This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.

Freshfields Risk & Compliance

| 1 minute read
Reposted from Freshfields Technology Quotient

Ransomware and How to Beat it – the Court Route (Part 2)

In my last blog post, I wrote about the steps taken by the Court in PML v Persons Unknown to help the victim of a cyber ransom attack. Clarkson Plc v Persons Unknown is another case involving a company seeking injunctive relief from the Court in response to data theft and blackmail.

In Clarkson, the company’s application for relief was dealt with on paper (i.e. without a public hearing). This will almost certainly have saved the company time and money. The judgment is interesting because it gives guidance on the circumstances in which the Court will deal with these sorts of cases on paper. 

The starting point is that ‘open justice’ is a fundamental principle.  However, in this case the Court was happy to proceed without a public hearing because:

  • A hearing would have added to the expense of the claim, without serving any useful purpose.
  • The blackmailer did not engage in the proceedings, and so did not oppose the application.
  • The case did not proceed in secret: there had been two earlier public hearings, and the Judge ordered that his judgment in relation to this application be published online. In fact, it seems the Judge considered that in one sense, this made the justice more ‘open’, because transcripts for this type of hearing are not published as a matter of course.

The Court also restricted public access to confidential documents that the hacker had stolen, and which the company produced to the Court in evidence.

The steps taken by the Court meant that: (i) sensitive confidential information that the company produced in evidence was kept confidential; and (ii) costs in the application were kept down.  It is a commendably pragmatic approach.

Tags

cyber security, data protection, risk, europe