Importing principles from defamation law into data protection law: Insights from Pacini v Dow Jones

In recent years, the intersection of defamation law and data protection law has become increasingly significant. This convergence is particularly evident in the landmark case of Pacini v Dow Jones, which highlights the complexities and implications of applying defamation principles to data protection claims.

Defamation law traditionally focuses on protecting individuals' reputations from false and harmful statements.

In contrast, data protection law emphasises the accuracy and fairness of personal data processing. Individuals have the right to request the erasure or correction of inaccurate data, and data controllers must ensure that personal data is processed lawfully and transparently.

Background

The case of Pacini v Dow Jones involved two investment bankers, Joseph Pacini and Carsten Geyer, who brought a data protection claim against Dow Jones, the publisher of the Wall Street Journal. The claim centered on two articles that allegedly contained inaccurate personal data and criminal offences data about the claimants. The articles suggested that Pacini and Geyer were involved in a conspiracy to defraud a Chinese investor, Xie Zhikun, of nearly $1 billion.

The claimants argued that the articles violated their data protection rights (under the UK GDPR and the Data Protection Act 2018) by processing inaccurate personal data.

The defendant applied for the claim to be struck out as an abuse of process, arguing that it was essentially a defamation claim disguised as a data protection claim (as defamation claims are subject to a one-year limitation period, which had passed), and on the basis that it constituted a “Jameel” abuse of process. The application was unsuccessful, and a trial of preliminary issue was ordered.

Preliminary issue trial and the accuracy principle

The trial of preliminary issue raised important questions about the overlap between defamation and data protection law, particularly regarding the right to have personal information erased or corrected.

Repetition rule

The claimants sought to apply the defamation repetition rule, which holds that repeating a defamatory statement (in this case, reported court proceedings) does not absolve the repeater of liability. Essentially, if a person repeats a false and damaging statement made by someone else, they can still be held liable for defamation. This rule was accepted in principle by both parties. However, the judge expressed discomfort with running a defamation claim through the prism of data protection law.

Single meaning rule

The judge also had to determine the meaning of the personal data within the articles that were complained of. Although this is common in defamation claim, it was the first time that the court has tried meaning as a preliminary issue in a data protection claim alone. The judge's approach to determining the single meaning of personal data was guided by defamation principles, supporting the trend of importing these principles into data protection claims. The single meaning rule requires the court to consider each statement (here, the article) as whole and interpreting each element by reference to the meaning that the hypothetical reasonable reader would take from it, read in its full context. On this basis, the judge agreed with the defendant’s interpretation of meaning.

Differences between defamation and data protection law

Of interest to practitioners is the detailed discussion in paragraphs 63 – 78 of the judgement of how the differences between the law of defamation and data protection may require alternative approaches to determinations of meaning. In summary:

• Defamation: The single meaning rule is applied to ascertain the meaning that a hypothetical reasonable reader would derive from the statement. This involves considering the context and the judge's initial reaction to the statement.
  
  
• Data protection: The focus is on whether the data is accurate and processed fairly, which may require a broader consideration of the circumstances surrounding the data processing.

The judge highlighted that applying defamation principles to data protection claims could lead to inconsistent outcomes, particularly when assessing the fairness of data processing. This underscores the need for a nuanced approach that takes into account the specific objectives and principles of data protection law.

Implications for future cases

The integration of defamation principles into data protection law has significant implications for future cases. It suggests that individuals can seek redress for reputational harm caused by inaccurate data processing, even if the claim is framed as a data protection issue rather than a defamation claim. This could provide a broader avenue for individuals to protect their reputations and seek compensation for harm. Our lawyers specialise in both data protection and defamation, and are able to provide creative, commercial and well-rounded advice in relation to bringing or defending claims under either cause of action (including the risks and benefits of each).

The Pacini v Dow Jones case also highlights the importance of ensuring the accuracy of personal data in publications. Media organisations and data controllers must be vigilant in verifying the accuracy of the data they process and publish to avoid potential legal claims.