United Kingdom Leading Case claim formsdata protection

Lloyd v Google LLC

[2021] UKSC 50

JurisdictionUnited Kingdom

CourtUK Supreme Court

Year2021

StatusBinding authority

Summary

Representative actions under CPR 19.6 cannot proceed for DPA 1998 damages where class members' claims depend on individual circumstances, failing the 'same interest' requirement.

Key Principle

A representative action under CPR 19.6 cannot be brought for damages for breach of the Data Protection Act 1998 where each class member's claim depends on individual circumstances; the 'same interest' requirement is not met.

Area of Law

data-protection

Related Cases

ASIC v RI Advice Group Pty Ltd [2022] FCA 496

A financial services licensee breached its statutory duty to act efficiently and fairly by failing to implement adequate cybersecurity measures to protect client data.

Re SingHealth [2019] SGPDPC 3

Singapore's largest data breach involving 1.5 million patient records held to constitute breach of PDPA protection obligation due to systemic IT security failings.

R (Bridges) v Chief Constable of South Wales Police (Facial Recognition) [2020] EWCA Civ 1058

Police deployment of automated facial recognition technology engages Article 8 ECHR and requires sufficiently precise legal authority, necessity, and proportionality; the existing framework was inadequate.

Ask CommonBench about this case

Get a detailed analysis of Lloyd v Google LLC and how it applies to your situation.

Explain Lloyd v Google LLC