Has Russell Brand Breached the Data Protection Act Through his Twitter Prank?

Has Russell Brand Breached the Data Protection Act Through his Twitter Prank?

Comedian turned political visionary Russell Brand is the subject of controversy once again after tweeting the phone number of a senior Daily Mail journalist.

Reporter Neil Sears, had left a business card with Brand calling on him to be questioned about his tax affairs. Brand subsequently tweed a picture of the business card with an arrow pointing to Sears' phone number captioned "please call".

We enjoy a joke as much as the next legal content service but what we really wanted to find out, along with millions of upset twitter users, is : Can he do that?

russell-brand-data-protection-act

Today at Unlock The Law we look at the law of data protection in the UK. In particular we examine whether celebrities and others with a large twitter following are under a greater obligation as a result of their large audience,

What is data protection law?

Data protection law protects the way in which your personal data is used by businesses, organisations and the government and the way it is processed by individuals. In particular, the law provides that your data:

  • Is used fairly and lawfully
  • Is used for limited and specifically stated purposes
  • Is used in a way that is, relevant and not excessive
  • Is accurate
  • Is kept for no longer than is absolutely necessary
  • Is processed according to people's data protection rights
  • Is kept secure

Breaches of data protection are taken very seriously. The Information Commissioner's Office investigate and prosecute breaches of data protection in the UK and can carry out criminal prosecutions and issue fines of up to £500,000 for serious breaches.

Who does data protection law apply to?

The law states that data protection law applies to anyone who "processes" personal data. This includes "disclosure...by transmission" which pretty much means broadcasting or publication.

The person who processes the data must be a 'data controller' – this means that this person determines for which purpose the information is processed.

So, using the Russell Brand example, Brand 'processed' the personal information of Neal Sears by publishing it online and he controlled the purpose the data was used for. This would mean his actions were caught by the Data Protection Act using this meaning.

However, there is an exception to prevent the Act being applicable in almost all circumstances that would require everyone to be bound by the obligations of the Data Protection Act

The exemption provides that personal data processed by an individual solely for the purposes of that individual's personal, family or household use, including recreational use, will be exempt from the data protection principles and Parts II and III of the DPA.

This means that if an individual processes or publishes the information for personal or recreational use, they will be exempt from the obligations of the act.

Are Russell Brand's actions exempt from data protection law?

In short, probably not.

At UK level, Information Commissioner's Office (ICO) say that the exemption will apply where an individual uses an online forum such as twitter purely for domestic purposes. However given Brand's massive 8.7 million twitter following it is unlikely that this would be determined to be for personal or domestic use.

Furthermore at European level the Court of Justice of the European Union when judging a case in 2003 said:

"The act of referring, on an internet page, to various persons and identifying them by name or by other means, for instance by giving their telephone number...constitutes 'the processing of personal data...[and] is not covered by any of the exceptions in Article 3(2) of Directive 95/46 [section 36 of the DPA transposes Article 3(2) into domestic law]"

Like Brand himself, pretty explicit.

This means that it is likely that Brand is in breach of data protection law, but will anything happen?

It is possible for Sears to take private enforcement action against Brand or the ICO could choose to investigate the case. However, this is a discretionary power and given that Sears, while potentially having suffered numerous prank phone calls, has suffered no real damage, it is unlikely it will be pursued.

We don't mind if you share our personal information on Facebook, Twitter or any social media platform you choose, but if you still feel unsure of data protection law, please read our free legal guides, follow us on Twitter and subscribe to our YouTube channel.Parklife.

Complete Guide to the New Pornography Regulations ...
Tonev: What happens if Celtic appeal to The Court...

Share

Unlock The Blog

Please enter your name.
Invalid email address