Brick Court Chambers

Scope for representative proceedings for misuse of private information

22/05/23

Prismall v. Google UK Ltd. & DeepMind Technologies Ltd. [2023] EWHC 1169 (KB)

Large-scale storage of personal data might be thought to lead to large-scale distributions of damages if such data is misused. The Supreme Court’s judgment in Lloyd v. Google [2022] AC 1217 largely extinguished hopes of the emergence of class actions for data breaches without legislative intervention. However, that judgment appeared to leave open the possibility of a class of the victims of a data breach recovering in representative proceedings under CPR 19.8 for the tort of misuse of private information via a claim for damages for loss of control. If each had lost some control in a generic way recognised by the law, their damages might be quantified in representative proceedings on the basis of the lowest common denominator across the represented class, thus avoiding any need for individualised assessment of damages. The first case to explore that possibility has been dismissed by a judgment of Heather Williams J, holding that on the facts the lowest common denominator was insubstantial, but the possibility remains for an appropriate future case.

The judgment is here.

Gerard Rothschild appeared for the Representative Claimant (instructed by Mishcon de Reya).