Master McCloud granted summary judgment in a data breach claim over an email which was sent to one incorrect recipient, who deleted it.
Solicitors Veale Wasbrough Vizards (“VWV”) sent a letter via email in relation to a debt claim to two individuals. The letter and attachments included the individuals’ address, the fees owed and a schedule of fees paid. Unfortunately, there was a single letter typographical error in one of the email addresses, and it was sent to an incorrect recipient. The incorrect recipient promptly responded indicating they thought they had received the email in error, and then at VWV’s request confirmed the email had been deleted the next day.
A claim was issued by the parties to whom the letter was supposed to have been sent and their daughter for (amongst other things) damages for misuse of private information, damages for breach of confidence, damages for negligence, damages pursuant to Article 82 of the GDPR and damages pursuant to section 169 of the Data Protection Act 2018.
VWV applied for summary judgment on the basis that this was a one-off accidental error which was quickly remedied.
Master McCloud granted summary judgment in the claim finding that any damage or distress suffered was not above the de minimis threshold, and that the claim had been exaggerated.
- “There is no credible case that distress or damage over a de minimis threshold will be proved. In the modern world it is not appropriate for a party to claim, (especially in the in the High Court) for breaches of this sort which are, frankly, trivial. The case law … provides ample authority that whatever cause of action is relied on the law will not supply a remedy in cases where effectively no harm has credibly been shown or be likely to be shown.”
The claimants were ordered to pay costs on the indemnity basis. An interim payment was ordered. Time for permission to appeal was extended until after the handing down of the Supreme Court’s judgment in Lloyd v Google (which both sides referred to in argument).