By Ashley Young
The Court of Appeal has upheld a verdict that could make employers legally responsible for employees’ actions even where the employer took their best preventative measures and committed no offence. In an important decision that laid the law down to all disgruntled employees, the court upheld a High Court ruling that supermarket chain Morrisons is liable for the actions of former disgruntled employee Andrew Skelton.
The ruling by the Court of Appeal instructs the retailer to compensate all the victims of a breach in which private details including National Insurance numbers were stolen and posted on social media as well as sent to newspapers.
opens the doors to group compensation claims by more over 5,000 staff who had their personal data stolen and put online. The supermarket now faces paying compensation to each of them. Morrisons has vowed to appeal to the Supreme Court.
The case against Morrisons Supermarket arose because of a security breach in 2014 when Skelton- a senior internal auditor at Morrison’s Bradford headquarters- leaked payroll data. Skelton was jailed for eight years in 2015 after being found guilty of fraud, securing unauthorized access to computer material, and disclosing personal data.
Those affected by the breach were a mixture of former and current employees. The leak exposed them to the risk of identity theft and potential financial loss. The claim alleged Morrisons was responsible for breaches of privacy, confidence and data protection laws. Morrisons were not sparred despite the fact it was their employee who was responsible for the security breach
A Morrisons spokesperson said: ’Morrisons worked to get the data taken down quickly, provide protection for those colleagues and reassure them that they would not be financially disadvantaged. In fact, we are not aware that anybody suffered any direct financial loss. We believe we should not be held responsible so that’s why we will now appeal to the Supreme Court.’