Lloyd v Google: Court finds in favour of Google

10 Nov 2021

*To read our full analysis of this judgment, please click here*

The Supreme Court has today unanimously allowed Google’s appeal against a Court of Appeal judgment that would have allowed a representative action to be pursued against Google by approximately 4 million iPhone users in relation to Google’s unauthorised collection of their data.

The Supreme Court has relied on two main grounds:

(i)  that claims for compensation under section 13 of the Data Protection Act 1998 require damage to be suffered before there is an entitlement to compensation. The Court said that on a proper interpretation this meant financial loss or distress caused by the contravention.

(ii)  in order to calculate damages it was necessary to look at how long Google had been collecting the data, the quantity of data involved, whether the data was sensitive/private, the use made of the data and the commercial benefit that was derived from using it. In the absence of this a claimant was not entitled to compensation. The Court said that the claimant’s attempt to pursue a claim without this information was unsustainable and the claim could not succeed.

A cause for celebration for companies handling data

Today’s outcome will be cause for celebration for Google and any organisation that handles significant amounts of data or bases its business model on the use of personal data (as well as their shareholders and/or insurers).

Had the Supreme Court upheld the Court of Appeal’s judgment we could have faced a situation where effectively every data breach could have led to US-style “opt-out” class actions.

The Court has also made some helpful comments about what claimants need to establish before they can pursue a claim for compensation. These are very likely to assist businesses and their insurers in defending all forms of data breach claims.

A detailed note of today's judgment will follow once the judgment has been reviewed.

BLM's data breach unit

BLM’s Data Breach Unit provides the essential support to those businesses facing claims resulting from:

  • the accidental loss of data,

  • unintentional misuse of data,

  • unauthorised or misdirected e-communications, correspondence and direct marketing.

We also support organisations experiencing more significant incidents involving the theft of data and cyber-attacks, including ransomware or major incidents involving the accidental loss of data.

Click here to find out more.

<< Back

Disclaimer: This document does not present a complete or comprehensive statement of the law, nor does it constitute legal advice. It is intended only to highlight issues that may be of interest to clients of BLM. Specialist legal advice should always be sought in any particular case.

Related Expertise

Related contacts

Tim Smith

Tim Smith

Partner and Head of TMT & Cyber Practice Group,

Steve Kuncewicz

Steve Kuncewicz

Partner, Head of Creative, Digital & Marketing sector group,
London, Manchester

Who to contact

For more information about any of our news releases, please contact:

Jo Murray
+44 20 7638 2811
+44 20 7865 4849
Email Jo


Not what you are looking for? Click here!