Rolfe v Veale Wasbrough Vizards LLP

Reference: [2021] EWHC 2809 (QB)

Court: High Court, Queen's Bench Divisions (Media & Communications)

Judge: Master McCloud

Date of judgment: 7 Sep 2021

Summary: Data protection – harm – de minimis - summary judgment

Download: Download this judgment

Appearances: Felicity McMahon (Defendant) 

Instructing Solicitors: VWV

Facts

In 2019 the Defendant solicitors firm, Veale Wasbrough Vizards (“VWV”) sent a letter via email in relation to a potential debt claim to two individuals. The letter related to unpaid school fees for the couple’s daughter’s school. The letter referred to the unpaid fees, threatened legal action if they were not paid, and included an attachment containing a statement on account of fees and a number of standard form accompanying documents

When sending the letter of claim out, there was a single letter typographical error in one of the email addresses, and it was sent to an incorrect recipient. The incorrect recipient promptly responded indicating they thought they had received the email in error, and then at VWV’s request confirmed the email had been deleted the next day.

The couple and their daughter brought an action seeking damages for misuse of confidential information, breach of confidence, negligence, damages under s82 of the GDPR and s169 Data Protection Act 2013, plus a declaration and an injunction, interest and further or other relief.

The Defendant sought summary judgment on the basis that that this was a one-off accidental error which was quickly remedied and the damage and/or distress caused as a result of it, if any, was so low as not to meet the de minimis threshold.

Issue

Should summary judgment be granted to the Defendant as any damage and/or distress caused was below the de minimis threshold, and as such the claim had no real prospect of success and there was no other compelling reason why it should go to trial.

If so, on what basis should costs be awarded.

Held

Summary judgment was granted.

On the facts there was no credible case that damage or distress over the de minimis threshold had been caused. The claim for distress was exaggerated. The information in question was minimally private, containing nothing especially personal such as bank details or medical matters. The incorrect recipient was rapidly asked to delete it and confirmed that she had done so, and there was no evidence of further transmission or any consequent misuse.

“In the modern world it is not appropriate for a party to claim, (especially in the in the High Court) for breaches of this sort which are, frankly, trivial.”

The Defendant was awarded its costs on the indemnity basis. The Judge referred to her strong observations as to the nature of the claim in terms of exaggeration and lack of credible evidence of distress, and that the court regarded the claim as speculative given its de minimis nature, as well as taking into account a Part 36 offer made by the Defendant.

Comment

A robust decision which will be of interest to those dealing with minor data breach claims.

Master McCloud extended time for permission to appeal until after the forthcoming judgment of the Supreme Court in Lloyd v Google, which was referred to by both parties.