to those users. It later agreed to pay $17 million to settle US state consumer-based actions brought against it by United States attorneys general representing 37 US states and the District of Columbia. In addition, Google as required to give a number of undertakings governing its future conduct in its dealings with users in the USA. It seemed to many faintly ludicrous that UK users, among others, were not thought worthy of compensation and that Google’s identical behaviour in respect of such UK users was not censured in any material way.
In his conclusions Tugendhat J stated that the claimants had succeeded in bringing their claim within the permitted categories of claims that may be served out of the jurisdiction and, unsurprisingly, that England and Wales was the appropriate forum for the claim.
Laurence Eastham writes:
The judgment in this case deserves careful reading. Google’s stance objecting to service out of the jurisdiction certainly has more merit in law than this reader’s initial ‘common-sense’ judgment gave it credit for. While the claim for injunctive relief was easily dismissed, the headline is the (interim) endorsement of the claim that Google’s actions may amount to a breach of duty and the tort of misuse of private information.
SCL welcomes comment and contributions on the judgment which will clearly spark wide-ranging debate.