Skip to main content
CLOSE

Charities

Close

Corporate and Commercial

Close

Employment and Immigration

Close

Fraud and Investigations

Close

Individuals

Close

Litigation

Close

Planning, Infrastructure and Regeneration

Close

Public Law

Close

Real Estate

Close

Restructuring and Insolvency

Close

Energy

Close

Entrepreneurs

Close

Private Wealth

Close

Real Estate

Close

Tech and Innovation

Close

Transport and Infrastructure

Close
Home / News and Insights / News / Businesses could be held accountable for an employee’s deliberate data breach following Morrisons ruling

Leading supermarket chain Morrisons could be made to pay compensation to staff following the publishing of 100,000 of their employees’ personal data.

The data, which included names, bank account details and salaries, was published as an act of revenge by an employee facing disciplinary action.

The disclosure was made from the employee’s home computer, with the intent of causing damage to Morrisons, but it was Morrisons that was found vicariously liable as he was carrying out his actions in the course of his employment. They had trusted him with the data.

Where wrongdoing is sufficiently closely connected to an employee’s duties, the ‘course of employment’ test for vicarious liability will be satisfied.

More than 5,000 employees have brought a claim and the ruling means Morrisons could expect claims from the remaining 94,000 employees affected.

With GDPR around the corner, data protection is under the spotlight more than ever. Under GDPR, a company can be fined up to 20 million euros or 4% of global annual turnover, whichever is the greater.

Companies must take appropriate and technical organisational measures to protect personal data. Although some measures were in place, Morrisons were criticised for failing to ensure the personal information was deleted from devices worked on outside their premises.

Conducting regular checks and monitoring could help to reduce the risk of a breach and will also support the mutual trust and confidence needed in an employment relationship.

Related Articles

Our Offices

London
One Bartholomew Close
London
EC1A 7BL

Cambridge
50/60 Station Road
Cambridge
CB1 2JH

Reading
The Anchorage, 34 Bridge Street
Reading RG1 2LU

Southampton
Grosvenor House, Grosvenor Square
Southampton SO15 2BE

 

Reading
The Anchorage, 34 Bridge Street
Reading RG1 2LU

Southampton
Grosvenor House, Grosvenor Square
Southampton SO15 2BE

  • Lexcel
  • CYBER ESSENTIALS PLUS

© BDB Pitmans 2024. One Bartholomew Close, London EC1A 7BL - T +44 (0)345 222 9222

Our Services

Charities chevron
Corporate and Commercial chevron
Employment and Immigration chevron
Fraud and Investigations chevron
Individuals chevron
Litigation chevron
Planning, Infrastructure and Regeneration chevron
Public Law chevron
Real Estate chevron
Restructuring and Insolvency chevron

Sectors and Groups

Private Wealth chevron
Real Estate chevron
Transport and Infrastructure chevron