While the chaos of the coronavirus pandemic engulfs us all, it is easy to forget that normal life continues, and legal cases continue to be decided and decisions published.
Two enormously important cases this week, involving two of our largest employers, have big implications for the relationship between employers and employees, especially with regards to Vicarious Liability.
Peter Stanway, our BackupHR™ legal expert comments:
Vicarious Liability has often sent a shudder down the spine of many employers. It is the legal principle that assigns liability for an injurious act to a person who, while they did not cause the injury, has a particular legal relationship to the person who did act negligently. Typically, it relates to the liability that employers have for their employees’ actions while they are at work.
The first case involved Morrisons. An employee in their Internal Audit Department had borne a grudge against the company ever since he had received a warning about his conduct.
So, when he had access to the payroll for around 120,000 employees, he had taken a copy of the data file. The following Sunday, in an act of revenge, he sent a copy of this to 3 national newspapers and published all of the data online. He was sent to prison for his actions.
A class action had been taken by around 9,000 affected employees against the company. This alleged that their employer was were vicariously liable for this data breach. In other words, Morrisons were as responsible for the data breach as if they had ordered it themselves. Initial judgement had gone against Morrisons, and it had been upheld in the Court of Appeal, who amongst other legal reasoning said that this is why employers have insurance!
All of this had prompted real panic among employers, who could now be held to ransom by disgruntled or misguided employees. They could simply release data they had stolen and give the company a massive headache and a big damages bill.
The Supreme Court, however, disagreed with both judgements. We won’t bore you with all of the legal arguments, but it boiled down to the argument that employers were liable for the action of employees when they were legitimately pursuing the company’s interests. In other words, because this was a spiteful act of vengeance by the employee and well beyond what was expected of him during his normal duties, the company could not be held liable.
This does not mean that every data breach accidentally released by an employee cannot be found to be the company’s fault. In fact, the judgement warned companies that it did not let them off the hook, but the case in point was a particular set of circumstances, where the employee was not even pretending to pursue the company’s best interests.
In a second case this week, Barclays Bank also won an appeal in the Supreme Court against its own employees. This case was about deciding if the company could be held liable for the actions of other companies or individuals who were employed to do its work.
The case was brought against a doctor who ran his own company, providing pre-employment health screening for employees. It was alleged that the doctor, who died some time ago, had performed inappropriate intimate examinations of female employees over and above that required for the health checks requested.
Originally it was held that as the doctor was an agent of the bank, and asked to do its business the bank could be found liable, vicariously, for his behaviour.
Again the Supreme Court disagreed. And they said that an organisation (or person) can only be held vicariously liable for the acts of someone who is not his or her employee, provided the relationship between them is sufficiently akin or analogous to employment.
So while an organisation is responsible for its employees, they are only responsible for others if they look like and act like employees. Independent contractors are not employees and the bank cannot be responsible for their actions.
The doctor in this case ran his own business, could decide whether or not to do the checks, was free to do them when he wanted rather than when the bank insisted and so on. In other words he was an independent supplier to the bank with his own insurance, and his own liability through his affairs.
An earlier judgement had suggested using a similar test that HMRC uses to identify workers to decide if the organisation is liable for their behaviour. Meaning those that are not fully employees, but look quite like them – organisations like Deliveroo and Uber come to mind.
The Supreme Court said that while it was tempting to tidy up the law so that the two were aligned, the common law principle of vicarious liability was well established and did not need to be aligned to anything else.
Both decisions are highly significant. Had either been upheld, then the notion of vicarious liability would have been extended, and presumably subsequent decisions could have extended it even further.
The law has now been established that organisations can only be held liable for the actions of their employees if:
- They are seen as employees or workers of the company, not independent contractors;
- They are pursuing the company’s legitimate interests;
- They are not pursuing their own misguided agenda;
Heed the Supreme Court’s warnings, however. You do need to recognise that in most circumstances the actions that your employees perform while they are working are also your responsibility.
There are numerous areas where this applies, one of the most overlooked is employees using their own cars to do the company’s business. If the car is not properly serviced, nor properly insured, then the company could well find itself liable if the employee is involved in an accident.
- Ensure that self-employed contractors have adequate insurance and insofar as you can that they are professional and monitored.
- Make sure that you have systems in place which make it difficult for employees to cause damage which will reflect badly on you.
- Check that your insurance is adequate because despite these cases, judges will still have sympathy for victims and want to offer some sort of recompense.
The guidance provided in this article is just that – guidance. Before taking any action make sure that you know what you are doing, or call us for a free initial chat on 01480 677980.