Preiskel & CoPreiskel & Co
Preiskel & Co
  • Home
  • About Us
    • Diversity, Social Responsibility, and Pro Bono
  • Services
    • Corporate
    • Commercial
    • Regulatory
    • Competition & Antitrust
    • Data Protection, Privacy, and Retention
    • Intellectual Property
    • Dispute Resolution
    • Employment
  • Sectors
    • Telecommunications
    • IT, Technology, & Internet
    • Media and Broadcasting
    • Websites, Blogging, & Social Media
    • Film & Television
    • Gambling & Online Gaming
    • Leisure & Retail
    • Energy & Minerals
    • Cryptocurrency & Blockchain
    • Creative Industries
  • People
    • Daniel Preiskel
    • Ronnie Preiskel
    • Tim Cowen
    • Jose Saras
    • Robert Dougans
    • Karthyaeni Vittala
    • Tina Cowen
    • D A T Green
    • Richard Stewart
    • Mor Swiel
    • Ilanit Appelfeld
    • Stephen Dnes
    • Daniel Oakland
    • Robert Harvey
    • Martina Raciti
    • Joanna Coombs-Huang
    • Xavier Prida
    • Stewart White
    • Alison MacFarlane
    • Hannah Leader
    • Peter Dally
    • Antony Corel
    • Sue Warwick
    • Tony Curzon-Price
    • Shardi Shameli
    • Stephen Hornsby
    • Ewelina James
    • Maria Constantin
    • Sophia Yakhno
    • Rachael Machado
  • International
  • Blog
  • News
    • Publications
  • Contact
Menu back  

Morrisons Supreme Court Hearing for Deliberate Data Breach by an Employee

November 8, 2019By Joanna Coombs-Huang

In October 2018 the Court of Appeal upheld the High Court ruling against Morrisons, by finding there to be sufficient connection between Andrew Skelton’s role as a senior internal auditor for the grocery chain, and his conduct in having access to sensitive employee information and disclosing it in a deliberate breach of data privacy regulations. The basis of the ruling was a vicarious liability, where employers may be held liable for damages when their employee causes personal injury or other loss to another person through their actions while at work. This civil case has been brought on behalf of the employees of Morrisons whose data had been disclosed. It is worth noting that Morrisons acted swiftly to remove the personal data posted and notified authorities regarding the breach, and was found to have had in place appropriate data protection methods and avoided regulatory action and potentially a fine.

There is particular interest in this ruling as Mr. Skelton held a grudge against Morrisons and deliberately disclosed the personal data seeking to damage his employer. Mr. Skelton was found guilty, in the Bradford Crown Court in 2015, of the criminal charges of fraud by abuse of a position of trust, unauthorised access to data with the intent of committing an offence, and disclosing personal data. He was sentenced to 8 years imprisonment.

The Supreme Court is now considering the appeal, on the 6 and 7 November 2019, of Morrison’s vicarious liability, and the extent that data protection law is definitive with regards to remedies. The claimants in the case are the employees, numbering over 5000 and who are now seeking compensation in the case. Though there is no suggestion that all of the claimants are able to demonstrate financial hardship or loss due to the breach. If the claim against Morrisons is successful in the Supreme Court, a further hearing to consider the quantum of damages for the claimants will be held, where the damages are likely to be largely based on distress associated with the data breach.

The decision from the Supreme Court will be closely attended to by many companies as it could shape the vicarious liability threshold regarding criminal or fraudulent actions commited by disgruntled employees. However, with the growing sensitivity, scrutiny and regulatory risks arising from personal data breaches (and the increasing scale of cyber attacks against companies), organisations should in any event review their internal data protection compliance, legal and IT security policies and procedures to ensure their risks are mitigated.

This blog post will be updated as events unfold.

Please contact Jose Saras and Joanna Coombs-Huang if you have any questions relating to data protection policies and procedures.

Latest Preiskel & Co blog posts
  • Advocate General Opinion on Automated Credit-Scoring & Retention of Insolvency Data
    March 28, 2023
  • White House’s Economic Report of the President sets out a roadmap to improve competition in digital markets
    March 22, 2023
  • Brussels Conference brings in industry leaders to discuss the international antitrust landscape
    March 22, 2023
  • Issues in the UK’s forthcoming Digital Markets, Competition and Consumer Bill
    March 17, 2023
  • Stormy weather for cloud computing in the EU
    March 16, 2023
  • Inmarsat Takeover Provisionally Cleared for Take-Off
    March 10, 2023
  • EDPB’s Feedback on the New EU-U.S. Data Privacy Framework
    March 6, 2023
  • UK Data Reform Bill to return to the House of Commons
    March 3, 2023
  • DCMS Publishes New Security and Privacy Principles for App Store Operators and Developers
    February 16, 2023
  • DPO’s Dismissal & Conflicts of Interest Under The EU GDPR – CJEU Ruling
    February 14, 2023
  • ICO – Change of Deadline for Reporting Breach Notifications for Communication Service Providers
    February 6, 2023
  • General EU Requirements for Cookie Banners – EDPB Task Force Report
    January 27, 2023

The Preiskel Blog

  • Advocate General Opinion on Automated Credit-Scoring & Retention of Insolvency Data 28 Mar 2023
  • White House’s Economic Report of the President sets out a roadmap to improve competition in digital markets 22 Mar 2023
  • Brussels Conference brings in industry leaders to discuss the international antitrust landscape 22 Mar 2023
  • Issues in the UK’s forthcoming Digital Markets, Competition and Consumer Bill 17 Mar 2023

Preiskel news

  • Senior Partner, Danny Preiskel, quoted by IT Pro on the costs incurred by MNOs
  • Senior Partner, Danny Preiskel, will be a panellist at GCCM Carrier Community 2023 on IOT
  • Jose Saras and Xavier Prida Awarded First Place as Data Protection Thought Leaders in the UK
  • Ronnie Preiskel chosen to judge 24 May 2023 The Tech Capital Global Awards
Preiskel tweets
  • Advocate General Opinion on Automated Credit-Scoring & Retention of Insolvency Data. Find out more here: https://t.co/bJkvPBvj6Fabout 1 hour ago
  • Issues in the UK’s forthcoming Digital Markets, Competition and Consumer Bill. Find out more: https://t.co/3BHP1xq69Y5 days ago
  • White House’s Economic Report of the President sets out a roadmap to improve competition in digital markets. Find o… https://t.co/S7J7sX3kfs6 days ago
Preiskel & Co LLP
4 King's Bench Walk,
Temple,
London
EC4Y 7DL
United Kingdom

Tel: +44 20 7332 5640
Email: info@preiskel.com

Find us on:

TwitterLinkedinMail
© Preiskel & Co LLP 2023 | Site map | Legal notices | Cookie Policy | Privacy