M, R (on the application of) v The Chief Constable of Sussex Police & Anor [2019] EWHC 975
In the community care context, services providers and public authorities constantly handle information concerning their vulnerable clients. This case – concerning a police force’s sharing of information – is a cautionary tale.
Sussex Police force was found to have shared information with the local Business Crime Reduction Partnership (BCPR). The information concerned the vulnerability of a 16 year old girl to child exploitation. This had resulted in her being excluded from a number of local businesses.
Lieven J found that the information sharing had breached Part 3 of the Data Protection Act 2018 (“DPA”), concerning the processing of law enforcement data by a police force. However, her reasoning would be equally applicable outside the law enforcement context.
The judgment was clear that sharing the information with the BCPR was potentially lawful. However, there needed to be evidence that the defendant had “properly weighed up the impact on the claimant of sharing this information, or whether there were sufficient safeguards to ensure against onwards transmission”.
Local authorities and care providers can learn from this by thinking consciously about their choices to share information. They need to weigh up the impact on individuals in particular cases. They should record their reasoning carefully. Those acting for vulnerable individuals are reminded of the possibility of challenges to inappropriate sharing of information.
It should be noted that Sussex Police did not make any friends in Court by failing to comply with their disclosure obligations. They were criticised for failing to provide full and fair evidence or explanations for what had happened. This certainly will not have helped their case.
Hannah Slarks