BEERG: Company Held Liable for Data Breach by Rogue Employee

October 26, 2018

The UK Court of Appeal found an employer “vicariously” liable for an employee’s disclosure of employee data on the internet despite the employee disclosing the data outside company grounds, with a private computer, and with the intent to harm the company.

“The Morrisons case breaks new ground,” Lewis Silkin Consultant Partner Steven Lorber writes in the BEERG Global Labor Newsletter, “although at least it was limited to an identifiable, albeit very large group.  Facebook has recently admitted that up to 50 million users were affected by a data breach.  Will they bring claims for the distress caused?”

Liability in question: Lorber continues, “Although Morrisons has said it will seek to appeal to the Supreme Court, the issues raised by the case go well beyond its specific facts.  Ultimately, Parliament may need to decide on the extent of liability.  Pending that, employers should dig out their insurance policies and check the scope of their cover.”

Read the full BEERG Global Labor Newsletter.