Data protection breach decision upheld in hospice worker's unauthorised breaks case
Mr Justice Seamus Noonan, on behalf of the three-judge appeal court, said it seemed to him that it could not reasonably be said that Mr Doolin had either been notified that the CCTV could be used for disciplinary purposes or that there was any basis upon which he ought reasonably to have expected such use. File picture
The Court of Appeal has upheld a decision that a hospice employee's data protection rights were breached over the use of data from CCTV footage in a disciplinary investigation into unauthorised breaks.
The disciplinary action against Cormac Doolin arose as a result of an inquiry into graffiti which had been carved into a table of the staff tea room saying: "Kill all whites, ISIS is my life".
It was found in the tea room of Our Lady’s Hospice and Care Service, Harold’s Cross, Dublin, less than a week after terror attacks at the Bataclan and elsewhere in Paris in November 2015. Hospice management contacted gardaí.
As a result of viewing who had gone into the tea room over a three-day period, it prompted a disciplinary process against Mr Doolin, a craftsman's mate at the hospice. There was no suggestion that Mr Doolin had any involvement in the graffiti incident.
Hospice management viewed the footage which showed Mr Doolin entering the room on a number of occasions. This led to the disciplinary process and sanction against Mr Doolin over unauthorised breaks.
He complained about a breach of his data rights to the Data Protection Commission (DPC) which rejected the complaint.
The DPC was satisfied that the processing of his personal data (his image), without downloading or further processing, was necessary for the purpose of security (the grafiti incident) and did not go beyond that purpose. He appealed to the Circuit Court which upheld the DPC decision.
Mr Doolin then appealed to the High Court which found the DPC had erred in law and had made an incorrect interpretation of "processing" under the terms of the Data Protection Act 1988. The DPC appealed that decision to the Court of Appeal (CoA) which upheld the High Court decision.
Mr Justice Seamus Noonan, on behalf of the three-judge appeal court, said it seemed to him that it could not reasonably be said that Mr Doolin had either been notified that the CCTV could be used for disciplinary purposes or that there was any basis upon which he ought reasonably to have expected such use.
It seemed to the judge "the contrary is much more likely to be the case".
It was also clear Mr Doolin’s data was indeed used for a purpose other than, and incompatible with, the specified purpose and was therefore unlawful, he said.
Mr Justice Noonan also said there have already been three appeals in this case in which the costs involved were entirely disproportionate to the issue involved. There could yet be an appeal to the Supreme Court, he said and there was no "obvious necessity" for such a multiplicity of appeals.
The situation arising in this case was by no means unique as there are other similar statutory provisions providing for such layers of appeal, he said.
"It is to be hoped that the legislature will address this issue soon", he added
