Employer not vicariously liable for employee’s deliberate data breach
In a welcome decision for employers, the Supreme Court has ruled that an employer was not vicariously liable for a significant data breach committed by a disgruntled employee.
Employers cannot necessarily refuse disclosure because it breaches data privacy of others
The Court of Appeal has provided welcome guidance for data controllers in cases concerning mixed data.
Morrisons held vicariously liable for its employee’s data protection breach
Employment Law News Morrisons, the supermarket chain, has been held liable for a disgruntled employee’s wilful breach of data protection legislation. Mr Skelton was employed by Morrisons as a senior IT internal auditor. This role gave him access to sensitive...
Proportionality and data subject access requests
An employer must only conduct a proportionate search, and give a proportionate response, to data subject access requests it receives.