Businesses, and by default their directors and employees, are often exposed to confidential information when engaged in day-to-day work and may overhear discussions that are private and should remain so.

The law protects this information and allows those whose privacy, or confidence, has been breached to bring claims for breach of confidence and/or for misuse of private information. The recent High Court claim in the case of Clearcourse Partnership and others v Jethwa [2022] EWHC 1199 (QB) was brought in respect of both torts, in addition to a data protection claim pursuant to the GDPR, but what makes this case more interesting than most is that the confidential discussions were overheard by someone who was on the opposite side of a business acquisition which the claimant was involved in.

The judgment concerned an application for an injunction preventing disclosure of the content of the private, business conversations between representatives of the claimant, which were overheard by the defendant from another room during the course of the business acquisition meeting.

In April 2022, the High Court granted an interim non-disclosure order (known as an ‘INDO’) restraining disclosure of the private conversations and any recordings of them. The matter was returned to the High Court to determine whether the interim injunction should be continued. Note that the test for continuation of an INDO is not a full trial on merits, but simply that the Judge at the return hearing must be satisfied that the claimant would “more likely than not” succeed with its underlying claims if they were pursued to trial (Cream Holdings Ltd v Banerjee & Others [2004] UKHL 44).

Facts

Clearcourse, the claimant, concluded a sale and purchase agreement (SPA) concerning a company in which Mr Jethwa, the defendant, was a part-owner and then CEO. In the course of the negotiation of the SPA, Clearcourse’s CEO and one of its directors attended Mr Jethwa’s offices to negotiate the SPA. The room in which the negotiations were taking place contained a CCTV camera and Mr Jethwa’s office was next door to it. Mr Jethwa left the room for a short while to go to his office, during which the Clearcourse representatives had an “unguarded and candid” private conversation amongst themselves in which they discussed their strategy for the negotiation, their impression of Mr Jethwa and the possibility that Mr Jethwa might be fired in the event the target company was acquired.

Mr Jethwa argued that he clearly heard the conversation through the wall of his adjoining room and the matters discussed were not confidential. On his own evidence, Mr Jethwa took a screenshot of the live CCTV footage from the meeting room (the “Screenshot”) but claimed he had not recorded what Clearcourse were saying. At the time, Mr Jethwa stayed quiet about what he heard because he wanted the SPA to be completed, and in the likelihood he would be working with Clearcourse representatives, he sought to maintain good relations.

Following the conclusion of the SPA, disputes arose between the parties in relation to the SPA’s performance, which involved financial and intellectual property disputes.

In March 2022, Clearcourse sent Mr Jethwa an ultimatum to settle the disputes. At this point, Mr Jethwa replied, sharing the Screenshot, with the message “You should know this doesn’t do you any favours. Whilst I walked out and what you both say should be interest for social (sic)”, threatening to release what Clearcourse discussed privately on social media.

Following this, Clearcourse promptly made their application and the INDO was granted.

The underlying claims

Clearcourse made claims for breach of confidence and misuse of private information in relation to its private conversation. Clearcourse also claimed breach of data protection rules under the GDPR and (from 1 January 2021 the UK GDPR) (“GDPR”) in relation to the Screenshot.

Breach of confidence claim

In order to succeed with a claim for breach of confidence, the claimant must establish that the content of the discussions (i) has the necessary quality of confidence, (ii) that the defendant came to know of what was being said in circumstances importing an obligation of confidence and (iii) that there had been unauthorised use or a threat to use that information to the detriment of the owner of the information.

Regarding the first limb of the test, the Judge was satisfied that “a reasonable person in [Mr Jethwa’s] shoes would appreciate that a conversation held behind closed doors, between individuals on the opposite side to him in a business negotiation on these subjects, was both private and confidential”. Further, the Judge emphasised that “the duty of confidence does not arise only when a person actively seeks out private and confidential information” but also applies “when a person has notice that the information they receive is of a confidential nature”.

Summarising the second limb of the test, the Judge stated: “A duty of confidence arises when confidential information comes to the knowledge of a person in circumstances where he has notice, or is held to have agreed, that the information is confidential, with the effect that it would be just in all the circumstances that he should be precluded from disclosing the information to others.

Applying this, the Judge stated that: “As a matter of principle, there is no reason why a person overhearing a private discussion through a window or wall, and who is aware of the context and private nature of the discussion, should not come under a duty of confidence. The fact that he makes no specific effort to eavesdrop is not determinative in this regard.

In relation to the third limb of the test, the Judge stated that he agreed with Clearcourse that Mr Jethwa was making some form of threat of disclosure of something adverse to Clearcourse. Although this may not necessarily have been on social media, it could have been disclosure to a third party of material which was embarrassing or commercially sensitive. He further noted that the threat of disclosure of such information from Mr Jethwa remains “real”. Therefore, the Judge held that the claimant was likely to succeed at trial on all three limbs in a breach of confidence claim.

Misuse of private information claim

Succeeding in a misuse of private information claim is a two-stage test (as set out in ZXC v Bloomberg LP [2022] UKSC 5). The first stage is whether a claimant has a reasonable expectation of privacy regarding the information in question. Secondly, the court needs to balance the claimant’s right for privacy against the rights of others, such as the defendant’s right to freedom of expression. It was held in LJY v Persons Unknown [2017] EWHC 3230 that “blackmail represents a misuse of free speech rights”.

The Judge held that Clearcourse “would regard their conversation, behind closed doors, as giving rise to a reasonable expectation of privacy” (first test) and that there was no general interest nor any other justification for the disclosure of it, least alone Mr Jethwa’s freedom of expression rights against Clearcourse’s privacy rights (second test). Therefore, the Judge held that Clearcourse was likely to succeed at trial on both limbs of a misuse of private information claim.

GDPR

The Judge held that the Screenshot contained Clearcourse’s representatives personal data, which data had “been compiled and retained without their consent or on the basis of any other legitimate interest of” Mr Jethwa. The Judge held that Mr Jethwa “did not obtain and has not purported to obtain such consent to processing” such personal data. Notably, the Judge also held that a “general CCTV warning” did not assist in showing consent to the “private and personal copying and storage by [Mr Jethwa] of their images”. As such, Clearcourse’s data protection claim is likely to succeed at trial as well.

Eavesdroppers beware

The injunction was therefore continued, albeit with slightly modified wording.

There are a number of notable points that arise from this case:

  • INDOs remain powerful tools to restrict disclosure of private and confidential information and the Courts can be persuaded to grant them if the tests can be satisfied.
  • Eavesdropping into a private / confidential conversation is not the only scenario where there may be a breach of confidence – as long as the listener “is aware of the context and private nature of the discussion” the listener is bound by a duty of confidence.
  • Evidence of blackmail remains likely to swing the grant of an injunction in favour of the claimant in the context of a breach of confidence or misuse of private information claim. The Judge described the defendant’s conduct in this case as “unattractive”, which undoubtedly affected his credibility for the remainder of the case.
  • A general CCTV warning will not suffice in showing consent for the compilation or retention of personal data under the GDPR.