The GDPR – 12 months and counting

The General Data Protection Regulation (GDPR) was approved and adopted by the EU Parliament in April 2016. The regulation will take effect after a two-year transition period and come into force on 25 May 2018.

The impact of these changes and identifying potential compliance issues under the GDPR will be a challenge for many organisations. The maximum fine that can be imposed for serious infringements is €20 Million, or up to 4% of annual global turnover.

Within your own organisation, key individuals and decision makers should be made aware that the law is changing and they shall have one day from today to ensure their data protections affairs are in order.

This article highlights ten very straightforward steps you can consider implementing in the next 12 months to ensure your organisation is compliant with GDPR.

1.)  Brexit and GDPR

Our clients regularly ask us: should we continue with planning and preparation for the imminent changes to GDPR in light of Brexit?

The short answer is ‘yes’. The UK Government has already said that Brexit will not affect the commencement of GDPR with and this is unlikely to change.

Even if there was a wholesale change of direction, if your organisation sells goods or services to citizens in other EU countries it will be required to process data about those individuals and as a result, the EU will consider the GDPR to apply to you regardless.

2.)  The rights of individuals

The GDPR includes the following rights for individuals:

  1. the right to be informed;
  2. the right of access;
  3. the right to rectification;
  4. the right to erasure;
  5. the right to restrict processing;
  6. the right to data portability;
  7. the right to object; and
  8. the right not to be subject to automated decision-making including profiling.

Of the above, data portability is a new right.

Recommendation: This is an excellent time for your organisation to check internal procedures and to work out how you would react to a request in connection with the above list – consider whether your systems would help you to locate the relevant data and who would make the necessary internal decisions.

3.)  Consent

Your organisation will not be required to automatically ‘repaper’ or refresh all existing DPA consents in preparation for the GDPR. However, the nature of the consent required will place more demands on your business. 

Recommendation: Your organisation should review how you seek, record and manage consent and whether further changes need to be made to ensure the GDPR standard is met in future. Note that consent must be:

  1. freely given, specific, informed and unambiguous;
  2. there must be a positive opt-in and consent cannot be inferred from inactivity, silence or pre-ticked boxes; and
  3. the withdrawl of consent must be as easy as giving it.

4.)  The lawful basis for processing personal data

Under the GDPR, individuals’ rights will be modified depending on the legal basis your organisation has for processing their personal data. 

Recommendation: Your organisation should identify the lawful basis for your processing and document and update your privacy notice to clarify this. It will also be necessary to explain the lawful basis for processing personal data in your privacy notice and when you answer a subject access request.

5.)  Subject access requests

The GDPR rules are changing with regards access requests. After 25 May 2018, your organisation will:

  1. not be able to charge for complying with a request;
  2. have a month to comply with a request, rather than the current 40 days;
  3. be able to refuse or charge for requests that are manifestly unfounded or excessive; and
  4. if you refuse a request, your organisation must without undue delay (and at the latest) within one month: (a) tell the individual why; and (b) set out that they have the right to complain and to a judicial remedy.

Recommendation: Your organisation should consider updating your procedures and plan in connection with how to handle requests.

6.)  Information held by your organisation

The GDPR requires you to maintain records of your organisation’s processing activities. 

Recommendation: Your organisation should document all personal data you hold, where it came from and who you share it with. We recommend considering undertaking an information audit across your organisation in preparation for GDPR.

7.)  The communication of privacy information

When collecting personal data, the collector is required to share certain information (such as their own identity and how they intend to use the information to be disclosed). This is usually done through the use of a privacy notice. The GDPR will now require additional items to be included.

Recommendation: Your organisation should review its current privacy notices and put a plan in place for making any necessary changes in time for GDPR implementation.

Also consider the new right of Data Portability which is data portability which is the right for a data subject to receive personal data concerning them (which they have previously provided in a ‘commonly used and machine readable format’) and have the right to transmit that data to another controller.   It only applies:

  1. to personal data an individual has provided to a controller;
  2. where the processing is based on the individual’s consent or for the performance of a contract; and
  3. when processing is carried out by automated means.

8.)  Data breaches

Where a data breach is likely to “result in a risk for the rights and freedoms of individuals” its notification will become mandatory. Controllers must notify:

  1. the competent supervisory authority within 72 hours; and
  2. affected data subjects without undue delay.

Recommendation: your organisation should ensure it has the correct procedures in place to detect, report and investigate a personal data breach (some organisations are already required to notify the ICO and possibly some other bodies, when they suffer a personal data breach and this has been given as a warranty or occasionally as the basis for an indemnity, in modern commercial agreements). Where a breach results or is likely to result in a high risk to the rights and freedoms of individuals, your organisation will have to notify those concerned directly in most cases. Failure to report a breach when required to do so could result in a fine, as well as a fine for the breach itself.

9.)  Data Protection Officers (“DPO”)

DPOs must be appointed in the case of:

  1. public authorities;
  2. organisations engaging in large scale systematic monitoring; or
  3. organisations engaging in large scale processing of sensitive personal data. 

Recommendation: Consider whether your organisation falls into one of the above categories. If not, there is no requirement to appoint a DPO.

10.)  Children

The GDPR will for the first time bring in special protection for children’s personal data.

Recommendation: If your organisation offers online services to children and relies on consent to collect information, a parent or guardian’s consent in order to process their personal data lawfully may be required. 

If you have any queries about this article please do not hesitate to contact the authors:

 

Tate Chakrabarty                                             Phil Gorksi
Associate Solicitor                                           Solicitor
Corporate and Commercial Team             Commercial Dispute Resolution Team
TChakrabarty@LawBlacks.com                 PGorski@LawBlacks.com
0113 227 9260                                                    0113 227 9318

 

Posted in Company & Commercial Law | Leave a comment

Failing to Make It Over the Finishing Line

Part 36 is a provision in the Civil Procedure Rules that creates a certain type of settlement offer which can carry significant costs and/or interest penalties if it is not accepted by the opposing party and that party then fails to beat the offer at trial.  Part 36 Offers are made on a “without prejudice save as to costs” basis meaning that the Court is not made aware of them until after it has given judgment but before it has made an Order in relation to who should pay for the cost of the proceedings.

Part 36 Offers are designed to encourage parties to settle without going to trial and, if used wisely, they can be a potent negotiating tool.  Making a Part 36 Offer should not be seen as a sign of weakness but instead as an appropriate means of putting pressure on an opponent to settle the dispute.

In the case of Marathon Asset Management LLP v Seddon & Bridgeman, Marathon pursued a claim against Mr Seddon and Mr Bridgeman, two former employees, for taking confidential information belonging to Marathon before they left the company.  Marathon sought damages of £15m against their former employees but the Court only awarded nominal damages of £1 against each Defendant as they had not used the information that they had taken and, in any event, Marathon had suffered no financial loss as a result.

Recently, the matter returned to Court for the Judge to deal with the issue of costs.  Usually, the successful party in litigation is awarded his costs of that litigation.  However, even though Marathon had technically “won” (as it was awarded damages against the Defendants), the Judge ordered it to pay the majority of the Defendants’ costs on the basis that Marathon had failed to accept a Part 36 Offer made by the Defendants during the proceedings – the Defendants had made a £1.5m Part 36 Offer to Marathon but that offer had been rejected.

As Marathon had failed to beat the Part 36 Offer (as it was only awarded damages of £2) the Judge considered it to be a “game changer” in terms of deciding whether Marathon should be entitled to its costs.  He ruled that Marathon should pay the Defendants’ costs from the date when the Part 36 Offer was rejected.  In the words of the Judge: “the offer made by the Defendants should have rendered that dispute entirely academic… the costs consequences should be visited on parties in Marathon’s position who, instead of taking a realistic attitude, open their mouths too wide”.

This case should act as a stark warning to litigants to consider Part 36 Offers carefully and to accept any which are sensible instead of continuing to litigate.

Picture of Luke Patel

Luke Patel

Luke Patel
Partner
Commercial Dispute Resolution Team
LPatel@LawBlacks.com
0113 227 9316
@LukeLawBlacks

Posted in Commercial Dispute Resolution | Leave a comment

Russian billionaire changes his mind in special contribution divorce case

Yet another special contribution case has hit the headlines, with the news yesterday that a Russian billionaire has been ordered to pay £453million to his ex-wife, or roughly 41.5% of the total matrimonial assets. The wife had claimed that the husband was worth over £1billion.

The judgement has not yet been published, the specific facts of the case are not yet apparent and neither the Husband nor the Wife were present in court for the ruling.

It has been reported however that the Husband changed his mind after initially indicating that he would try to argue a ‘special contribution’ in the marriage, the success of which would significantly affect the manner in which the assets would be divided.

The judge delivering the ruling, Mr Justice Haddon-Cave said that the Husband and the Wife had made “equal contributions to the welfare of the family”.

The case is the latest in a trend of family finance cases before the courts where one party to the marriage is claiming a special contribution. In such cases the more wealthy party (usually the husband) tries to argue that their financial contribution to the family wealth is so extraordinary that it would be inequitable to disregard it and that the court should depart from the usual sharing principle.

There have been very few successful special contribution arguments reported in the family courts and indeed only three in twelve years. Very recently the case of Work v Gray (2017) debated the concept of ‘genius’, a word which the appeal judge Holman J had said was “unhelpful”.

In Work v Gray Holman J was not convinced that the Husband was a genius and instead was in the right place at the right time with regard to his work in establishing the family wealth. Accordingly he decided that the Wife’s contribution in raising the family was equal to the financial contribution.

At the Supreme Court, the Husband’s counsel argued that instead of having regard only to the qualities of the person making the contribution, the court ought to review the size of the contribution. Further if the size was not sufficient to justify a special contribution, then the court should then revert back to the question of the individual skills of the person making the contribution.

This argument was rejected and the court ruled that if successful, it “would unfairly elevate a financial contribution above other forms of contribution”.

Hence the principle laid out 17 years ago by Lord Nicholls in the landmark case of White v White (2000) still stands firm: “it matters not which of them earned the money and built up the assets. There should be no bias in favour of the money-earner and against the home-maker and the child-carer.”

These decisions being made by the court suggest a marked reluctance of the Judiciary to accept special contribution. It has been reported that the footballer Ryan Giggs will try and advance such an argument in his forthcoming divorce. Specific remarks made by Holman J regarding ‘highly paid footballers’ in the failed appeals of Work v Gray suggest he will struggle to succeed.

The question for the judiciary therefore is not with regard to the size of the contribution but the special individual skills of the contributor. Does the individual have that spark of genius that sets him/her apart and is that enough to justify a departure from equality? Three successful cases in twelve years suggest that such individuals are few and far between.

Andrew Smith

Andrew Smith
Associate Solicitor
Family Law Team
AJSmith@LawBlacks.com
0113 3222807

Posted in Family Law | Leave a comment

Shareholder’s Undertaking Not Good Enough

In civil proceedings, where a claim is brought by a corporate entity the defendant can, if it has evidence that the claimant is unlikely to be able to pay its legal costs in the event the claimant loses, apply to the court for an order for security for costs.  If granted, the claimant would be required to pay money into court to cover the defendant’s costs before the claim can proceed.  Security for costs applications are therefore a useful weapon in a defendant’s armoury if they are faced with a potentially impecunious claimant company.

Nowadays claimants can obtain after the event (ATE) insurance to cover their legal costs if they are unsuccessful with their claim. However, ATE policies can be expensive and may not always be a viable option.  Claimants who have cover are better able to defeat applications for security for costs on the basis that the defendant’s costs are covered by the policy.

In the case of Dunn Motor Traction Limited v National Express Limited, the claimant was pursuing a £20m claim in respect of profits which it claimed it had lost due to the defendant wrongfully terminating a contract between the parties.  The defendant applied for security for costs as the claimant had conceded that due to the effect of the termination of the contract its financial position had dramatically deteriorated to the extent that it might not be able to meet the defendant’s costs if it lost the case.

The claimant did not have an ATE insurance policy but its sole shareholder, Mr Dunn, provided an irrevocable undertaking to indemnify the claimant in respect of its costs liability to the defendant.  The claimant argued that this was comparable to cases that have held that the existence of an ATE insurance policy provided satisfactory security.

However, the High Court disagreed.  The judge found that the approach taken by the courts towards ATE policies did not apply to an indemnity provided by a shareholder.  The reasons for this were because the counterparty to an ATE policy is a “responsible and reputable insurer” whereas the shareholder of a claimant company is, effectively, the adversary of the party seeking security for costs.  Further, whereas ATE policies were a central feature of the ability of parties to gain access to justice, an indemnity provided to a company by its owner in respect of the company’s liability to bear legal costs was not.  Security for costs was therefore granted in favour of the defendant.

This case demonstrates that indemnities from third parties such as shareholders are not adequate security in the same way as ATE insurance policies and that claimants, particularly corporate entities, need to consider obtaining ATE insurance cover if there is likely to be any doubt regarding their ability to meet adverse cost liabilities.

Picture of Luke Patel

Luke Patel

Luke Patel
Partner
Commercial Dispute Resolution Team
LPatel@LawBlacks.com
0113 227 9316
@LukeLawBlacks

Posted in Commercial Dispute Resolution | Leave a comment

Chinese Village’s Rush for Divorce

Divorce is something that should be given serious thought, so we were surprised to hear of what’s been happening in the small Chinese village of Jiangbei recently.

In the village, a mass of couples are filing for divorce in the hope of striking it rich. This comes after the news that the area is being demolished to make way for a new high-tech industrial zone. http://www.bbc.co.uk/news/world-asia-china-39150594

Compensation has been offered to the residents of Jiangbei in the form of one 220 square metre house, but the savvy villagers have realised that they could qualify for 2 homes if they were divorced. If single residents were to receive a new house by way of compensation while married couples were limited one co-owned home, then a divorced couple could surely claim compensation as singles. The expectation is that divorced couples could claim an additional 70 square metre property and also some cash in compensation.

As a result, several dozen couples have filed for divorce, but this isn’t a case of money over love – many couples have stated they will continue to live together and expect to remarry at a later date. It remains to be seen whether any of the divorced couples will really obtain the additional compensation, but it seems the villagers are willing to take the risk.

Sarah Scullion

Sarah Scullion

Sarah Scullion
Paralegal
Family Team
0113 227 9215
SScullion@LawBlacks.com

Posted in Family Law | Leave a comment

Lasting Powers of Attorney

As the owner of a Holiday Park or a Residential Park it is important that you plan for the future to protect your business assets. As part of this, it is key to plan ahead and give authority to a trusted person (or people) to handle your finances and carry on your business if you are ever unable to do so yourself.

It is always a sensible idea to have a back-up plan for times when you may not be able to handle the business yourself, from being stuck at home with a nasty case of flu to the more serious case of mental incapacity.

One advisable step to be taken by all park owners is to have a financial Lasting Power of Attorney (an ‘LPA’) which will allow you to appoint up to four people to handle your finances if you become incapable of handling them yourself. There are strict rules in place governing how an attorney can act under an LPA including a duty to always act in your best interest. It is important to pick someone who you know well and can trust to handle to your affairs. You could decide to appoint a professional attorney to act either solely or alongside your family members or a business associate in order to keep your business running as smoothly as possible.

Please note that nobody would be able to handle your finances without a Lasting Power of Attorney if you do lose capacity, without first applying to the Court of Protection. Someone would be able to apply to the Court for an Order to be appointed as your Deputy, however this is a much longer and more expensive route which can cause a lot of additional stress in an already stressful situation.

Another aspect to consider is also completing an LPA to allow your attorney to make decisions about your health and welfare, including decisions about life sustaining treatment. This gives you the option to appoint those you trust to make decisions about your daily life and care if ever you are mentally incapable of speaking to doctors or social workers, for example.

Further to this, instructions and preferences can be included in both types of LPA to help guide your attorneys when making decisions on your behalf.

As at the beginning of this month, the Office of the Public Guardian has reduced the court registration fee for each Lasting Power of Attorney from £110 to £82.

Please contact our Wills and Probate Team if you wish to discuss Lasting Powers of Attorney and how we can help you plan for the future of your business.

Annie Beaumont

Annie Beaumont

Annie Beaumont
Paralegal
Wills and Probate
ABeaumont@LawBlacks.com
0113 2279 269

Posted in Holiday and Home Parks | Leave a comment

Underpayment of Court Fees Revisited

There have been a number of cases in the last few years that have considered the consequences for a claimant when an incorrect court fee has been paid upon the issue of a claim.  In the case of Lewis & Others v Ward Hadaway which was referred to in this publication last year, the Court found that there had been an abuse of process by claimants who had deliberately understated the true value of their claim in order to pay a lower fee.

In Wells v Wood & Another, which was heard last month by the County Court in Lincoln, this issue was once again considered.

In this case, the claimant had issued a claim shortly before the expiry of the limitation period but had paid the wrong court fee for the value of the claim.  The defendants raised the issue of limitation in their defence and the court therefore had to consider whether the claim was statute-barred (i.e. it was brought too late) because the incorrect court fee had been paid when it was issued.  The defendants argued that, without the appropriate fee being paid for the claim, it had not stopped time running out irrespective of whether or not the incorrect payment was an innocent mistake or a deliberate attempt to issue proceedings without paying the appropriate fee.

However, the court disagreed and held that a claim form issued and sealed by the court was effective for limitation purposes regardless of the fee paid and the issuing of the claim form marked the commencement of proceedings.  In the judge’s view, any question regarding the court fee was between the paying party and the court service.

The judge acknowledged that there may be instances where there is an allegation of an abuse of process in the payment of the court fee but he found that was not the position in this case.  Instead the claimant’s solicitors had underpaid the court fee because they had not properly appreciated the true value of the claim until later on and upon discovering that they immediately took steps to remedy the mistake.  There was therefore no suggestion that there had been any abuse of process.  Accordingly, the payment of the wrong court fee had no effect on the validity of the claim form and the stopping of the limitation clock.

This case appears to draw a distinction between the deliberate underpayment of a court fee and an underpayment which has occurred as a result of an innocent mistake; the former will be penalised but not the latter.

Picture of Luke Patel

Luke Patel

Luke Patel
Partner
Commercial Dispute Resolution Team
LPatel@LawBlacks.com
0113 227 9316
@LukeLawBlacks

Posted in Commercial Dispute Resolution | Leave a comment