By Zoe O’Sullivan

In Lloyd v Google LLC [2018] EWHC 2599 (QB), the court has shed further light on the limits of a claim for compensation for breach by a data controller of its statutory duty to comply with the data protection principles in relation to personal data. The duty is set out in section 4(4) of the Data Protection Act 1998 (“the DPA”).

This was a claim brought against Google by Richard Lloyd, a former director of Which? and leader of the campaign group “Google You Owe Us” as a representative claimant representing a class of unknown individuals affected by the “Safari Workaround”. The Safari Workaround was also the subject of the earlier claim in Vidal-Hall v Google Inc [2014] EWCA Civ 311 in which the Court of Appeal refused to strike out a claim for misuse of personal data and under the DPA. (That claim was settled pending an appeal to the Supreme Court).