Defamation and data protection claims can be brought in parallel

by White & Case LLP

White & Case LLP

White & Case Technology Newsflash

The English Court of Appeal has confirmed in a recent case that data protection claims may be brought hand-in-hand with defamation claims. The case provides a reminder to businesses that the use of data protection as a weapon in litigation is growing ever more commonplace.

Claimants are increasingly turning to data protection as a tool for use in litigation, either as the subject matter of the litigation or as a means of obtaining evidence for use in another cause of action. As a result of this trend, the English courts are frequently faced with novel questions about the use of data protection law in the context of litigation.

The facts

In HH Prince Moulay of Morocco v Elaph Publishing [2017] EWCA Civ 29, the Court of Appeal was asked to determine whether claims for publishing inaccurate personal data under the Data Protection Act 1998 (the "1998 Act") could be introduced within existing defamation proceedings. The appeal decision arose as a result of a claim brought by Prince Moulay Hicham Ben Abdallah Al Alaoui of Morocco (the "Prince") against Elaph Publishing Limited ("Elaph") in light of an article published on Elaph's news website in October 2014. The article alleged that the Prince sought to sabotage the image of the Moroccan King Mohammed VI using a former boxer, Zakaria Momeni, to entrap Mounir Al-Majidi, an assistant and adviser to the King.

The Prince claimed that these allegations were untrue and had caused, or were likely to cause, serious harm to his reputation. He brought a claim against Elaph under section 1 of the Defamation Act 2013. The judge at first instance ruled that although the Prince had contended that the article was inaccurate, it was not necessarily defamatory, and struck out part of the Prince's claim on that basis.

The Prince sought permission to amend the particulars of claim, including to add a new claim under the 1998 Act which: (i) stated that the article included the personal data of the Prince that was stored and processed by Elaph; (ii) contended that Elaph was the controller of those personal data; and (iii) claimed the processing was a breach of section 4(4) of the 1998 Act (arguing that the data had not been processed fairly and lawfully, and had not been kept accurate and up-to-date, as required by Schedule 1 to the 1998 Act).

The judge allowed the amendment to the Prince's claim, on the basis that: (a) there was nothing contrary to principle in allowing parallel claims under the 1998 Act and the Defamation Act 2013; and (b) it was arguable that the Prince had a principled interest in ensuring an accurate record of his political activities. Further, the judge stated that such interest might justify pursuing proceedings in circumstances where there did not appear to be any voluntary body which could provide a binding adjudication on the accuracy of the article. The Prince and Elaph both appealed elements of this decision to the Court of Appeal.

The court's decision

The Court of Appeal agreed with the first instance judge's ruling that the Prince should be allowed to amend his particulars of claim to include a further cause of action under the 1998 Act. The Court held that "the different causes of action are directed to protecting different aspects of the right to private life" and that there is "no good reason of principle why a claim under the 1998 Act cannot be linked to a defamation claim…if the test for amendment is otherwise met" (at paragraphs 43-44). In addition the Court of Appeal held:

  • The judge at first instance was correct not to attempt to identify a general principle which would apply where a claimant seeks to join claims for defamation and under the 1998 Act – this suggests that decisions to allow such claims to be joined will turn on the merits of each individual case.
  • Where a defamation claim is successfully defended, a claim under the 1998 Act may provide an appropriate alternative means of redress for the claimant.
  • However, claimants will need to consider the basis for pleading damages in respect of any data protection law claim: the Court of Appeal noted that it was not correct to treat the damage arising under the two claims as effectively the same (as was done in the Prince's amended particulars of claim).
  • Further, the Court should take a role in managing the joint claims in accordance with the overriding objective (under Part 1 of the Civil Procedure Rules 1998) to ensure that the litigation process is used to reach a just result in a proportionate manner and, most importantly, is not used to stifle criticism under the pretext of correcting inaccuracy.

Impact on businesses

This case joins a growing body of English case law in which the courts have demonstrated an increasing willingness to find ways to allow claimants to bring claims under data protection law, regardless of whether more traditional claims (such as defamation) may fail on the same facts. Given the courts', approach businesses should be mindful that potential claimants are increasingly likely to explore any data protection claims that may be available to them.

Chris Ewing, a Trainee Solicitor at White & Case, assisted with the development of this publication.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© White & Case LLP | Attorney Advertising

Written by:

White & Case LLP

White & Case LLP on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at:

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.