A case that shows the perils of hosting a bulletin board type website where confidential information was posted in breach of obligations of confidence. The Defendant was found liable for damages.

Sir Elton John and others v Countess Joulebine and others

  • [2001] MCLR 91

Help with citations

Facts

The case arose out of one incident in the case brought by the Claimant against PricewaterhouseCoopers in respect of their accounting.  At some stage, the draft advice of leading and junior counsel to the Claimant was stolen.  Clearly, this was a highly confidential document.

The Defendant operated a website specialising in gossip.  She invited people to post “juicy bits of gossip” on the website.  Some time before 11 March 2000, the contents of the stolen advice were given to the Daily Express, but an injunction prevented publication.  On 12 March, the contents of the advice appeared on the Defendant’s website, although at that stage the Defendant was unaware of it.  She subsequently became aware of it, and realised it was of “value” (but not necessarily of monetary value) as it concerned a famous person.  There were no complaints, so she gave it more prominence on the website by providing a link on the home page to the advice.

The Daily Express told the Claimant’s solicitors that the advice was on the Defendant’s website, and they obtained an injunction on 27 March against the Defendant.  However, some time before that, the Defendant had deleted the advice from the website.  She gave undertakings not to re-post or republish the advice.

The Claimant sought damages for breach of confidence.  The Defendant claimed that she did not know and did not realise that the advice was confidential material.  She could not know if the advice was a prank and could not know if the advice was in fact genuine.  The Claimant applied under CPR Part 24 for summary judgment.

Judgment

The action for breach of confidence arises when information is received without inducement but when the recipient knows or ought to know that it is being imparted in breach of confidence or when the information is initially received innocently but the recipient later becomes aware that it was imparted in breach of confidence.

In this case, any intelligent person would know that an advice from counsel is confidential and privileged, and the Defendant ought to have known that there was a risk that it was being imparted in breach of confidence and should not have continued to have it on her website.

Accordingly, the Defendant had no real prospect of succeeding in her defence and the Claimant was entitled to summary judgment and to damages to be assessed.

Commentary

This case raises similar issues to those discussed in Totalise plc v The Motley Fool Ltd (reported above), and further extends the obligations of ISPs regarding the monitoring of material posted on their websites.

In Godfrey v Demon Internet Ltd (discussed above) the ISP was held liable for publication from the point it was advised that defamatory material existed on its website.  In the current situation, although the Defendant was aware of the material (which was confidential, rather than defamatory), she alleged that she did not know the material was confidential as she had no idea whether the advice was a prank, nor whether it was genuine (although she did raise the profile of the material by creating a link from her home page).  As soon as she was advised by solicitors for the Claimant that the material was considered confidential, she removed it from her site.

First, Master Leslie held, as common ground, that liability for breach of confidence did not occur until the Defendant actually became aware of the material in question.  Thus, the mere posting of the material on the bulletin board (by whatever source) did not render the ISP liable for breach of confidence.  The first time the ISP could be liable for such breach was when it became aware of the material. 

Second, Master Leslie held that the test for breach of confidence was not whether the Defendant knew that the material was imparted in breach of confidence, but whether the Defendant ought to have known that it was being imparted in breach of confidence (including where there was a risk that it was being so imparted).  Master Leslie stated,

“Here, it seems to me that any intelligent person, as the Countess undoubtedly is, must know or ought to know, if they do not actually know, that an advice from counsel is confidential and privileged, and whether or not she thought it might be a prank, she ought to have known that there was a risk that it was being imparted in breach of confidence and therefore ought not to have continued to have it on her website; far less should she have created a link.”

Accordingly, it would appear that if an ISP becomes aware of material on its website and there is a risk that it was imparted in breach of confidence, the ISP has an obligation to discontinue access to the material.  Correctly, this obligation only takes effect when the ISP becomes aware of the material, but becoming so aware is not dependent on some aggrieved party advising the ISP about the material which it considers confidential.  The obligation applies as soon as the ISP becomes aware of the material by any means and if the ISP ought to consider there a risk that the material was imparted in breach of confidence.  Thus the Defendant was found liable for damages despite the fact she removed the material from the website as soon as she was advised by the Claimant’s solicitors that it was confidential and gave undertakings not to re-post the material.

Again, we are seeing the liability of ISPs concerning the content of postings on bulletin boards extended.  In this decision and that of Totalise plc v The Motley Fool Ltd considerable emphasis was placed on the fact that the offending material was so clearly confidential or defamatory that an obligation was forced onto the ISP to remove the material.  What is not clear is the position where the material is not so obviously confidential or defamatory, but there is a risk that it might be so.  This uncertainty is somewhat unsatisfactory as it is the ISP which bears the risk of assessing the material.

One further observation of Master Leslie in this case is of note.  In relation to the assessment of damages for the breach of confidence, guidance was given that the confidential information was available on the website for only 14 days and “all the evidence is that it was a puny or obscure web site with not very many visitors”.  AOL and Yahoo! beware.