Our Website Uses Cookies 


We and the third parties that provide content, functionality, or business services on our website may use cookies to collect information about your browsing activities in order to provide you with more relevant content and promotional materials, on and off the website, and help us understand your interests and improve the website.


For more information, please contact us or consult our Privacy Notice.

Your binder contains too many pages, the maximum is 40.

We are unable to add this page to your binder, please try again later.

This page has been added to your binder.

Morrisons not liable for rogue employee data breach

April 1, 2020, Global Data Review

Daniel Cooper spoke with Global Data Review about a UK high court case involving the deliberate breach of personal information by a supermarket employee from Morrisons. The court ruled that the supermarket was not liable for the actions of the employee. Mr. Cooper described the decision as “dual-edged” and said that “when coupled with the Lloyd Court of Appeal decision – which is currently on appeal – this would mean that where an accidental act impacts individuals, those individuals could sue the employer based on its vicarious liability.” He adds that in that scenario, claimants could sue on a class basis under a representative action for loss of control of data, which could mean potentially greater liability for employers than individual group claims under a group litigation order, as was the case in the Morrisons dispute.

Share this article: