U.K. Victory for Google Confirms U.S.-Style 'Opt-Out' Class Actions Still Beyond Claimants' Reach
Lloyd v. Google was an attempt to recover compensation from Google on behalf of millions of unidentified, and uninvolved, individuals, and the internet giant's victory has confirmed that hurdles remain to bringing such litigation in the U.K.
October 29, 2018 at 07:00 AM
7 minute read
The Claim
The representative action was brought by campaign group 'Google You Owe Us', led by Richard Lloyd, the former executive director of Which? Magazine. Lloyd was applying to serve proceedings on Google in the U.S., alleging that Google breached the principles of the Data Protection Act 1998 through its “Safari Workaround”.
Following the U.K. High Court's decision in Vidal-Hall v. Google, there are clear arguments to be made that the Safari Workaround breached the Act by collecting private data from individuals using Apple's Safari browser on iPhones, without their knowledge or consent. However, the Lloyd decision makes clear that potential claimants still have a number of hurdles to overcome before they will succeed in recovering damages from Google.
The claimant sought compensation of up to £750 pounds for each of the 4.4 million affected individuals, potentially leaving Google facing liabilities of between £1 and £3 billion. This amount was said to reflect the benefit Google obtained from the data's wrongful use. Lloyd's claim was backed to the tune of £15.5 million by a litigation funder.
In order to obtain permission to serve the claim in the U.S., Lloyd needed to show that (a) the claim has a reasonable prospect of success, (b) it falls within one of the jurisdictional “gateways” set out in paragraph 3.1 of Practice Direction 6B of the U.K. Civil Procedure Rules (in this case, the applicable gateway involved demonstrating that there was “a real issue” to be tried), and (c) the England court is the appropriate forum. His application failed the tests in (a) and (b).
|Why Did It Fail?
In order to demonstrate that the claim would have a reasonable prospect of success, Lloyd needed to show both that the underlying merits of the claim were sound and also that a court would allow his representative action to proceed. The court in fact held that:
1. Lloyd did not have a reasonable prospect of persuading a court that he, and other affected individuals, had suffered actual damage. Although English law now recognises that compensatable damage for data protection breaches need not be financial loss (it's enough to show non-material loss, for example anxiety/distress/inconvenience), damage must still be proved to have actually occurred before damages will be awarded. Mr Lloyd's claim did not identify any actual harm. (Although this claim was brought under the DPA 1998, the new UK data protection legislation, the Data Protection Act 2018, adopts the same tests in respect of damage to be shown following breach.)
2. Lloyd also did not have a reasonable prospect of having his representative action accepted by the court. Applying Rule 19.6 of the UK Civil Procedure Rules, the judge found that the affected individuals would not all have the “same interest” (required before a representative action can be recognised). He based this on the likely variations in the nature and extent of breaches, and the impact upon each individual.
3. The judge also held that the resources required to try the claim would be disproportionate and allowing it to continue would not align with the court's “overriding objective” to deal with cases justly and at proportionate cost. Given the lack of an identifiable class of claimants, Lloyd's failure to plead actual damage and the relatively low level of damages being claimed on behalf of each affected individual, there was therefore also no “real issue” to be tried.
Lloyd has sought permission to appeal the judgment, arguing that it has left no practical way for individuals to seek redress when their private data is used without consent.
|What Does This Mean?
Much has been said about the likelihood of increased collective actions in Europe following the introduction of the GDPR in May 2018. Whilst this may well happen, this case serves as a useful reminder that here in the U.K., we remain some way off witnessing the development of a class action regime on the scale that exists in the U.S.
First it confirms that a rigorous test of standing will apply before a collective action will be allowed in the U.K. Courts will expect evidence in pleadings to demonstrate that actual harm has been suffered (or is likely to be) and that a clear class of claimants has been adequately defined and identified. U.S. companies will be familiar with the debate caused by the Supreme Court's opinion in the Spokeo case, wherein similarly exacting requirements were applied to class action standing.
It also appears that the courts will expect a minimum threshold of damages to apply before they are willing to commit resources to hearing a trial. One comment made by the judge in the Lloyd case was that the main beneficiaries of the action would be the lawyers and the litigation funder. This dampens speculation that we will necessarily see more class actions as a result of increased litigation funding. It had been thought that, provided the total pot of recoverable damages is large enough for a funder to back an action, there would be no reason not to proceed. It now appears, however, that a second filter will need to be applied to the test—will the total pot remain large enough to impress a judge, once legal and success fees have been removed from it?
One final piece of food for thought: It is likely that, driving the court's decision in Lloyd, was the decision made by Parliament when passing the Data Protection Act 2018 not to take up the opportunity provided by Article 80 (2) of the GDPR to permit representative actions to be brought for data protection breaches even without a data subject's mandate. Indeed, the judge comments that “this claim is a contrived and illegitimate attempt to shoe-horn a novel “opt-out class action” into the representative action procedure.” Whilst rule 19.6 of the Civil Procedure Rules is drawn widely enough to allow it, theoretically, to be used whether all potential claimants to an action have opted in expressly or not, the judge did not interpret it in this way.
The U.K. courts will therefore continue to entertain collective actions, either by way of representative action or group litigation, only where affected individuals have consented to the action being brought on their behalf. Interestingly, though, following heavy pressure from campaigners prior to its introduction, the DPA 2018 has committed the U.K. Secretary of State to a review of whether data subjects should have to “opt in” by 2020, so Google and others would be well advised to watch this space…
Bryony Hurst is a Partner in Bird & Bird's international Dispute Resolution Group, based in London, specialising in commercial litigation and technology and media law. She advises clients on complex, fact-heavy commercial disputes, with a primary focus on disputes relating to the technology, communications and media sectors. She acts for both corporate clients (including IT and telecommunications providers, major film and broadcasting organisations, and internet corporations) and individuals on disputes spanning the commercial spectrum. Jonathan Robb is an Associate in Bird & Bird's international Dispute Resolution Group based in London.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllTrending Stories
- 1While Data Breaches May Lead to Years of Legal Battles, Cyberattacks Can be Prevented
- 2The Definition of Special Employment
- 3People in the News—Nov. 21, 2024—Willig Williams, Hangley Aronchick
- 4Rawle & Henderson Hires New Del. Managing Partner
- 5Divided State Court Reinstates Dispute Over Replacement Vehicles Fees
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
