Supreme Court Blocks Mass iPhone Claim Against Google.
The UK’s Supreme Court has rejected a claim that sought billions of pounds in damages from Google over alleged illegal tracking of millions of iPhones.
The judge said the claimant had failed to prove damage had been caused to individuals by the data collection. But he did not rule out the possibility of future mass-action lawsuits if damages could be calculated.
The case will have implications for similar mass-action lawsuits.
In his judgement, Lord Leggatt said a key issue was that “the claim has been framed in order to try to bring it as a representative action” for many people.
“The claimant seeks damages… for each individual member of the represented class without attempting to show that any wrongful use was made by Google of personal data relating to that individual or that the individual suffered any material damage or distress as a result of a breach,” it read. “Without proof of these matters, a claim for damages cannot succeed.”
But he added that the case had a “real chance of success” if pursued by the claimant as an individual, instead of as a mass action.
Google said: “This claim was related to events that took place a decade ago and that we addressed at the time.
“People want to know that they are safe and secure online, which is why for years we’ve focused on building products and infrastructure that respect and protect people’s privacy.”
The Google case – brought by Richard Lloyd, former director of consumer rights group Which? – alleged that between 2011 and 2012, Google cookies collected data on health, race, ethnicity, sexuality and finance through Apple’s Safari web browser, even when users had chosen a “do not track” privacy setting.
He sought compensation for 4.4 million affected users. While each individual iPhone owner would have received a small payout, the fine for Google could have run into billions.
Mr Lloyd said: “We are bitterly disappointed that the Supreme Court has failed to do enough to protect the public from Google and other big tech firms who break the law. Although the court once gain recognised that our action is the only practical way that millions of British people can get access to fair redress, they’ve slammed the door shut on this case by ruling that everyone affected must go to court individually”.
He called on the government to step in to make it easier for groups of consumers to take action over data breaches.
Jim Killock, executive director of the Open Rights Group, agreed: “There must be a way for people to seek redress against massive data breaches.” Currently, the legal fees would mean that it would be “completely unreasonable” for individuals to take on the tech giants, he added.
The long-running case began in 2017, and had been through the High Court and the Court of Appeal before being escalated to the UK’s Supreme Court.
If it had succeeded, it could have opened the floodgates to many more mass actions against tech firms for data breaches. Such actions currently need people to opt-in, which can be a lengthy process.
The Lloyd v Google case attempted to set a precedent for opt-out cases, meaning one representative could bring an action on behalf of millions.