Data Protection: the new ‘Monetary Penalties’: Businesses Beware!

On 6th April, 2010, new powers were given to the Information Commissioner (the guardian of personal data), to impose ‘monetary penalties’, on data controllers, who do not comply with ‘the Data Protection Principles’, pursuant to the new sections of the 1988 Act: ss 55A – 55D of the Data Protection Act 1998.

Monetary Notice

Under s 55A of the 1998 Act, the Information Commissioner, in deciding whether to serve ‘a monetary penalty notice’ upon a data controller, has to satisfy himself of the following:
(i) ‘a serious breach of the data protection principles’, by the data controller has occurred;
(ii) the breach was such that it was ‘likely to cause substantial damage or substantial distress’; and
(iii) the breach was either: (a) ‘deliberate’, or (b) that the ‘risk’ of a breach of the type referred to, was ‘known’ or should ‘have [been] known’, and there was a failure to take ‘reasonable’ preventative action. 

(See s 55A((1)-(3) of the Data Protection Act 1998)

Size of Penalty

The amount of the penalty cannot exceed £500,000 (see s 55A(4) of the 1998 Act and reg 2 of the Data Protection (Monetary Penalties) (Maximum Penalty and Notices) Regulations 2010 (SI 2010 No 31)).  Payment of the penalty is ‘to the Information Commissioner’, within the time period stated ‘in the notice’.  [S 55A(6) of the 1998 Act]. 

Notice Information

The ‘prescrbed’ ‘information’, required in the notice, under s 55(7) of the 1998 Act, is set out in reg 4 of the 2010 Regulations (above).

‘Notice of Intent’

As a preliminary procedure, ‘a notice of intent’ has to be served on ‘the data controller’, by the Information Commissioner: see s 55B of the 1998 Act.  The purpose of this notice is to give ‘the data controller’ a chance to ‘make representations’ to the Information Commissioner, before an actual ‘penalty notice’ is issued: see ss 55(3), (4) of the 1998 Act.  Under s 55B(5) of the 1998 Act, a data controller has a right of ‘appeal to the Tribunal’ (this is either ‘the First-tier Tribunal’ or ‘the Upper Tribunal’: see article 2(3) of the Transfer of Tribunal Functions Order 2010 (SI 2010 No 22)).

‘Guidance’ Regarding Monetary Penalties

Under s 55C of the 1998 Act, there is a requirement that the Information Commissioner ‘prepare[s] and issue[s] guidance’ regarding ‘how he proposes to exercise his functions’ concerning ‘monetary penalties’ and ‘notices of intent’: see s 55C(1) of the 1998 Act.  Included in ‘the guidance’ there has to be statements concerning:
‘(a) the circumstances in which’ the Information Commissioner ‘would consider it appropriate to issue a monetary penalty’; and
(b) how the size of the penalties will be determined
(See s 55C(2) of the 1998 Act).

This guidance can be changed or ‘replaced, which the Information Commissioner has to ‘issue’: see s 55C(2) of the 1998 Act.  However, there is a requirement that before ‘guidance’ is issued by the Information Commissioner (which, seemingly, includes changed or ‘replacement guidance’), the Secretary of State’s ‘approval’ has to be obtained, and the Information Commissioner has to ‘lay any guidance issued under [s 55C] before’ both ‘House[s] of Parliament’: see ss 55C(4), (5) and (6). 

Information Commissioner's Guidance 

The Information Commissioner has issued such ‘guidance’: see ‘Information Commissioner’s guidance about the issue of monetary penalties prepared and issued under section 55C(1) of the Data Protection Act 1998’ (12th January, 2010)  (Crown copyright).  This ‘guidance’ is available on the Information Commissioner’s website: www.ico.gov.uk

Enforcement of Penalty Notices

Non-compliance with ‘a monetary penalty notice’ can result in the Information Commissioner commencing court proceedings to recover ‘the penalty’: see s 55D of the 1998 Act. 

Supplementary Powers

The Secretary of State, under s 55E of the 1998 Act, has power to ‘make further provision’ regarding ‘monetary penalty notices’ plus ‘notices of intent’: see s 55E(1).

Comment

The new ‘monetary penalties’ supplement, reinforce and add potency to the Information Commissioners’ other powers of enforcement, set out in Part V of the 1998 Act (ss 40-50). Given that there have been highly publicised instances of organisations in the private and public sectors disclosing or misplacing ‘personal data’, in circumstances which could breach ‘the data protection principles’, the new powers will be a strong incentive for commercial enterprises (and public sector entities) to make sure that customer data is stored and processed properly.  In the current economic circumstances, a penalty of up to £500,000 will not be welcomed by many commercial organisations, not only in pecuniary terms, but also in terms of their reputation.  A penalty at the upper end of the scale will indicate the breach was significant, and customers may take a view accordingly.

Commercial Agents Regulations: when does the relationship terminate?

The Commercial Agents Regulations, like any piece of legislation, can only be fully understood once its bare terms are “fleshed out” with case-law.  That process continues in the U.K., as is illustrated by the English case of Clarmoda Ltd v Zoomphase Limited [2009] EWHC 2857 (Comm), decided on 13 November 2009.

The informal nature of agency relationships poses particular challenges to those who seek to regulate this area of law.  Because agency is such a useful commercial concept, it would make no sense to burden it with formalities in relation to creation of the relationship.  This case is a useful illustration of the challenges which arise as a direct result of the informality which is characteristic of agency.  In the case there was no written contract establishing the agency relationship, and much of the crucial evidence of relations between principal and agent was oral, taking place in phone calls or meetings.  This is highly typical, especially in situations where the agency is a low-value one.  Either party can, under regulation 13(1), require the other party to provide a signed written document setting out the terms of the agency contract.  In many cases, such a document will not have been obtained before it is too late, and the parties are in dispute about the actual terms of the agency contract.    

In this case the agent sought compensation in terms of regulation 17(6).  Entitlement to either compensation or indemnity is time-limited: the agent has a year from termination to make a claim for compensation or indemnity (reg 17(9)).  Compensation is available where the agency contract is silent on this point, as was the case here where the parties had not entered into a written contract.  If the parties wish to opt for indemnity rather than compensation, they must make provision for the same in a written contract (reg 17(2)).  But if the principal/agent relationship is highly informal, it may be no easy matter to identify the date on which the relationship terminates, and on which the clock begins to tick through the one year period.  That was exactly the issue which came before Mr Justice Simon in this case.

In order to decide that the agent was in fact entitled to compensation and was not time-barred, Mr Justice Simon focussed on the definition of a commercial agent contained in reg 2(1).  An agent is only a commercial agent in terms of the regulations if he or she has “continuing authority to negotiate” on behalf of his or her principal.  The Parks v Esso Petroleum case ((2000) Eu LR 25) was referred to by Mr Justice Simon in order to understand the meaning of the word “negotiate.”  So the important question is whether the agent’s authority to negotiate has ceased.  If that is the case then the agent’s relationship may have terminated.  That is not the sole criterion by which termination will be judged, however.  The agent may carry out other work on behalf of the principal which does not involve negotiation.  That was the case here, where the agent “…was involved in dealing with customer’s concerns about their orders and confirming discrepancies in the paper-work” (para [44]).  Although not involving negotiation, these are activities which the agent was carrying out on behalf of his principal and which provided evidence that the relationship had not yet terminated. 

The lucky agent was thus able to prove that he had intimated his claim for compensation timeously.  Mr Justice Simon also indicated that there was no need for him to identify an actual date of termination: pinpointing “mid-January 2007” was sufficient (para 49(1)).   

Recently, the House of Lords case Lonsdale v Howard & Hallam ([2006] EWCA Civ 63; 2006 1 WLR 1847 (CA); [2007] UKHL 32, [2007] 1 WLR 2055, [2007] ICR 1338 (HL(E)) significantly eroded the agent’s ability to claim compensation where the principal’s business is failing at the time of termination.  This case goes some way towards redressing the balance in favour of the agent.  A principal must make the date of termination clear if he wishes later to rely on the argument that the agent’s claim is time-barred. 
 

 

Law firms: do you know what your solicitors are doing?

The English case of Nayyar and ors v Denton Wilde Sapte and Gauri Advani [2009] EWHC 3218 (QB), decided in December 2009, provides interesting reading for law firms whose solicitors might be tempted to engage in business activities which depart from the usual advisory role to be expected of a solicitor.  More broadly it is a useful illustration of the application of the legal ideas of the apparent and implied authority of an agent.  It exhorts us to remember that law firms are not necessarily liable for the activities of their employees only when the firm considers a client to be a client, all necessary form-filling having been completed.  A firm’s liability can arise before the point at which the firm has been formally retained by the client. 

The facts involving underhand dealings on all sides, and a full picture cannot be provided here.  In essence, Advani was a senior solicitor employed by Denton Wilde Sapte (“DWS”), principally to introduce business to their India Group, although clearly matters progressed so that she carried out some legal work for DWS.  It is noted in the judgment that Advani “…is a dual qualified lawyer who had contacts and connections with India , and was the ex daughter in law of the Deputy Prime Minister at the material time, Mr Lal Krishna Advani” (para 4).  Advani allegedly represented to the Claimants that she would be able to procure for them the award of Global Sales Agent status for the UK and Ireland (a “GSA”) from Air India.  GSAs are incredibly lucrative, the Claimants anticipating that the award of this GSA would yield net profits of over £2 million per year.  This was a highly attractive business opportunity for the Claimants who were, in effect, two businessmen running relatively small British travel agency businesses. 

Although payments extending to over £380,000 were made by the Claimants following a course of meetings and introductions allegedly effected by Advani, no lucrative GSA was ever awarded.  The Claimants raised an action against both Advani and DWS as her employers on several grounds including personal breach of duty on the part of Advani and vicarious liability on the part of DWS.  

The Claimants failed to recover any of their losses.  Mr Justice Hamblen applied the maxim ex turpi causa non oritur actio, which is translated in Trayner as “No right of action arises from a disgraceful or immoral consideration – that is, no action can be maintained on a contract or obligation, the consideration of which was disgraceful or immoral” (Trayner’s Latin Maxims, 4th edn, 1993).  The amounts to be paid as part of the deal were so large that they could not possibly have constituted either payment for the agency work or payment for legal fees.  They were nothing other than a bribe, a fact which must, according to Mr Justice Hamblen, have been known to the Claimants as experienced businessmen.

Although the Claimants’ case entirely failed on the issue of illegality, Mr Justice Hamblen proceeded to analyse the legal questions which would have been relevant had illegality not represented a fundamental bar to recovery.  In paragraphs 130 to 162 he identifies and applies the law of apparent authority, using Bowstead & Reynolds (para 8-013) as his primary authority.  The need for a representation from the principal is asserted (para 134).  DWS having made no direct representations that Advani was authorised to carry out the various actions which she carried out, the Claimants failed to establish that DWS as principals could be held liable for the Claimants’ losses on the basis of apparent authority. 

The case based on apparent authority having failed, the only basis on which DWS could have been vicariously liable was that Advani’s actions fell within her actual or usual role and business of a solicitor performing her role, i.e. her implied authority (para 136). 

DWS sought to distance themselves from Advani’s alleged activities by arguing that the Claimants could not have been DWS clients, none of the correct procedures having been completed by Advani e.g. formal letters of client care, letters of retainer, and no fee having been payable to DWS for the services rendered.  These submissions cut little ice with Mr Justice Hamblen who indicated: “…whilst there was never a formal solicitor/client relationship between the Claimants and DWS, a solicitor and/or his or her firm may well assume a duty of care to a potential client before that stage is reached.  For example, it would be no means uncommon for legal advice and assistance to be given to a potential client for the purposes of seeking to persuade him or her to become a client” (para 147). 

The case therefore provides a salutary reminder that a law firm cannot determine when its liability to a client begins.  If the actions fall within an individual solicitor’s implied authority, the firm will be liable, even though the firm would not consider the third party in question necessarily to have the status of a client. As Mr Justice Hamblen indicated: “Ms Advani could therefore have assumed a solicitorial and advisory role towards the Claimants prior to any formal retainer being made…” (para 148).

Finding that the deal-broking carried out by Advani went far beyond either her role as a marketing and business developer for DWS or as a solicitor for DWS, the judge concluded that her role was being carried out essentially for her personal gain rather than for that of DWS (para 158).  He further found that “…it would have been objectively apparent to reasonable and competent people in the Claimants’ position that she was not performing a solicitorial or legal advisory role, and that her allegedly negligent actions were not so closely connected with the employment that it would be fair and just to hold DWS vicariously responsible" (para 159).

Although DWS were not vicariously liable, that did not prevent Mr Justice Hamblen from finding that, had the Claimants not been barred by the issue of illegality, Advani would have been personally in breach of a duty of care towards the Claimants.  This would have resulted in liability on her part for 80% of their recoverable damages.           
 

Professional Liability in the Courts

The Outer House case of Credential Bath Street Limited v Venture Investment Placement Ltd from 2007 illustrates the ongoing potential for divergence between approaches to interpretation of contracts north and south of the border. 

When the tenants defaulted under a lease, the landlord (Credential Bath Street Ltd) raised an action to enforce the guarantee against the holding company, the guarantors.  The Outer House was required to construe the clause in the guarantee which transferred liability to the guarantor.  Lord Reed’s conclusion was that the landlord had failed to demand performance from the guarantor in terms of the guarantee clause before the deadline passed.   Thus, the guarantor was not liable to the landlord.

In reaching this conclusion, Lord Reed (then in the OH) drew on both the “Hoffmann approach”, which considers the surrounding circumstances or factual matrix of the disputed provision, and the approach taken by the Inner House, which asks what the ordinary meaning is of the words.  (The Hoffmann approach was famously advanced by Lord Hoffmann in Investor Compensation Scheme Ltd v West Bromwich Building Society [1998] 1 W.L.R. 896.) 

Lord Reed emphasised that the meaning of a document is not the same as the meaning of its words.  It is necessary to read the words in a contract in the context in which they were written (ie with regard to the surrounding circumstances).  Nevertheless, he interpreted the disputed clause by asking whether the commercial background led away from the starting point “that one would ordinarily expect the parties to a formal document to have chosen their words with care, and to have intended to convey the meaning which the words they chose would convey to a reasonable person.”  Thus, words should be given their ordinary meaning, unless the surrounding circumstances make it clear that an alternative reading was intended by both parties. Lord Reed also referred to Lord Hoffmann, to emphasise that where the ordinary meaning of the words makes sense in the context of the document and the factual background, then “the court will give effect to that language, even though the consequences may appear hard for one side or the other.”

Although Lord Reed attempted to use both approaches as complementary, the Inner House has recently emphasised the continuing differences between the two jurisdictions, in Multi-Link Leisure Developments Limited v North Lanarkshire Council.  The Inner House indicated that the ordinary meaning of the words should be used, and that Lord Hoffmann's approach should not be assumed to be relevant in every case:  "In any event, Lord Hoffmann’s observations were made in the context of commercial contracts, where this case is about a Scottish lease of heritable property.  The man on the Jubilee line on his way to Canary Wharf has less to say to us in this context than the Scots conveyancer with whose mindset we are more familiar."  (from Multi-Link Developments Ltd, at para 24).

As a footnote to the ongoing complexities of contractual intepretation, it is interesting to note that the unsuccessful party in Credential Bath Street v Venture Investment has now raised a second legal action.  Rather than continuing to claim against the tenant in default, the landlords have turned to their legal advisers, claiming breach of professional duties.  Last month, Lord Glennie allowed a proof before answer to establish whether or not Credential’s solicitors were indeed in breach of their contractual and delictual duties towards their clients:  Credential Bath Street Limited v DLA Piper SCotland LLP.  The client’s claims were robustly defended by the solicitors.  Since the matter is going to a proof before answer, Lord Glennie declined to comment on the merits of the various arguments.  The outcome of the next step will no doubt be awaited with interest by the profession as a whole.