The International Forum for Responsible Media Blog

A brief introduction to the concept of privacy under English law, Part II – Suneet Sharma

In Part II we consider the legislative framework under English law which enshrined privacy and the recent development of the action for misuse of private information, which underpinned as privacy as a value.

The right to privacy was codified into legislation at the Council of Europe level in the European Convention of Human Rights, which provides a higher level interpretive layer of guidance on the application of such rights. However, these provisions required integration into English law via legislation to be effective. In taking the lead from the European authorities Parliament passed the Human Rights Act 1998 (“HRA”) to achieve such harmonisation. Article 8 of the HRA addresses the right to a private life:

  1. Everyone has the right to respect for his private and family life, his home and his correspondence.
  2. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others.

Whilst this introduction was of course highly significant for the protection of an individual’s privacy under English law the practical impact can only be seen in the context of the interpretation and application of the right, which courts were obligated to do. As such we take a look at some significant common law decisions below.

The extension of the breach of confidence action

The case of Douglas v Hello! Ltd [2001] 2 WLR 992 concerned an application for an injunction by Michael Douglas and Catherine Zeta-Jones to prevent Hello magazine from publishing photos of their wedding. The nature of the case meant it engaged legislative and common law provisions concerning the protection of privacy rights.

In particular, the case reflects the development of the balancing approach to be taken to the right to privacy (Article 8 HRA) and freedom of expression (Article 10 HRA):

“It goes without saying that this is a case concerned with freedom of expression. Although the right to freedom of expression is not in every case the ace of trumps, it is a powerful card to which the courts of this country must always pay appropriate respect.” – at p.49, the court also noted the application of s.12(3) of the Human Rights Act 1998.

The Data Protection Act 1998 (“DPA”), s.32(1)(b) was also applicable as Hello magazine would have to prove it reasonably believed that publication of the photos was in the public interest. This threshold was reasonably high given the photos of the claimant’s were taken at a private occasion without their consent.

Significantly, it also considered that the facts of the case gave rise to an action for breach of confidence (for more details of this cause of action see Part I). It was in that capacity that the protection of privacy, reinforced by the provisions of the HRA, were considered:

“both academic commentary and extra-judicial commentary by judges over the last ten years have suggested from time to time that a development of the present frontiers of a breach of confidence action could fill the gap in English law which is filled by privacy law in other developed countries.“ – p.61

For the protection of privacy this question was crucial- absent the elements of a breach of confidence action could the tort be extended, in a manner consistent with the HRA, to protect unwanted intrusion into individual’s privacy?

In Douglas the court addressed this question directly in a highly authoritative fashion:

“What a concept of privacy does, however, is accord recognition to the fact that the law has to protect not only those people whose trust has been abused but those who simply find themselves subjected to an unwanted intrusion into their personal lives. The law no longer needs to construct an artificial relationship of confidentiality between intruder and victim: it can recognise privacy itself as a legal principle drawn from the fundamental value of personal autonomy.” – at p.126

This acknowledged that the breach of confidence action could be extended to cover the fact of a breach of privacy. In this construction, privacy is couched as an integral part of personal autonomy and is accordingly protected under the freedoms-centric approach taken by English law. A standalone qualified right to privacy did not need to be created for its protection to be consistent with the Convention. The development of pre-existing legal principles was sufficient and advocated by both France and Germany.

Applying this formulation it was considered that the claimant’s had sold exclusive rights to photograph their wedding to OK! Magazine, effectively commercialising their privacy. Notwithstanding this, it was noted that a fact-sensitive approach must be taken to all such cases as the commercialisation of one’s private life does not necessarily forfeit protections. However, the rights to the photographs had been sold to OK! meaning they had more suitable grounds for bringing a claim- the residual rights of Zeta-Jones and Douglas were not sufficient to justify interference in this instance.

Undoubtedly, this precedent is significant for celebrities and public figures who seek to commercialise aspects of their privacy. It is these fact patterns which naturally prompt some of the more explorative, nuanced and fact-sensitive cases which engage and formulate the protection of privacy.

The European Court of Human Rights acknowledged that such positions necessitated a forfeiture of the private sphere (to a degree) in Von Hannover v Germany (2004) 40 EHRR 1:

“public figures must recognise that the special position they occupy in society – in many cases by choice – automatically entails increased pressure on their privacy” – p.6

Wainwright v Home Office [2004] 2 AC 406 confirmed the position advocated in Douglas, noting that there was not yet sufficient authority to establish an extension of the breach of confidence action:

“I do not understand Sedley LJ to have been advocating the creation of a high-level principle of invasion of privacy. His observations are in my opinion no more (although certainly no less) than a plea for the extension and possibly renaming of the old action for breach of confidence.

The milestone case of Campbell and the misuse of private information

Perhaps the most significant case in this field is Campbell v MGN [2004] 2 AC 457, the groundwork for which had been set in the Douglas case. The case concerned a claim for breach of confidence and the DPA by model Naomi Campbell following an article published in the Mirror showing her leaving a Narcotics Anonymous clinic for the treatment of drug addiction. In Campbell the court, acknowledging the recent extension of the breach of confidence action, re-characterised the tort to cover the misuse of private information:

“The present case concerns one aspect of invasion of privacy: wrongful disclosure of private information… [Privacy] lies at the heart of liberty in a modern state. A proper degree of privacy is essential for the well-being and development of an individual.” – p.12

This was a watershed moment for the recognition of privacy under English law, catalysed by the ECHR and HRA. The application of article 8 required a two-stage test, whether the individual had a reasonable expectation of privacy and if so, whether on balance those rights should be vindicated against other interests:

“It should be emphasised that the ‘reasonable expectation of privacy’ is a threshold test which brings the balancing exercise into play. It is not the end of the story. Once the information is identified as ‘private’ in this way, the court must balance the claimant’s interest in keeping the information private against the countervailing interest of the recipient in publishing it. Very often, it can be expected that the countervailing rights of the recipient will prevail.” – at p.137

The facts at issue in the case provide a helpful case study in the practical application of the above test. For ease the court categorised the types of information at issue:

  1. the fact of Miss Campbell’s drug addiction;
  2. the fact that she was receiving treatment;
  3. the fact that she was receiving treatment at Narcotics Anonymous;
  4. the details of the treatment – how long she had been attending meetings, how often she went, how she was treated within the sessions themselves, the extent of her commitment, and the nature of her entrance on the specific occasion; and
  5. the visual portrayal of her leaving a specific meeting with other addicts.

Significantly, the court stated that all the above information would typically attract a reasonable expectation of privacy, however, Campbell’s celebrity status and conduct had to be taken into account. In a 3-2 decision, the court determined that Campbell’s right to privacy overrode the public interest in the information in categories 3-5 being published. In doing so weight was given to the fact that the treatment of such dependencies was a sensitive matter and, whilst the press was entitled to put the record straight about Miss Campbell’s drug use, the risk of harm to her and other individuals in exposing further information of her treatment was unacceptable. It was noted that “a picture is worth a thousand words” – a yardstick for their propensity to harm which would be much referenced in future cases.

The Campbell case illustrated a new approach to privacy as a value underpinned by the newly formulated action for misuse of private information. In advocating a two-stage test Campbell necessitated a highly-nuanced, fact sensitive and contextual approach to restitution for privacy infringement. Such an approach acknowledged the fundamental nature of privacy as a value but required consistent and objective application to ensure claimants rights were adequately acknowledged safeguarded.

Part I of this post was published on 28 November 2018

This post originally appeared on The Privacy Perspective blog and is reproduced with permission and thanks


  1. Andy J

    “The right to privacy was codified into legislation at European Union level in the European Convention of Human Rights”

    The author is confusing the European Union with the Council of Europe. It is the latter which is responsible for both the European Convention on Human Rights (ECHR) and the Court in Strasbourg which hears complaints over alleged breaches of the Convention. The Council Of Europe has 47 member states as opposed to the 28 EU member states.

    The EU does have its own Charter on Fundamental Rights, and in addition requires all member states to have signed up to the ECHR, but it is an error to say that the EU codifed the right to privacy in the ECHR.


    Thank you, this has been corrected

Leave a Reply

© 2023 Inforrm's Blog

Theme by Anders NorénUp ↑

%d bloggers like this: