Privacy and misuse of private information

Privacy law in the UK comprises several elements:

•
the right to respect for a private and family life in Article 8 of the European Convention on Human Rights (ECHR), incorporated into UK law by the Human Rights Act 1998 (HRA 1998)
•
the tort of misuse of private information, which protects citizens from unwarranted intrusion (Campbell v MGN), and
•
provisions in the Protection from Harassment Act 1997 (PHA 1997), which protect individual privacy

There is no single, overarching right to privacy in English law. However, HRA 1998 and the incorporation of Article 8 of the ECHR into domestic law mean that aspects of private life can be protected from unwarranted intrusion.

Right to a private and family life

Article 8(1) of the ECHR protects a person’s right ‘to respect for his private and family life, his home and his correspondence’. Underlying this right is the value attached by society to human dignity and autonomy; the effective protection of Article 8 rights enables individuals to pursue their own lives and to form relationships.

The Strasbourg jurisprudence

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.

TAKE A FREE TRIAL

Latest Information Law News

Freedom of information contempt certification in the Upper Tribunal (Bence v Cornwall Council)

Public Law analysis: In Bence v Cornwall Council, the Upper Tribunal (UT) found Cornwall Council in contempt for failing to comply with a Substituted Decision Notice (SDN) issued by the First-tier Tribunal (FTT) under the Freedom of Information Act 2000 (FIA 2000). The Council ultimately admitted it had not responded to the SDN within the prescribed 35-day period, and the UT further held that the Council remained in breach for a protracted period. Bence is the first reported case in which the UT has made a finding of contempt by a public authority in an information law case. The decision provides guidance on the respective roles of the FTT and UT in the contempt certification process. It also provides a helpful and comprehensive summary of the contempt regime as it relates to non-compliance with the FTT’s SDNs. Further, the judgment emphasises the seriousness of non-compliance by a public authority and the elements of civil contempt, in conjunction with Buzzard-Quashie, that sanctions for contempt on this basis may be severe. The case is also instructive in illustrating how a public authority may mitigate failures of compliance to avoid investigation and certification of contempt. Written by Gaelyn Fuhrmann, legal director at Wiggin LLP.

Court’s inherent jurisdiction and injunctive relief in harassment cases (Titan v Okunola)

Dispute Resolution analysis: This case concerned the court’s power to grant an injunction to restrain a litigant from sending abusive communications to an opposing party’s legal team. The High Court dismissed the application, stating that there was no ‘sound jurisdictional basis’ for such relief. The Court of Appeal held this was wrong: the court does have inherent jurisdiction at common law to protect the integrity of its own proceedings. However, the court agreed that refusal of the injunction was appropriate, as there was no ongoing risk and other discretionary factors weighed against relief. The judgment provides guidance for practitioners considering how to address disruptive litigation conduct. It clarifies the scope of the court’s inherent jurisdiction where behaviour poses a serious risk to the administration of justice. Where the conduct falls short of contempt, practitioners seeking such injunctions must also consider the impact of Article 10 ECHR, section 12 HRA, and litigation immunity. The case further highlights appropriate procedural routes and key discretionary factors relevant to injunctive relief. Written by Sarah Ellington, partner at Watson Farley & Williams LLP.

Information Law weekly highlights—5 March 2026

Welcome to this week’s edition of the Information Law weekly highlights a hand-picked summary of news analysis, updates and new content related to laws governing the use and dissemination of information and personal data. Each week these highlights focus on developments in key topics such as data protection, ePrivacy, cybersecurity, breach of confidence, misuse of private information, and defamation.

Data by any other name—Court of Appeal reverses Upper Tribunal’s ruling on the protection of ‘personal data’ (DSG v ICO)

Information Law analysis: In this case, the Court of Appeal unanimously allowed the appeal brought by the Information Commissioner’s Office (ICO), holding that it is sufficient that data which has been subjected to unauthorised or unlawful processing by a third party still constitutes personal data from the perspective of the data controller, even if it is pseudonymised ‘in the hands of’ the data controller and therefore anonymised ‘in the hands of’ the attacker. Accordingly, the court held, the data controller is required to take ‘appropriate technical and organisational measures’ (ATOMs) to protect that personal data against such hackers, even where those third parties cannot themselves identify the individuals to whom the data relates. Even though this judgment is under the Data Protection Act 1998 (DPA 1998), this decision is significant as it confirms, in terms equally applicable to the United Kingdom General Data Protection Regulation, Assimilated Regulation (EU) 2016/679 (UK GDPR), that the scope of the security obligation is not diminished merely because stolen or exfiltrated data would be anonymised in the hands of the third party with unlawful access. This development expands and makes more pressing the obligation on controllers to assess and guard against a broader range of threats—including ransomware, data destruction, and bulk exfiltration, regardless of the attacker's capacity to re-identify data subjects. Written by Adelaide Lopez, senior associate at Wiggin LLP.

View Information Law by content type :

News