The Memo: What happened with David Walliams and why you need to know about it: torts, data, and GDPR

Group 723.png

What happened with David Walliams and why you need to know about it: torts, data, and GDPR

Sose Ebodaghe – 11 December 2023

Comedian, children’s author, and now former Britain’s Got Talent judge David Walliams found himself in hot water recently when sexually explicit and profanity-ridden comments he made about contestants on the nationwide talent show were leaked and published by The Guardian. In retaliation, Walliams filed a lawsuit against FremantleMedia, the show’s production company, on numerous counts - namely breaching the UK General Data Protection Regulation (UK GDPR) and Data Protection Act (DPA) 2018, and the torts of financial loss, psychiatric harm, and misuse of private information. So, let’s take a closer look at the legal backdrop to this case.

Walliams stated that his podcast and upcoming TV appearances fell through because of the publication, as did two planned stage adaptations of his children’s books, apparently totalling around £1.7m in lost earnings. This all resulted from what he stated was Freemantle’s misuse of his private information (a tort introduced by the House of Lords in the famous case of Naomi Campbell v Mirror Group Newspapers [2004]).

This is primarily about protecting ‘human autonomy and the right to control the dissemination of information about one’s private life’, in accordance with Article 8 – the right to respect private life and correspondence – and 10 – the right to freedom of expression – of the European Convention of Human Rights. Courts will generally adopt a two-stage test to prove this tort, looking at whether the claimant – Walliams, in this case – had a reasonable expectation of privacy, and then balance the competing privacy rights of the claimant with the rights of the publisher to convey the information in question.

The culmination of all this controversy apparently impaired the comedian’s “ability to be spontaneous and edgy”, as he “feared that what he says and does…may be recorded and leaked without his consent” with supporting documents from his psychotherapist claiming that he is “plagued by uncontrollable negative thoughts.” Further, Walliams claimed that he and his fellow judges would engage in playful banter in breaks during filming, of which he was allegedly unaware was being recorded and transcribed despite BGT’s 2018 announcement that their cameras would now be rolling ‘24/7’, but the content of the conversations included sensitive personal matters too.

To understand why Walliams is claiming that Fremantle breached data laws (and be aware of them yourself), you should know the basics of the UK GDPR and the DPA, and what constitutes a breach. Articles 5(1) and (2) of the GDPR detail seven paramount principles for data protection, with a violation of any of these constituting a breach:

  • Lawfulness, fairness and transparency: data processing must be open and honest, handled in ways people would reasonably expect while adhering to statute and common law obligations
  • Purpose limitation: must clearly state processing purposes, recording and specifying them in privacy information for individuals
  • Data minimisation: ensure that personal data being processed is adequate, relevant, and limited to what’s necessary
  • Accuracy: take all reasonable steps to ensure personal data isn’t incorrect/misleading/outdated
  • Storage limitation: must not keep personal data longer for than necessary, erasing or anonymising it when you don’t need it
  • Integrity and confidentiality: ensure implementation of appropriate measure to protect personal data being processed or held
  • Accountability: take responsibility for whatever is done with personal data and compliance with above principles

The DPA is meant to supplement the GDPR, providing more robust protection for processing sensitive data in the UK. This sensitive data includes race and ethnicity, political leanings, and sexual orientation to name a few. It also gives you the right to know what information is being stored about you, have your data erased, reuse your data for different services, and object to how your data is processed, among other things. Luckily for Walliams, Fremantle settled the case this past week, apologising to the author and reaching an ‘amicable’ resolution.