Morrisons not liable for rogue employee data breach

Morrisons not liable for rogue employee data breach

April 1, 2020, Global Data Review

Daniel Cooper spoke with Global Data Review about a UK high court case involving the deliberate breach of personal information by a supermarket employee from Morrisons. The court ruled that the supermarket was not liable for the actions of the employee. Mr. Cooper described the decision as “dual-edged” and said that “when coupled with the Lloyd Court of Appeal decision – which is currently on appeal – this would mean that where an accidental act impacts individuals, those individuals could sue the employer based on its vicarious liability.” He adds that in that scenario, claimants could sue on a class basis under a representative action for loss of control of data, which could mean potentially greater liability for employers than individual group claims under a group litigation order, as was the case in the Morrisons dispute.