William Stadler – Court Ruling (United Kingdom, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A UK court ruled that a consumer electronics chain did not breach data protection laws when it resold a faulty Smart TV without wiping the previous owner's data. The court found that the company was not responsible for deleting the data since the customer did not log out of their apps before returning the TV. This case highlights the importance of ensuring personal data is removed from devices before returning them for repair or resale.
What happened
A Smart TV was resold without a data wipe, allowing the new owner to access the previous owner's Amazon account.
Who was affected
The original owner of the Smart TV, whose personal data was still accessible on the device.
What the authority found
The court ruled that the company was not liable for the data misuse because it was not aware of the data and the customer had not logged out.
Why this matters
This case underscores the responsibility of consumers to remove personal data from devices before returning them, as companies may not be held liable for data left on returned products.
National Law Articles
The claimant is a data subject who purchased a Smart TV from the defendant, a consumer electronics chain. After a certain period of use, the device broke down. On the device, the claimant had stored personal data such as names, account details and payment data for several apps. The defendant requested the return of the device for repair but the claimant was not asked to delete and/or remove personal data before sending it in. Although faulty, the device had enough functionality to allow a user to log out from any apps. Notably, the claimant did not log out of their Amazon app before leaving the TV with the defendant. Later, the parties agreed that any repair of the device would be disproportionately costly and so the TV should be written-off. The claimant’s understanding was that the device would be destroyed. However, the defendant re-sold the unit without performing a factory reset or data wipe. Subsequently, someone used the claimant's Amazon account through the unit to make a small in-app purchase. The claimant became aware of the transaction and, following a complaint, the defendant refunded the cost incurred and provided a shopping voucher as a gesture of goodwill. The claimant argued that the defendant breached its data protection duties by disposing of the device without first wiping any data stored on it, and brought an action for damages in the High Court for misuse of private information, breach of confidence, negligence, and breach of data protection law under Article 82 UK-GDPR and sections 168 and 169 of the [https://www.legislation.gov.uk/ukpga/2018/12/contents/enacted Data Protection Act (DPA) 2018]. The defendant applied for the claim to be struck out under 3.4(2)(a) and (b) CPR or, alternatively, to grant summary judgement under 24.2 CPR since “it did not process the data and was not a data controller because it did not know about the data, had not been made aware of it, and reasonably believed it to be the responsibility of the claimant. Furtherm
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for William Stadler in UK
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. William Stadler - United Kingdom (2022). Retrieved from cookiefines.eu
Last updated: