Clothing company H&M has been fined £32.1 million for breaching GDPR. H&M violated the privacy of its employees by conducting illegal workplace surveillance. The Data Protection Authority of Hamburg, Germany, stated that H&M’s staff had been subject to “extensive recording of details about their private lives”. This included details about their families, medical symptoms and diagnoses, religious beliefs, details of holidays and information from informal conservations.

The fine highlights the repercussions faced by companies who breach GDPR. Under Article 5 GDPR personal data must be processed lawfully and collected for legitimate purposes. This is the second highest fine that has been issued to a company for breaching GDPR. The highest single fine to date was the €50 million imposed on Google by the French data protection regulator CNIL in 2019. A company can be fined up to €20 million or 4% of their global annual turnover of the preceding year, whichever is greater, for severe violations of GDPR.

H&M has apologised to all its effected employees and employees of the service centre in Nuremberg and all staff who have been employed for at least one month since GDPR came into force in May 2018 will receive financial compensation.

If you require legal assistance regarding GDPR, please do not hesitate to contact Christopher Buck, Associate Partner in our Business Services team, on 01908 660966 / 016014 828282 or by email at christopher.buck@franklins-sols.co.uk who will be happy to assist.

From time to time a business may become involved in a contractual dispute whereby a large monetary penalty is sought. These disputes sometimes relate to penalty clauses that have been incorporated within a contract and understanding whether such penalties may or may not be enforceable is crucial to determining the extent of a defaulting party’s liability.

What is a penalty clause?

In simple terms, a penalty clause is a contractual provision that requires the defaulting party to provide monetary compensation to the innocent party in respect of a breach of a secondary obligation contained within a contract.

When is a penalty clause enforceable and which case law has changed the way we interpret penalty clauses?

In the landmark combined judgment of Cavendish Square Holdings BV v Makdessi; ParkingEye Ltd v Beavis [2015] UKSC 67, the Supreme Court sought to clarify the way in which penalty clauses should be interpreted in commercial contracts. The last case to substantially consider their enforceability was over 100 years ago in the case of Dunlop Pneumatic Tyre Company Ltd v New Garage Motor Co Ltd [1915] in which Lord Dunedin set out four key tests to be applied when determining whether the clause in question is a genuine pre-estimate of liquidated damages or a penalty.

The key tests applied under Dunlop involved assessing whether the extent of the monetary compensation sought was ‘unconscionable’ and ‘extravagant’ in comparison to the loss incurred by the innocent party. Consideration was also given to whether the loss was so disproportionate it could only be intended to deter a breach of contract. If the loss was found to be wholly disproportionate, it would be construed as a penalty and unenforceable.

The decisions of both Cavendish and ParkingEye reconsidered the tests to be applied when considering the enforceability of penalty clauses. They established that a clause can only be considered to be penal where it is a matter of substance, not form. In particular, in order to consider whether a clause in question is a penalty clause depends entirely upon whether the clause relates to a primary or secondary contractual obligation. If a breach of the obligation gives rise to a new one, this would be construed as a conditional primary obligation. However, in the instance that the breach gave rise to an obligation that would not otherwise exist, it would be a secondary obligation that is an alternative to damages and could be found to be a penalty clause.

The Supreme Court were keen to uphold the doctrine of penalties and, while acknowledging that Lord Dunedin’s key tests were still relevant, the majority held that the commercial approach to adopt was to have regard to the innocent party’s interests, whether these were being legitimately protected and whether the remedy the clause seeks to impose is proportionate to the innocent party’s interest. If these two tests can be established, the penalty clause will be enforceable.

Can a penalty clause be disputed?

A penalty clause may be disputed if the party to which the penalty is imposed against is of the opinion that the penalty sought far exceeds the innocent party’s attempt at quantifying a genuine pre-estimate of a loss incurred and which also seeks to act as a deterrent to the innocent party ever committing a breach of the relevant clause. Ordinarily, penalty clauses imposed in respect of primary obligations are enforceable. However, secondary obligations are not. It will be a matter of interpretation as to whether a penalty clause is enforceable applying the tests established following the Supreme Court’s judgement in Cavendish and ParkingEye.

For advice and assistance in relation to the drafting of a penalty clause within a contract or understanding the enforceability of any penalty provisions, contact Christopher Buck, Associate Partner & Commercial Solicitor within our Business Services team on 01908 660966 / 01604 828282 or email christopher.buck@franklins-sols.co.uk.

The Coronavirus pandemic has caused the Government to order the mandatory closure of all schools and nurseries across the United Kingdom, but where does that leave those parents whose children attend independent schools and nurseries? This is a concern that has been raised by many parents who are unsure as to whether they are entitled to a refund in respect of those fees that they have already paid for the remainder of the school year.

Undertaking a review of the terms of any parent contract that you may have entered into with the school and/or nursery in question when your child first joined, is key to understanding the contractual obligations and liabilities imposed upon you and whether you will be entitled to claim a refund for all, or some, of the school fees that have been paid for the following term. Some independent schools and nurseries may not have envisaged a closure of this nature and whilst some are offering a reduction in fees in light of the un-planned closures, this is not the case across the board.

If you have taken out a school fees insurance policy that may provide you with some protection, however careful consideration of the policy wording and terms is required in order to assess whether you will be entitled to claim. In any event, you should firstly make contact with the school and/or nursery to establish how they are proposing to deal with the current crisis.

Understanding your legal position in light of the Coronavirus pandemic is crucial to determining your right to a refund.

If you require any legal assistance with regards to understanding the terms of a parent contract or insurance policy, or if you are in dispute with a school and/or nursery at present and require our assistance to draft a suitable letter on your behalf, then please do not hesitate to contact Christopher Buck, Associate Partner in the Commercial Services Department on 01908 660966 / 01604 828282 or email christopher.buck@franklins-sols.co.uk.

The Commercial Services Team here at Franklins have been working closely with our clients to help alleviate business pressure during the Coronavirus pandemic.

These unprecedented times have, undoubtedly, placed undue constraints on business relationships and the Commercial Services Team are here to help those seeking to manage their contractual liabilities and obligations at this difficult time.

Christopher Buck, Associate Partner in the Commercial Services Department here at Franklins has been providing effective and diligent legal advice to both businesses and consumers alike during the Coronavirus outbreak. Just some of the legal support he has provided to date includes advising wedding venues and caravan parks as to their contractual position with the aim to provide them with the advice they need in order to make informed decisions about how to continue to maintain and, if required, how they may terminate, any existing contractual relationships

Our Commercial Services Team can also provide advice and support in the following areas:

In light of these ever-changing circumstances, it is crucial to act now rather than later! If you require any legal advice on commercial contracts or insolvency issues, please do not hesitate to contact Christopher Buck on 01908 660966 / 01604 828282 or via email at Christopher.Buck@franklins-sols.co.uk.

The UK’s business secretary has announced the Government’s proposed changes that it intends to make to the Insolvency Act 1986 (the “IA 1986”) in light of the Coronavirus pandemic. Christopher Buck, Associate Partner in the Business Services team here at Franklins explains the implications that these changes will have on directors at this difficult time.

One of the key changes that has been proposed by the Government is the suspension of the civil offence of wrongful trading under section 214 of the IA 1986.  It is an offence for a director to continue to trade if they have the knowledge that their business is experiencing financial difficulties which, more likely than not, will result in it becoming subject to insolvency proceedings. In such circumstances, the duty imposed on directors to act in the best interests of the company and its members as a whole becomes a duty that is owed to the company’s creditors.

Although there is no offence for trading while the company is insolvent, once it has become apparent that insolvency is looming, a director who fails to take steps to mitigate any losses to creditors faces the possibility of being held personally liable for wrongful trading. This can have costly implications as the directors will be liable to make a personal financial contribution to the company’s assets. Directors can still fall foul of wrongful trading even if their business is not trading, but losses to the company’s creditors continue to increase.

The Government’s proposed temporary suspension of this civil offence is to relieve the increasing pressure on directors to keep their businesses afloat in fear of becoming personally liable. That being said, the Government is keen to retain the existing legislative provisions that are currently in place for fraudulent trading and the threat of director disqualification in the hope that these alone will be effective in mitigating misconduct by directors.

This is not the only change that has been proposed by the Government. Other changes include a temporary moratorium for businesses that may be undertaking restructuring due to Coronavirus. The intention is this will provide an initial 28 days of protection, with the ability to extend by a further 28 days with the approval of an insolvency practitioner. It is proposed that these changes will apply retrospectively from the 1st March 2020.

If you require any legal assistance with regards to understanding your duties as a director in light of Coronavirus, then please do not hesitate to contact Christopher Buck, on 01908 660966 / 01604 828282 or email christopher.buck@franklins-sols.co.uk.

The United Kingdom along with the rest of the world is currently in unchartered territory. Extensive travel bans have been implemented, schools have been closed and the stock markets are in freefall with the FTSE 100 falling to levels not seen since the financial crisis.

It has become apparent that no government was adequately prepared for a pandemic of this nature and it is undeniable that the uncertainty is worrying for all sectors of the economy.

With that being said, it is inevitable that commercial contracts are being delayed so it is worthwhile taking the time to assess what your legal options are if you are unable to fulfil your contractual obligations.

A contract is a legally enforceable agreement that creates rights and obligations between those who agree to be bound by its terms, provided that certain key elements are present (namely, offer, acceptance, consideration, intention to create legal relations and certainty of terms).

Each party is entitled to expect the performance of a contract which has been agreed. If you terminate a contract without a common law or contractual right to do so, this would normally amount to repudiation, which in itself attracts significant consequences for the benefit of the ‘innocent party’. It is therefore pertinent to be aware of the two key exceptions to a breach of contract, these are force majeure and the common law doctrine of frustration, both of which are considered in turn below.

Force Majeure

Force Majeure is a phrase derived from French civil law which means ‘superior force’. You will find that most commercial contracts include an express force majeure clause tucked away at the back as it is not an automatic right. It is intended to suspend or terminate contractual obligations following the occurrence of certain events which are outside the parties’ reasonable control and that prevent them from performing their obligations. You will need to carefully asses the specific wording of the relevant clause, normally it will contain a non-exhaustive list of circumstances which would be deemed as a ‘force majeure event’ as there is no statutory or common law definition.

It is important to check whether a pandemic or epidemic is specifically covered as the World Health Organisation has recently declared that the outbreak of Covid-19 has reached pandemic levels. In the event that neither pandemic nor epidemic is listed it may be worth considering whether “any law or any action taken by a government or public authority” is included and indeed applicable instead, especially if the government move to enforce a mandatory lockdown.  In any event, it is likely that any counterparty will resist reliance on such a clause leading to the possibility of litigation.

In comparison, a short form force majeure clause would normally contain wording to the effect of “neither party shall be in breach of this agreement nor liable for delay in performing, or failure to perform, any of its obligations under this agreement if such delay or failure result from events, circumstances or causes beyond its reasonable control…..”. Obviously, this is a much wider definition and in the absence of a list of specified events, it means it is open to interpretation on whether this clause would extend to cover Covid-19.

Once it has been established that a force majeure event has occurred, causation also has to be established, i.e. that the outbreak of Covid-19 has prevented, hindered or delayed a party from performing any of its contractual obligations. If performance has only been made more difficult or expensive then the protection is unlikely to apply. A party seeking to rely on the force majeure clause should also be able to demonstrate the use of reasonable endeavours to mitigate any loss.

There may also be a process to follow in that the affected party has to serve notice on the other party within a certain number of days to notify them that a force majure event has occurred. Time is therefore potentially of the essence. 

If you can successfully establish that a force majure event has occurred the clause will typically provide that the parties’ obligations under the contract are suspended until the force majeure event ceases. At this point, the contract will be ‘resurrected’. Alternatively, you may find that a more commercially attractive option has been drafted which states that so long as the performance of your obligations are continuously prevented, hindered or delayed for a certain number of weeks or days the agreement may be terminated by both parties. In terms of costs, unless the clause specifically details recovery provisions the general position is that any costs incurred or payments made will not be recoverable.

Frustration

In the absence of an express force majeure clause in a commercial contract, the common law doctrine of frustration may assist a party who is unable to fulfil its contractual obligations. You would need to demonstrate that a frustrating event has occurred after the contract was formed which, due to no consequence of your own, has made it impossible for you to carry out your contractual obligations or that they have become radically different.

Whilst this may seem like an attractive alternative, each case will be assessed on its own merits and case law has shown that a very high threshold must be met before the court will deem that a contract is truly frustrated. This is so parties are not released from their contractual obligations too easily. Please note in the past it has been deemed that a contract is not frustrated where:-

These are only a few examples, but seem particularly relevant in the context of this article.

If a contract has been frustrated, all parties will be released from their future (not past) obligations immediately and the contract will be automatically brought to an end. Neither party may sue for breach. The allocation of loss is then decided by the Law Reform (Frustrated Contracts) Act 1943. Under the Act payments can be recovered in full or in part, in a manner deemed equitable by the courts.

Insurance

Finally, you should also check your business insurance or speak to your broker to see what risks are covered. Standard commercial insurance policies typically only provide cover against a wide range of day-to-day risks, therefore unless you have put specific cover in place which protects your business against interruption arising from a infectious disease or forced closure by the authorities it is unlikely that you will be able to make a claim. Even if your policy covers such perils you may find that a claim can only be made in relation to specific diseases named in the cover.

If you require legal assistance regarding contracts, please do not hesitate to contact Christopher Buck, Associate Partner in our Business Services team on 01908 660966 / 01604 828282 or at christopher.buck@franklins-sols.co.uk who will be happy to assist.

The Information Commissioner’s Office (ICO) has fined the airline company £500,000 for failing to secure its customers’ personal data. Cathay Pacific’s computer systems failed to implement appropriate security measures which led to the personal data of 111,578 UK residents being exposed and a further 9.4 million people internationally. The personal data exposed included names, dates of birth, passport details, addresses, phone numbers and travel history. The airline first became aware of suspicious activity in March 2018 when incidences of attempted hacking occurred, whereby hackers tried to enter the database by guessing passwords and phrases. This was described as a “brute-force” attack and led to Cathay Pacific employing a cybersecurity firm which subsequently discovered numerous errors and reported them to the ICO. The errors discovered included: back-up files that were not password protected; insufficient anti-virus protection; internet-facing servers without the latest patches and the use of operating systems that were no longer supported by the developer.

Following the implementation of GDPR in May 2018, enhanced UK and European data protection laws have come into force. However, due to the timing of Cathay Pacific’s breaches, the ICO investigated this case under the Data Protection Act 1998. The ICO found that Cathay Pacific had breached Principle 7 of the Data Protection Act 1998 which provides that “appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data”. The fine of £500,000 is the maximum amount possible under the 1998 Act. However, under GDPR, a company can be fined up to €20 million or 4% of their global annual turnover of the preceding year, whichever is greater, for severe violations. Therefore, companies need to ensure that they comply with GDPR and have sufficient mechanisms in place to protect personal data in order to be compliant with the law and to avoid fines. Overtime, it is highly likely that we will see the number of fines being imposed increase in correlation with the increase in the daily rate of breach notifications, which has increased from 247 notifications per day (the average during the first eight months of GDPR) to approximately 278 breach notifications per day.

If you require legal assistance regarding GDPR, then please do not hesitate to contact Christopher Buck, Associate Partner in our Business Services team on 01908 660966 / 01604 828282 or email BusinessServices@franklins-sols.co.uk.

Hugo Boss Shop DisplayJoe Lycett (now, Hugo Boss) changed his name by deed poll after the fashion house sent cease and desist letters to charities and small businesses who use the word ‘BOSS’ in their names. One particular case involved Boss Brewing, a company based in Swansea, whereby the fashion brand objected to the brewery’s application to register a trade mark in relation to the beer names ‘Boss Boss’ and ‘Boss Black’ due to the potential to cause misunderstanding. This resulted in £10,000 worth of legal fees for Boss Brewing in order to defend itself against the clothing brand which had a net income of £218 million in 2018. It was resolved that the brewery had to change the names of their beers and could no longer sell clothing.

A trade mark is a sign, word or a symbol which enables customers to identify goods or services as coming from one particular source, even though they may not know the identity of the source. The owner of a trade mark can take legal action against another trader who uses that mark in a way which confuses the customer or the public into believing that his goods or services are those of the owner of the mark. This action is defined as ‘passing-off’. Nevertheless, in the context of this case, it is unlikely that the public would confuse beer made by a small company in Wales with the products of a worldwide famous fashion brand. Thus, Joe Lycett’s (Now, Hugo Boss) actions have been described as “comedic activism” and demonstrate the negative criticism that big companies can face when they target small businesses that use similar names. Nonetheless, from Hugo Boss’s (the fashion company) point of view, they were merely trying to protect their historic and well-known trade marks. In relation to Joe Lycett (now, Hugo Boss), his actions do not constitute trade mark infringement unless he begins trading under the name.

Trade marks provide important protection for your brand and your business. If you require legal assistance regarding trade marks, then please do not hesitate to contact Christopher Buck, Associate Partner in our Business Services Department who will be happy to assist.

If you require legal assistance regarding trade marks, or have any other intellectual property concern, please do not hesitate to contact Christopher Buck, Associate Partner in our Business Services Department on 01908 660966 / 01604 828282 or at christopher.buck@franklins-sols.co.uk who will be happy to assist.

The Court of Justice of the European Union (CJEU) in the case of Sky v SkyKick (C-371/18) has made the landmark decision that the use of broad terms in trade mark specifications such as “computer services” cannot be ruled invalid on the basis that they are unclear and imprecise or contrary to public policy. Furthermore, the CJEU decided that the owner of a trade mark will not be regarded as having acted in bad faith because there was no economic activity in relation to the goods and services covered by its broad specification at the time it was filed. Accordingly, this means that trade mark proprietors do not need to change or amend existing trade mark specifications which use broad terms and therefore, this case has been described as a “welcome relief for brand owners” who wish to maintain broader protection.

The case arose when the UK TV broadcaster Sky plc sued SkyKick, a cloud software company for trade mark infringement in relation to their use of the word “SKY” in their SkyKick sign and its variants. SkyKick counterclaimed and argued that Sky’s trade marks were invalid on two grounds:

  1. Does the use of broad terms in trade mark specifications such as “computer software” mean that a registration is so unclear and imprecise that is should be declared invalid?

The CJEU decided that a lack of clarity and precision in a trade mark specification does not render that trade mark invalid. However, if the trade mark has not been used in connection to the goods and services it was registered for, it can be rescinded after 5 years. Nevertheless, if non-use only applies to a few of the goods or services for which the trade mark was registered, only those goods and services will be rescinded and rest of the trade mark will still exist.

  1. Does applying to register a trade mark without any intention to use it in connection to the specified goods or service constitute bad faith and thus render the trade mark invalid?

The CJEU held that the registration will only be constituted as having been made in bad faith if the applicant had the “intention of undermining, in a manner inconsistent with honest practices, the interests of third parties, or of obtaining, without even targeting a specific third party, an exclusive right for purposes other than those falling within the functions of a trade mark”. Consequently, bad faith cannot be assumed because there was no economic activity corresponding to the goods and services at the time of the application.

If you require legal assistance regarding trade marks, or have any other intellectual property concern, please do not hesitate to contact Christopher Buck, Associate Partner in our Business Services Department on 01908 660966 / 01604 828282 or at christopher.buck@franklins-sols.co.uk who will be happy to assist.

There have been over 160,000 data breach notifications across Europe since the GDPR came into force in May 2018 which has resulted in $126 million in fines.

The countries to have received the highest fines are France (€51 million), Germany (€24.5 million) and Austria (€18 million). The Netherlands, Germany and the UK are the countries which ranked the highest for number of data breaches reported to regulators. Notwithstanding this, the highest single fine to date was the €50 million imposed on Google by the French data protection regulator CNIL. However, these related to the alleged breaches of the transparency principle, which requires any information addressed to the public to be concise, easily accessible and easy to understand and lack of consent rather than a data breach.

Under GDPR, a company can be fined up to €20 million or 4% of their global annual turnover of the preceding year, whichever is greater, for severe violations. Therefore companies such as Facebook, Google and Twitter which handle large amounts of data have a considerable burden placed on them to ensure that they comply with GDPR in order to avoid the sizeable fines which could be imposed on them by regulators. In July 2019, the UK’s Information Commissioner’s Office (ICO) issued notices of intent to impose fines on Marriott International for £99 million and British Airways for £183.39 million for data breaches under the GDPR. As yet, these fines have not been finalised demonstrating the slow start to the regulatory process. The GDPR has only been in effect for about 20 months. This is an insufficient amount of time for regulators to develop an effective and concise enforcement process. Overtime, it is highly likely that we will see the number of fines being imposed increase as regulators will make full use of their powers as clarity in this area of law develops.

Moving forward, it is expected that the number of fines being issued will increase in correlation with the increase in the daily rate of breach notifications, which has increased from 247 notifications per day (the average during the first eight months of the GDPR) to 278 breach notifications per day.

If you require legal assistance regarding the GDPR, then please do not hesitate to contact Christopher Buck, Associate Partner in our Business Services Department, on 01908 660966 / 01604 828282 or at christopher.buck@franklins-sols.co.uk.