The Daily Mail, Dorries and Data Protection

Community Trade Mark E7490592

Our last two posts addressed the position of Nadine Dorries MP under the Data Protection Act 1998 (the “DPA”) in respect of sensitive personal data concerning her partner’s wife posted on the MP’s website in her Personal Statement to the Press (here and here).

It appears that the Personal Statement to the Press may have been made in anticipation of a story being published in the Daily Mail the following day on the MP’s new relationship. In that story the same sensitive personal data was published, raising the question of whether the Daily Mail was itself potentially in breach of the DPA.

There is one material difference between the two cases. The Daily Mail, being a news organisation, can rely on the exemption at section 32 of the DPA. This applies where the processing of personal data, including the publication of it, is done for the special purposes of journalism, literature or art.  It is not a complete exemption from the provisions of the DPA, but it does permit a journalism organisation which “reasonably believes that, having regard in particular to the special importance of the public interest in freedom of expression, publication would be in the public interest” to breach a data protection principle (section 32(1)(b)) to breach a data protection principle where it “reasonably believes that, in all circumstances, compliance [with the data protection principle] is incompatible [for the purposes of journalism]” (section 32(1)(c)).

Publication, it is clear, includes making the journalistic material available to the public or any section of the public by any media (from section 32(6)).

A subject of any journalistic material retains their right to bring an action for compensation, including damages for distress (section 13(2)(b)), which means that any newspaper wishing to publish must weigh up the risk of being sued under the DPA and a court finding that newspaper could not have had a reasonable belief that the publication was in the public interest.  There are extremely few cases on this point, but perhaps the most notable is the Naomi Campbell case.  She brought a case against the Mirror as a result of pictures being published of her leaving a Narcotics Anonymous meeting.  The data protection aspect of the case was thoroughly described by the Master of the Rolls, Lord Phillips, when the case was appealed to the Court of Appeal (Naomi Campbell v Mirror Group Newspapers [2002] EWCA Civ 1373, subsequently appealed to the House of Lords [2004] UKHL 22).  At the Court of Appeal it was determined that the publication was in the public interest so that the section 32 exemption applied.  In the House of Lords the case was determined upon the basis of the balance of rights under the Human Rights Act 1998 rather than expressly dealing with the DPA, but this can be implied from section 32(1)(b) as being the balance between the right to freedom of expression and the right to privacy.

So in deciding whether the Daily Mail has breached the DPA, you have to consider, as a court would, whether there were grounds for a reasonable belief that publication of information on her partner’s wife was in the public interest.

An FOI opportunity missed?

The Minister of Justice, Jack Straw, has disclosed in an audit report that 954 convicted criminals who had been released on licence from prison and then recalled, are still at large.  The Daily Mail, in its article on the story, reported that the Durham and Surrey police forces cited the Data Protection Act 1998 as their reason for not being able to name criminals in their area who are at large.

We suspect that the Mail’s journalists must have contacted the police forces quoted in the story by telephone, which may explain the citing of the Data Protection Act 1998 (“DPA”) to decline the requested disclosure.   However, there is an argument that the prevention and detection of crime exemption at s.29 of the DPA could have been used to allow the disclosure, had the Durham and Surrey forces been so minded.

If the constabularies had been asked for the criminals’ details in writing, these would have been a freedom of information requests under the Freedom of Information Act 2000 (“FOIA”)(see s.8(1)).  It would have been interesting to see their reasoned explanation for their refusals (as required under s.17 of FOIA).   

The personal information exemption that a constabulary could have cited to deny the Mail the details (s.40 of the FOIA) is notoriously difficult to understand and apply.  However, it is arguable that none of the absolute exemptions from disclosure under s.40 apply, as none of the data protection principles would have been breached by a disclosure.  Instead, only the public interest test of the qualified exemption in s.40 would have applied.

It’s an interesting question:  is the public interest better served by having these criminals’ details in the public domain rather than by preserving their data protection rights (and arguably their safety and public order) by having their details retained?  Given that some other forces have published this information, it would appear the public interest may lie in disclosure.

Perhaps the Mail should pursue its story, using a written request under FOIA for these criminals’ names?