SOJ v JAO

In late 2017, the applicant began an intimate relationship with the respondent. He alleged that she began a harassment campaign against him after he ended the relationship in early 2018. In July of that year, the respondent threatened to bring proceedings against the applicant in the US, claiming he had infected her with two sexually transmitted diseases. The respondent demanded $2.5 million in return for dropping her threat.

In August 2018, a settlement agreement was reached: the applicant agreed to pay the respondent $1.5 million, and the respondent agreed to keep confidential the details of their relationship and the infection allegation, and to return and destroy any data relating to their relationship.

The following year, in April 2019, the applicant received information suggesting that the respondent had breached the settlement agreement. The respondent submitted her mobile phone to the applicant’s US lawyers for examination. This revealed that she had failed to delete several photographs involving the applicant, as well as evidence of correspondence between them. In August 2019, the applicant gave notice of breach, and demanded that the respondent return the $1 million she had already received.

A fortnight later, the respondent’s US lawyer threatened to issue proceedings against the applicant, alleging that the applicant had breached the respondent’s rights under the General Data Protection Regulation (GDPR) when examining her mobile phone. The lawyer asserted that the August 2018 settlement agreement could not be used to conceal such breaches, and warned that the applicant would be forced to testify in public if the respondent brought a claim in the US – including on matters which the agreement sought to keep confidential.

The applicant applied, without notice, in London for an interim injunction restraining the respondent from revealing the fact of their relationship; her allegation that the applicant had infected her with sexually transmitted diseases; and the details of their legal dispute. The court heard the application on 24 September 2019. It announced its decision the following day.

1. Whether to maintain an earlier anonymity order preventing the disclosure of the parties’ names.

2. Whether the hearing of the application for an injunction should be in private or in public.

3. Whether the appellant should be permitted to make his application without notifying the respondent.

4. Whether to grant the injunction sought.

1. The court maintained the earlier anonymity order. Disclosure of the parties’ names would defeat the purpose of the injunction sought, by making public information which the applicant wanted to keep private. The order also protected both parties’ interests, and would enable the court to give a public judgment, and thereby share greater detail on the case.
2. The hearing would be in private. The case involved confidential information, and publicity would defeat the object of the hearing. The applicant had alleged that the respondent was blackmailing him, while the respondent had alleged that the applicant had breached her data protection rights: the blackmail claim alone warranted a private hearing, to secure the proper administration of justice.
3. The applicant could make his application without notice. There were compelling reasons why the respondent should not be notified. If notice were given, there was a real risk that proceedings might be issued against the applicant, in an attempt to deprive the applicant’s application of any utility. (The respondent therefore did not appear at the hearing.)
4. The injunction was granted. The court was likely to prevent publication at trial:
   1. The application involved a balance between the applicant’s right to respect for his private and family life, and the respondent’s right to freedom of expression. The applicant’s right should prevail. There was no general public interest in other people’s sex lives. And there was no public interest in disclosing the details of this particular relationship, and in overriding the applicant’s reasonable expectation of privacy in respect of it.
   2. The court should look to enforce the contractual duty in this case, particularly as the respondent had, with legal advice, freely and voluntarily entered into a confidentiality agreement with the applicant. Moreover, the parties had expressly agreed that any breach of the settlement agreement would be enforceable through the granting of an injunction.
   3. The respondent was unlikely to have a claim under the GDPR. Being an EU regulation, it appeared that such a claim would need to be brought in England and Wales, not the US. In any event, it was arguable that the respondent’s proposed claim would be barred by her having handed over her mobile phone, and thereby consenting to the processing of her personal data.
   4. On the applicant’s evidence, there was a credible basis for contending that he was the victim of blackmail.
   5. There was credible evidence that the respondent had already breached the settlement agreement, and was threatening to use the GDPR claim as a vehicle to disclose and publish information protected by the agreement, including the sexual infection allegations.
   6. In addition, damages for breach of confidence would not adequately compensate the applicant if the respondent was allowed to publish the information in question. It was not obvious that the respondent would suffer any real loss by being unable to breach the settlement agreement, but either way the applicant’s cross-undertaking in damages would protect her interests.

Another example of a blackmail case involving a threat to “kiss and tell”.