A recent decision in the English High Court about internet cookie use has been making waves.
The judge decided that a claim form could be served out of the jurisdiction (on Google in California). This sounds like a dull procedural application, but it is exciting interest because of the comments of the judge about how people can object to the use of what might seem to be fairly trivial information about them.
A group of individuals complained that they had suffered distress as a result of how Google had used cookies on Apple's Safari browser.
Traditionally, they might just have argued breach of confidence. But the procedural rules involved required there to be a different kind of legal wrong - a tort.
Since the Naomi Campbell litigation in 2004 misuse of private information has been developing as a new tort. And in the subsequent Michael Douglas/Hello! litigation the Court of Appeal explained that someone’s privacy can be invaded by further publication of information or photographs that had already been disclosed to the public.
So what kind of private information might be protected? Naomi Campbell and Michael Douglas had objected to photographs and stories in the papers. Can data collected using cookies really be private information? The individuals bringing the case against Google said that private information about them could be gleaned from targeted advertising that appeared on their screens as a result of the cookies. Other people might see the screen and draw their own conclusions about that person’s characteristics or feelings. The judge concluded that this could be enough to be private information, and disclosing it could cause distress.
The individuals were also allowed to rely on the Data Protection Act 1998. Material appearing on their screens could be ‘personal data’ deserving protection. The judge was influenced by a European Working Party report on the Data Protection Directive, saying that search histories were personal data if the relevant individual could be identified.