Dispute Resolution analysis:
The defendant council obtained private financial information about the claimant and his son during the course of a possession claim concerning property belonging to the claimant’s neighbour, Ms Sobesto. The court rejected the defendant’s argument that it obtained the information as part of its duties as Ms Sobesto’s Deputy, or that it had done so as part of an enquiry under section 42 of the Care Act 2014. Rather, the accessing of the financial information was disproportionate and amounted to a misuse of the claimant’s private information. Further, the court found that the defendant council breached Articles 5, 12 and 15 of the GDPR by: failing to adequately respond to the claimant’s DSAR for over four years; deleting the claimant’s data; and failing to locate and disclose various data, which demonstrated a ‘slapdash’ approach to data security. The claimant was awarded damages of £6000, including aggravated damages.
Written by Lily Walker-Parr, barrister at 5RB.
(5RB’s Gervase de Wilde appeared for the successful Claimant at trial)
Access the article at the Download link (below), or online here (subscription required).
