HomepageCommercial LawPrivate LawPublic Law & Human RightsCriminal LawEU & International LawCareers

Accessibility

Have Irlen Syndrome, or need different contrast? Click the button below for options.

Background Colours

Subscribe

Enter you email address below to subscribe to free customisable article notifications.

Alternatively, click the button below for our various RSS Feeds (available journal wide, or per section).

Vidal-Hall v Google: Can Big Brother Be Defeated?

Article Cover Image

About The Author

Chris Bridges (Executive Editor)

Chris is an IT and Data Protection solicitor at a top 20 full service firm and the founder of Keep Calm Talk Law. He also contributes to Computers and Law and other sector specific publications.

[Read More]

On Friday 27 March 2015, the Court of Appeal handed down a judgment in Vidal-Hall v Google. Whilst this judgment is only the second in what looks likely to be a series of appeals before the substantive matter reaches trial, it sets clear signposts for a trial that could revolutionise the way online giants make their money. There is however one very large caveat, which will be set out in the conclusion.

This article aims to provide a comprehensive background, analysis and comment on the Court of Appeal judgment. It is therefore lengthy, and for convenience has been split into six parts, each of which I could not bring myself to disregard. Almost every element of this case is incredibly interesting, with questions of both legal construction and interpretation. However, rather than enforce my interests on the reader, you can select which parts you have enough interest in to read via the links below.

If you are already familiar with the case background and the way in which Google operates in the digital advertising industry, you may wish to skip the first two sections. Both are useful for an understanding of the context in which the claim is brought, and the implications it may have, but are not strictly necessary for understanding of the judgment.

  1. Industry Background – how Google operates its advertising empire, and the wider effect of judgment in the claimants’ favour.
  2. Case Background – the facts underlying the action.
  3. Issue #1 – is there a tort of misuse of private information?
  4. Issue #2 – is Browser-Generated Information personal data under Section 1 of the Data Protection Act 1998?
  5. Issue #3 – does Section 13 of the Data Protection Act 1998 allow compensation for distress where there has been no pecuniary loss?
  6. Conclusion: None of This Matters because advertising platforms rely on consumer ignorance, which is unlikely to be cured anytime soon. Consumer protection may lie in the hands of browser vendors.

Note: hereon, the Data Protection Act 1998 is referred to as ‘DPA’, and Browser-Generated Information as ‘BGI’.

Industry Background & Wider Effect of Judgment in the Claimants’ Favour

In recent years, targeted advertising has been the be-all-end-all of digital marketing. Everybody is at it. The majority of the mainstream social networks (including Facebook, Twitter and LinkedIn) offer targeted advertising solutions, as do virtually every advertising platform of any decent size.

This judgment, and those that follow it, are likely to have the greatest effect on the latter category of advertiser. Advertising platforms typically collect ‘anonymised data’ as users traverse the internet, which they then use to target particular categories of internet users based on criteria provided by the advertising client, either on the platform’s own website, or a member website.

Google’s DoubleClick advertising platform, the subject of this litigation, reportedly holds as much as 77% of the market share, serving adverts on both Google and member owned websites. In summary, this is how it works:

  1. Website owners (known as ‘Publishers’) become ‘network members’ by signing up to Google AdSense or DoubleClick Ad Exchange (a jazzier version of AdSense for larger Publishers), which allows them to earn advertising revenue without pursuing advertising clients (‘Advertisers’) directly; and
  2. Advertisers acquire advertising space on either of Google websites, Publishers’ websites, or on both, through Google AdWords.

Thus, Google acts as both a platform provider and an advertising network, essentially functioning as an intermediary between Publishers and Advertisers. Through an automated ‘Pay Per Click’ bidding system, Advertisers compete for ad space on Publishers’ websites, and Google takes a sizeable proportion of the revenue for its trouble. At the time the Particulars of Claim in Vidall-Hall v Google was drafted (2013), which is appended to the judgment, 96% of Google’s Revenue was generated through advertising, amounting to US$36.5 billion (at para. 6.1).

Thus, if Google was no longer able to offer these targeted services in Europe, or was only able to do so on a limited basis, its entire current business model could be significantly undermined. Whilst Google is undoubtedly diversifying, it is doing so into R&D heavy sectors, such as smart homes, driverless cars, and other ‘technologies of the future’. These ventures require heavy investment, and Google’s current offerings undoubtedly act as an important cash generator.

Currently, ‘opt-outs’ of tracking come in two forms:

  1. The Safari web browser, by default, blocks tracking, unless the user explicitly goes into their browser settings and enables it;
  2. Other web browsers have a ‘Do Not Track’ feature, which politely requests that advertisers do not track them. Currently, only Safari and Internet Explorer 10+ enable this by default.

It is important to note that Do Not Track is a technical specification, with no solid legal effect. It is essentially an industry standard. The technical specification states it should not be enabled by default.

There has been some controversy over whether Do Not Track should therefore be followed by online companies, particularly where it is enabled by default. Both Google and Facebook have previously expressed they are unwilling to do so.

However, the case (when and if it finally reaches trial) will likely set the boundaries on what is, and is not permissible. If the claimants are successful, and the European Courts agree, Google will no longer be able to flout the consent of internet users. Whilst this case is not directly related to Do Not Track, the logic will stand; disregard the consent of the internet user in any way, and you may face hefty fines from data protection authorities, a class action, or both.

Case Background

The Background Facts

The three claimants were all individuals that owned Apple computers between summer 2011 and 17 February 2012, and accessed the internet via the Safari browser.

Safari, as noted above, automatically blocks all third-party tracking cookies. Between the aforementioned dates, Google DoubleClick either knowingly or recklessly used a workaround to avoid this block, despite representing on their website that Safari users need not take any further steps to block DoubleClick from tracking their usage. For more on this, see my article on the High Court judgment.

The claimants alleged that this revealed private information about themselves to other users of the computer, and to onlookers, such as someone peering over their shoulders at their screen.

They therefore brought a claim for misuse of private information, and for breach of the DPA. They are claiming damages for anxiety and distress, and for aggravated damages for either i) not being aware of the issue when they should have been, or ii) being aware of the issue and doing nothing about it.

The High Court found that:

  1. There was a tort of misuse of private information;
  2. There was also a cause of action under the DPA; and
  3. There was a reasonable prospect of success on one or both causes of action.

The judge therefore upheld the High Court Master’s decision, permitting service of a claim form out of jurisdiction.

Google appealed on all three matters.

The Nature of This Judgment

It should be noted that both this judgment, and the High Court judgment from which this arose, are not trial judgments. Both matters were judgments on preliminary issues, namely whether a claim form could be served out of jurisdiction.

Therefore, there is still a long way to go before any closure is obtained on this matter. As the case has not yet reached trial, the court will only analyse so far as is necessary to determine whether there is a real prospect of success. The decision may therefore have little bearing on the eventual outcome of this matter.

Issue #1: The Tort of Misuse of Private Information

To bring a claim against a non-EU defendant in England & Wales, you must satisfy the common law rules of jurisdiction. In brief, unless the defendant is present or submits, this requires permission from the court (CPR 6.36).

First, you must establish a ‘jurisdictional gateway’, or in other words, the claim must be of a particular type, which are set out in CPR PD 6B 3.1.

Traditionally, misuse of private information has been ‘absorbed’ as a branch of the equitable law of confidence. Equitable actions are not provided a gateway in CPR PD 6B 3.1, and traditionally breach of confidence has (correctly) not been treated as a tort for these purposes. Torts do have a gateway under CPR PD 6B 3.1(9).

However, this has not been a happy situation. Courts over the past decade and beyond have toiled with the clumsy situation of fitting breach of privacy into a fundamentally different in character equitable remedy.

Whilst confidentiality and privacy are not miles apart, nor are they synonymous. I shall therefore highlight some of the key differences, which ultimately require that privacy should be a discrete cause of action in tort.

Confidence

As noted above, confidence is an equitable remedy. There is therefore no jurisdictional gateway for the purposes of CPR 6.36.

Breach of confidence has traditionally required a relationship or circumstance that ‘imports an obligation of confidence’, and must be related to information that has the necessary qualities of confidence (see the seminal case: Coco v Clark [1969] RPC 41).

It prevents and/or punishes persons for acting unfairly, for instance by disclosing sensitive commercial information where there was an explicit or implicit equitable (in the broad sense) obligation. This is by nature an equitable remedy; it prevents one person taking an unfair advantage of another where the circumstances have imported or implied an element of trust.

Case law has developed what will equate to ‘information with the necessary qualities of confidence’, and overall, it has developed logically. When you hear the term ‘confidential information’, phrases such as ‘need to know’ and ‘secret’ come to mind. Likewise, the courts have decided confidential information must, among others things:

  • not already be in the public domain (Saltman Engineering Co v Campbell Engineering Co [1948] 65 R.P.C 203);
  • have commercial value (Thomas Marshall (Exports) Ltd v Guinie [1979] Ch. 227).

Privacy

The idea of privacy, whilst related to some extent, is fundamentally different. Privacy, in its ordinary meaning, relates to personal information, not ‘secret’ information.

Known to the public

Personal information may be known to a section of the public, but still be private. For instance, you may have published on Facebook, which only your close friends can see, that you are engaged, but you do not want the world to know. Confidence would arguably be defeated here; the information is in the public domain.

Privacy, however, would not. It would be a breach of your privacy if a newspaper found out, and splashed it across their front.

Value

Private information can have commercial value, but more often it does not. For instance, take a drug addiction. A newspapers knowledge of an ordinary person’s addiction has no commercial value, whereas knowledge of a celebrity’s addiction does.

Disclosure to the public

In the present case, there is arguably no disclosure. Whilst Google is using your information to enhance its commercial offering, it is not handing this information over to Advertisers directly. Thus, a claim for breach of confidence would, on the face of it, fail. In the present case, the argument would therefore be that disclosure was to third party users of the same computer who saw your tailored adverts, or the person peering over your shoulder.

However, privacy does not require disclosure to be infringed. Using private information to enhance a commercial offering without consent, as is the case here, would be an abuse of your privacy. Likewise, an unwarranted pat-down search at the airport would be an abuse of your privacy without any disclosure.

The Court’s Dilemma

The Court of Appeal essentially faced an analysis similar (but longer) to the above. Whilst misuse of private information has successfully been actioned through the law of confidence, it has been an uncomfortable ‘shoehorning’.

In the present case, they would likely have been able to shoehorn Google’s misuse into the law of confidence as courts have previously done (here, information was not in the public domain, and it had commercial value). However, this would have blocked the claimants from bringing an action for misuse of private information in this instance where the claim form needed to be served out of jurisdiction. Thus, the court finally had an incentive to make a clear distinction as ratio (for the non-lawyers: key to the finding of the case, and thus binding on courts in future).

Courts gone by have toyed with the idea of misuse of private information as a tort, but it has always been dicta (non-lawyers: judges going off on a tangent, discussing issues that are not material to the finding, and thus are not binding).

To cut a long story short, this issue was decided by a great deal of toing and froing on whether previous judgments containing commentary on this issue were ratio or dicta. The Court of Appeal decided in favour of the claimant, separating misuse of private information from confidence as a tort in its own right, essentially on the basis that previous courts would have done so had the circumstances demanded it.

However, the court was quick to clarify that they were not creating a new cause of action (at para. 51):

This does not create a new cause of action. In our view, it simply gives the correct legal label to one that already exists.

Therefore, this is un-revolutionary, although the court did recognise ‘there may be broader implications from our conclusions, for example as to remedies, limitation and vicarious liability’.

Comment

This, to me, was a strong decision. It is clear from past case law that the court has found the shoehorning of privacy into the equitable law of confidence uncomfortable. In fact, virtually every time it has arisen with any significance, judges have troubled with the issue in dicta. Counsel for Google alleged ‘it has not caused problems before’; judicial opinion begs to differ!

Whilst this is unlikely to play any significance in the vast majority of cases (it only did here due to service out of jurisdiction), I still see judgment on this issue as a clear signpost for the way privacy law is heading. A discrete cause of action is another example of judicial support for the protection of privacy.

Further, misuse of private information has been recognised as a distinct cause of action, which should, in theory, make it easier to argue, particularly where there is no clear overlap with confidence.

Whilst in many cases one already has a good cause of action through the DPA, this is not always the case (it may not be the case here, depending on how Issue #2 and #3 below are resolved in any further appeals).

Issue #2: Is BGI personal data under the DPA?

If BGI does not constitute personal data, the claimants would have no alternative cause of action to the misuse of private information under the DPA.

Personal data is defined by Section 1(1) of the DPA as follows:

“personal data” means data which relate to a living individual who can be identified—

(a) from those data, or

(b) from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller…

I quote the claimants Particulars of Claim for what exactly BGI in this context include:

  1. The website visited.
  2. The date on which the website was visited.
  3. The time at which the website was visited.
  4. The duration of the visit to the website.
  5. The pages of the website visited.
  6. The time spent visiting each page of the website.
  7. The advertisement(s) viewed.
  8. Information as to where the advertisement(s) was/were placed on the website visited.
  9. The IP Address of the browser, as a result of which it is often possible to determine approximate geographical location (to the nearest town or city).

This data is then ‘linked’ to an individual browser by a unique identifier stored in a tracking cookie, which is placed on the user’s computer.

Through this information, Google are able to target adverts to you: they classify you by keyword, and then offer advertisers the ability to target keywords. It is easy to see how they could quickly develop an understanding of your interests, your sexual orientation, when you are typically at your computer, whether you are in debt, and so on.

This sounds pretty personal to me, but Google had a good go at rebutting the logical conclusion, advancing three arguments, each dealt with in turn below.

The Meaning of ‘Identification’

Google advanced the argument that identification is shorthand for ‘identification by name’. Without access to Internet Service Provider records (and thus correlations between IP Addresses and Customers), Google could not identify a user by name, and thus the claimants could not establish a claim based on s1(1)(a).

However, the Court of Appeal refused to accept this argument. Identification essentially boils down to being able to make decisions based on the person behind the computer; it singles one internet user out from many billions.

Rather comically, Google suggested that this is an invalid argument as multiple users use the same machine. Clearly, in modern day Europe most people access the internet on their own device, whether it is a phone or a laptop; this is what their targeted advertising service relies on, so they did not stand much chance on that one!

Segregation of Data

Google also argued that a claim could not be established on s1(1)(b), as although in many cases they had identifying (by name) data pertaining to individuals that could be linked with the tracking data, they did not do so. The identifying data here would be account data, where the internet user has a Google Account (e.g. for Gmail, Calendar, Android etc.).

This argument, of course, relies on the first being correct, that identifiable means identifiable by name.

However, the court knocked this argument straight out, without reference to the first. The defendant sought to rely on a Recital of Directive 95/46/EC, which the DPA transposes, arguing that it constrains a provision of the Directive. The Recital in question was 26, which states ‘account should be taken of all the means likely reasonably to be used either by the controller or by any person to identify the said person…’.

As the court accepted Google never linked this data, Google argued this wording constrained the wording of Article 2(a) (s1 DPA). However, the court held that a Recital could not constrain a provision. A provision with a wider meaning than a Recital must prevail. This makes perfect sense. Metaphorically speaking, Articles are written in stone, Recitals are written on paper, with a pencil.

Therefore the literal meaning contained in s1(1)(b) prevailed, namely ‘in possession of’ and ‘can be used’, which are clearly established here, whether or not Google had any intention to use the account data for identification purposes.

Knowledge of Third Parties

The High Court judge relied on a third route of identification in his decision: other users linking the personal information to them by using their computer, or ‘peering over their shoulder’ at the adverts being displayed.

Google contended this could not stand, as the knowledge of this third party is unlikely to come into the hands of Google (the data controller). Again, this pertains to s1(1)(b).

The claimants argued you cannot exclude third parties from the equation, and that the display of contextual adverts is essentially vicarious disclosure of the claimants’ private information to a notional third party.

However, I cannot help but feel the Court of Appeal copped out a bit here, simply deciding that there was a substantive issue to be considered, thus leaving it for trial.

Comment

I have very little doubt as to whether the claimants will successfully categorise BGI as personal data at trial. It appears to me as one of those happy situations where the law must follow simple logic.

The BGI in this instance is fundamentally personal. Whilst one individual piece (e.g. one website visit) is arguably un-insightful into a person’s private life, many pieces collated together allow Google to build a comprehensive profile of that person, even if they do not link that person to a name.

This is, to many people, downright creepy, and allows a large corporation to profit from what could be very sensitive personal information. Further, it vicariously discloses this personal data through contextual adverts to onlookers.

If this is not found to be personal data at trial, there is a fundamental flaw in European data protection legislation and I want my money back, please.

However, potential complaints aside, I would suggest that BGI in this context neatly fits into s1(1)(a) DPA – the data directly identifies an individual, even if not by name.

Issue #3: The meaning of damages in s13 DPA 1998 – a claim for compensation without pecuniary loss

Whilst Issue #2 is resolved, and, according to the Court of Appeal, there is a cause of action under the DPA, there would be no remedy for the claimants unless s13 DPA is read to allow damages for distress, independent of any financial loss.

The claimants are claiming solely for distress and they cannot establish even nominal financial loss on which to attach their claim, as has occurred in previous cases under the DPA.

Section 13 DPA sets out when damages can be obtained for breach of the DPA:

(1) An individual who suffers damage by reason of any contravention by a data controller of any of the requirements of this Act is entitled to compensation from the data controller for that damage.

(2) An individual who suffers distress by reason of any contravention by a data controller of any of the requirements of this Act is entitled to compensation from the data controller for that distress if—

(a) the individual also suffers damage by reason of the contravention, or

(b) the contravention relates to the processing of personal data for the special purposes.

Plainly, on the natural reading of s13(2), damages for distress are only possible where the claimant also suffers ‘damage’ (i.e. pecuniary under s13(1)), or whether the contravention is for a special purpose (see s3 – journalism etc.).

The current case law position appears to be that non-pecuniary damages are not available under the DPA, as decided in Johnson v Medical Defence Union. However, the court in that case toyed with submitting the issue to the ECJ, but did not do so as a decision on non-pecuniary damages was not necessary for the outcome of that case. The Court of Appeal in the present case found that this was not binding.

Therefore, for the claimants here to have a remedy under the DPA, the court had to look to Directive 95/46/EC and assess whether the DPA is an effective transposition.

Article 23 is the article in question:

Liability

  1. Member States shall provide that any person who has suffered damage as a result of an unlawful processing operation or of any act incompatible with the national provisions adopted pursuant to this Directive is entitled to receive compensation from the controller for the damage suffered.
  2. The controller may be exempted from this liability, in whole or in part, if he proves that he is not responsible for the event giving rise to the damage.

This is unhelpful. It is not clear from Article 23 whether the intent of the European legislature was to include non-pecuniary damages.

What then, did the EU legislature intend? The Master of the Rolls and Lady Justice Sharp considered Leitner v TUI Deutschland GmbhH & Co, which considers non-pecuniary damages under a package travel directive (‘the Package Travel Directive’) which also failed to express a position.

In that case, it was held that non-pecuniary damages were available as they were frequent and important in the context of package travel. In a package travel context, you are more likely to suffer from loss of enjoyment rather than any financial damage, thus non-pecuniary damages must be available.

Applying this principle to data protection, the Data Protection Directive relates to privacy, not economic rights, suggesting the more likely damage will be non-pecuniary. Further, reading Article 1 with Recital 10, the Data Protection Directive is based upon both the ECHR Right to Privacy and the equivalent rights under EU law, both of which frequently involve actions for non-pecuniary loss. Therefore, common sense suggests the Data Protection Directive must allow non-pecuniary damages.

Unfortunately, the court found that despite this implied meaning, it appeared the UK parliament intended to restrict the meaning of damages in its implementation, and thus the court could not interpret s13(2) compatibly with Article 23 of the directive (the Marleasing principle), therefore the only remedy available would be against the state (see Froncovich).

However, not all was lost. Instead, the court relied on s13(2)’s incompatibility with the underlying rights on which the DPA is fundamentally based, namely the Article 7 & 8 rights in the European Charter of Fundamental Rights.

The European Charter applies where domestic bodies are implementing EU legislation, as was the case when parliament implemented the Data Protection Directive into domestic law in the form of the DPA.

This has proved a non-issue before for UK courts, who have refused to dis-apply domestic legislation on such grounds, as in the infamous prisoner voting case (R (Chester) v Secretary of State for Justice). However, the Court of Appeal distinguished the present case from Chester, as that case required the Supreme Court to make legislature choices that were outside of its jurisdiction (e.g. practical and administrative choices of how to go about permitting prisoner voting).

Here, the Court of Appeal did not need to make any legislature choices: by striking out s13(2), there was a fall back onto s13(1) which could be read to include all damages, whether pecuniary or otherwise. In essence, the court did not need to read any additional provisions into the DPA for it to ‘make sense’.

Comment

Whilst I feel the Court of Appeal’s reasoning is sound, it opens doors for many more years of appeal. By reading meaning into EU legislation, this mere application for service of a claim for out of jurisdiction may well see the Supreme Court and the ECJ before it even reaches trial.

Given how long these things take, and assuming this element of the judgment is appealed all the way to the ECJ, it is unlikely a substantive trial will be held on this matter before 2018. By this point the new EU Data Protection Regulation will, we all hope, be in force, and the reading of the current data protection directive will be entirely redundant.

This is an undesirable state of affairs. However, it is all likely to be immaterial, see the next section for why…

Conclusion: None of This Really Matters

Currently, advertising platforms rely on the ignorance of their users. The vast majority of internet users are oblivious to what Google DoubleClick, and the many other services like it, are doing.

Therefore, whilst the decisions in Vidal-Hall v Google are all very interesting, until all web browsers ship with default settings blocking third party cookies and/or request that these services ‘Do Not Track’, the outcome of this case will have very little significance.

Further, Google and its competitors will likely continue to advocate that an opt-out is not valid unless expressly done by the end-user, rather than assumed for them by browser vendors.

Ultimately, therefore, the significance of Vidal-Hall v Google, regardless of outcome, will depend on two things, assuming the legislative position remains the same:

  1. Whether more browser vendors adopt a default position of defending their users’ privacy; and
  2. Whether a non-explicit opt-out of tracking has any legal effect.

This second issue may well be resolved at trial (and already has been in the US, where Google was fined for this same workaround), but the first is solely in the hands of browser vendors.

Sadly, by far the most popular browser is Google Chrome with a market share of 62.5%, and somehow I do not think they will be adopting a default setting of blocking tracking any time soon…

Future Legislation

The only solution, therefore, is that future legislation requires explicit consent.

The upcoming Data Protection Regulation, in its current draft form, proposes to require explicit consent from users for data collection (see Matt Bogdan’s article ‘The EU Data Protection Regulation and UK Business’ for more on this).

As Matt notes in his article, data collection under the new Regulation is likely to require ‘freely given, specific, informed and explicit indication … either by a statement or by a clear affirmative action’.

How this will apply in the context of online tracking cookies remains to be seen. Practically speaking, browsers could not be required by the new Regulation to block tracking cookies by such a requirement; they are not the data controller, the organisation setting the cookie is.

However, how else could Google, and others like it, obtain consent?

Of course, explicitly enabling third party tracking in your web browser settings away from a default of disabled would be clear consent.

My problem here is that it may well be easy for Google to get around any new consent requirements, by cutting browsers out of the picture (so far as they do not disable tracking by default, which I suspect Google Chrome never will).

I dare say the vast majority of internet users use Google on a weekly basis. By merely continuing to use the search engine after seeing a prompt saying ‘by submitting a Google search, you hereby consent to our privacy policy’, you would have given explicit indication of your consent to everything contained within Google’s privacy policy.

Would this stand? Based on how consent under the 2011 EU Cookie Directive has been implemented, I think so. This is the most common implementation method of that directive, and has received little criticism.

Thus, it seems that Google may well be too big to defeat without specific legislation requiring browsers (including Google Chrome) to ship with default settings blocking tracking cookies.

Otherwise, so long as Google remains the most popular browser vendor and search engine, what hope do we have of not being tracked?

Beware, Big Brother is watching.

For the latest articles straight to your inbox, you can subscribe for free. Alternatively, follow @KeepCalmTalkLaw on Twitter or Like us on Facebook.

Tagged: Commercial Law, European Union, Privacy Law

Comment / Show Comments (0)

You May Also Be Interested In...

GDPR: Challenges for Businesses, Eighteen Months On

3rd Dec 2019 by Kerry Gibbs (Guest Author)

The Legal Mechanisms of a Greek Exit

21st May 2015 by Alex Hitchcock

The EU Data Protection Regulation and UK Business

4th Nov 2014 by Matt Bogdan

The Emergence of ODR

13th Oct 2014 by Hannah Larsen

Is There Really a ‘Right’ to be Forgotten?

17th May 2014 by Chris Bridges

It's not the end of the line for data retention

10th Apr 2014 by Chris Bridges

Section Pick May

Taming the Retail Giants: The Impact of Mergers & Acquisitions on Competition

Editors' Pick Image

View More

KCTL News

Keep Calm Talk Law: Moving Forward

3rd Sep 2019

Changing of the Guard: Moving Keep Calm Talk Law Forward

12th Aug 2018

An Anniversary or Two: Four Years of Keep Calm Talk Law

11th Nov 2017

Rising from the Ashes: The Return of Keep Calm Talk Law

18th Nov 2016

Two Years On, Keep Calm Talk Law’s Legacy is Expanding

11th Nov 2015

Twitter

Javascript must be enabled for the Twitter plugin to function. Click below to visit us on Twitter.

Free Email Subscription

Subscribe to Keep Calm Talk Law for email updates, and/or weekly roundups. You can tailor your subscription on activation. Both fields are required.

Your occupation / Career stage is used to tailor your subscription and for readership monitoring.

Uncheck this box if you do not want to receive our monthly newsletter.

By clicking the Subscribe button, you agree to our privacy policy and terms of service. Please ensure you read these in full.

Free Subscription