The privacy headlines this year have been predominantly grabbed by Google Spain, a judgment given in May 2014 (reported here) by the Court of Justice of the European Union (CJEU) which held that Google was subject to European data protection laws and must observe the right of its data subjects in the EU to be ‘forgotten’ from its search engine results.
However, another case potentially more pertinent to UK data protection law has been quietly building momentum this year, and has now received intervention from the Information Commissioner’s Office (ICO). This week it was announced that the ICO has entered the frame as an ‘interested party’ and submitted evidence, on the basis that elements of the case could be relevant to data protection regulations.
The case, Vidal-Hall v Google Inc. involves Google and three users of an internet browser. The three claimants allege a breach of their privacy (misuse of confidential information) based on Google’s use of ‘analytic’ cookies, which tracked their online habits on a particular internet browser, in order to display targeted advertising on their browsers.
In January 2014 the UK High Court held that the case could be heard in the UK, despite Google being based in the US. Google had claimed that the case was not serious enough to fall under British jurisdiction. Google has said they will appeal this ruling, however, the ICO’s recent involvement may make a successful appeal on jurisdiction less likely, having added more reason that there is a serious issue to be considered in the UK.
This could prove to be a ‘test’ case for privacy and the issue of damages and will be eagerly followed by technology companies in 2015, of particular relevance to US internet service providers with EU operations, and may provide an interesting development for privacy law in the UK.