This article explores whether Singapore Courts should expand the traditional tort of breach of confidence to act as an independent and general cause of action for the invasion of one’s privacy, in light of developments in the United Kingdom, Australia and Malaysia. It argues that recognition of privacy rights is a matter best left for the legislature and that the existing law in Singapore sufficiently protects personal private facts of individuals, without need for a general cause of action for invasion of privacy.
“Old Fashioned” Breach of Confidence: The Singapore Approach to Privacy Law
It is well established that the law protects confidential information in the commercial context, with the UK Supreme Court’s Lord Neuberger noting in Vestergaard Frandsen A/S v Bestnet Europe Limited and others[2013] UKSC 31 (“Vestegaard”) that “the protection of intellectual property, including trade secrets, is one of the vital contributions of the law”.1However, how does the law guard against the unwanted disclosure of an individual’s personal information? In more succinct terms, is there already an independent and general cause of action for the invasion of one’s privacy? These are questions that take on particular relevance with the advent of new media and correspondingly, the increasing difficulty for public figures to keep their personal lives private.
In other common law jurisdictions, particularly the UK and Australia, the tort of breach of confidence has been extended to protect individual privacy rights. In Singapore though, as of the date of writing, there has yet to be an authoritative pronouncement on this issue. This article will first discuss the position in the UK, Australia and Malaysia. It will then examine the existing state of the law in Singapore and examine whether a right to privacy exists. It will conclude by opining that an explicitly stipulated right to privacy is not necessary in light of existing laws that protect confidential information.
It is apposite to note at this juncture that the terms “privacy” and “confidentiality” are conceptually distinct. This is a point that will be explored later as there are significant practical consequences as a result of this distinction. For the moment,2the reader should note that privacy goes toward the right to be “let alone”3whereas information is confidential and a duty of confidence arises when information has been disclosed in circumstances “importing an obligation of confidence”.4
Developments Across the Commonwealth
In the UK, the right to privacy is now established, in line with legislation, ie the Human Rights Act 1998, which places an obligation on the Courts to develop the law in a manner consistent with arts 85and 106of the European Convention for the Protection of Human Rights and Fundamental Freedoms (“ECHR”). This is seen in the leading cases of Campbell v MGN[2004] 2 AC 357 (“Campbell”) and Mosley v News Group Newspapers Ltd[2008] EWHC 1777 (“Mosley”). Rather than develop a new cause of action for invasion of privacy, the Courts were content to extend the “old-fashioned”7tort of breach of confidence to protect privacy rights.
In Campbell, the claimant was a supermodel drug addict who had claimed in press interviews that she had never used drugs before. Subsequently, it was revealed she was a drug addict and photographs of her undergoing treatment were published. The House of Lords unanimously recognised that the claimant had a right to privacy, in line with the UK’s ECHR obligations. However, they unanimously agreed that she had waived this right in respect of her drug addiction because she had “specifically given”8publicity to the issue during interviews and the test was whether the claimant still had a “reasonable expectation of privacy”.9The defendant newspapers were thus, not liable for breach of confidence with regard to publishing articles on her drug addiction. The House of Lords narrowly held 3-2 though that the defendant newspapers were liable in breach of confidence for publishing photographs of the claimant attending treatment because they were secretly taken. The Court was significantly influenced by the distress caused to the claimant and how it affected her attempt at recovering from her drug addiction.
While there was unanimous acceptance that a right to privacy exists, any ascertainment of whether information is private is highly fact specific. While there was public interest in correcting the untruth that the claimant was not a drug addict, ie because she had spoken about the issue in public before, there was no public interest to intrude upon the personal life of the claimant when she was receiving treatment for her addiction.10
In Mosley, the claimant was the head of an international motorsports federation and had spoken out against racism in the sport. However, he had been involved in a sado-masochistic orgy with five sex workers, allegedly involving Nazi themes and role-play. One of the participants had filmed the orgy and granted an interview with the defendant newspaper. While the claim was in part founded on traditional breach of confidence arising out of the existing relationship of confidence between the offending sex worker and the claimant, the Court also recognised the claimant’s right to privacy. While the defendant newspaper claimed that there was public interest in disclosing the claimant’s activities because the alleged Nazi themes were racist, this was dismissed because on a finding of fact, the orgy did not involve a Nazi theme. Thus, while it may have been titillating to read about the claimant’s sex life, it was not in the public interest to disclose this information. Even though the claimant’s behaviour was morally dubious, he was still entitled to a right to privacy under art 8 of the ECHR and this extended to private facts about his personal life.
This approach underlies a fundamental shift away from a traditional understanding of the law on confidence and Lord Nicholls in Campbell suggested that the tort be re-christened the “tort of misuse of private information”.11
It must be noted that pre-ECHR and Human Rights Act 1998, there was no independent and general cause of action for the invasion of one’s privacy12(see Wainwright v Home Office[2004] 2 AC 406 (“Wainwright”)). However, this has never prevented meritorious claimants from successfully bringing an action in breach of confidence to protect the misuse of their private information. For example, in the classic case of Prince Albert v Strange(1849) 1 H & W 21 1302, a plaintiff of royal descent was successfully awarded an injunction restraining the defendant from publishing a catalogue with etchings in the image of the claimant.13Moreover, despite the UK’s ECHR obligations and the Human Rights Act 1998, cases like Mosleyhave been criticised for bringing in privacy law through the “back door” via judicial means.14The argument is that if the UK government wanted to enforce a right to privacy, they would have specifically legislated for it.15
The Courts in Australia have gone a step further. Even without legislation on a right to privacy, the Courts have seen fit to develop their own tort of privacy. For example, in Doe v ABC[2007] VCC 281, the plaintiff was a rape victim who successfully claimed against a broadcaster for revealing the plaintiff’s personal information and specifically, her real name. In coming to its decision, the County Court of Victoria recognised that invasion of privacy is an actionable wrong. This is an advancement from the approach of the High Court of Australia in ABC v Lenah Game Meats Pty Ltd(2001) 185 ALR 1 where, despite recognising the value of privacy, the Court cautioned restraint in developing an independent tort of privacy and considered that most private activities would be sufficiently protected by existing equitable principles governing confidential information.
In Malaysia, the position is slightly doubtful. Until recently, there was no recognition of a right to privacy. However, in an unprecedented move, the High Court (Pulau Pinang) in Lee Ew Poh v Dr Lim Teik Man[2011] 1 MLJ 835 (“Lee Ew Poh”) was prepared to recognise a cause of action for invasion of privacy, citing the Malaysian Court of Appeal decision of Maslinda bt Ishak v Mohd Tahir[2009] 6 MLJ 826 (“Maslinda”) as good authority for this proposition. However, two points must be noted. The case relied on by the Court, Maslinda, concerned an interpretation of s 509 of the Malaysian Penal Code16on insulting the modesty of a woman and the term “invasion of privacy” used in that case must be confined to the narrow context of a criminal act under s 509. Further, the Court in Lee Ew Pohalso cautioned that they may not have been correct and held that “even if this court were to err to hold the view that invasion of privacy rights is actionable under our common law, the plaintiff still can come within the cause of action of breach of confidence”.17
Does an Individual Right to Privacy Exist in Singapore?
The question of whether a right to privacy exists in Singapore is a vexed one. The Constitution of the Republic of Singapore18does not specifically provide for a right to privacy. Further, we do not have any statutory provisions that specifically recognise a right to privacy or any statutory provisions akin to the Human Rights Act 1998. However, while there is no specific recognition of a right to privacy, it must be noted that the Singapore Constitution and Singapore statutes do not explicitly reject a right to privacy.
Two pieces of legislation possibly hint at what the Singapore approach towards privacy may be. The first is s 27A(1)(b) of the Miscellaneous Offences (Public Order and Nuisance) Act19that makes it a criminal offence for “any person who appears nude” whether “in a public place” or “in a private place and exposed to public view”. During the course of parliamentary debates where a bill was moved to include s 27A(1)(b), the then Senior Parliamentary Secretary for Home Affairs recognised that despite the fact that “one has a right to privacy in one’s home, this should not however, be at the expense of public decency such as nude exposure”.20Indeed, adopting a purposive approach, the overriding concern behind enacting s 27A(1)(b) is the protection of public morals and decency, especially so in the context of public housing and close quarter living. This suggests that any (potential) right to privacy is subject to more important policy concerns relating to the “morality and dignity of neighbouring residents and passers-by.”21In contrast, in a move towards addressing privacy concerns, the Singapore Government has enacted the Personal Data Protection Act 201222with the intention of “curb[ing] excessive and unnecessary collection of individuals’ personal data by businesses, and includ[ing] requirements such as obtaining the consent of individuals”.23This recent piece of legislation is a clear indicia that the “government recognises the importance of individual rights over stored data”,24even though it is not an explicit recognition of a right to privacy.
Thus, there may not be a definitive answer as to whether a right to privacy exists in Singapore. What is clear, however, is that Singapore case law has not yet recognised an independent and general cause of action for invasion of privacy. In that sense, the common law position in Singapore is similar to that of the UK prior to the enactment of the Human Rights Act 1998, as established in Wainwright.
Should the Tort of Breach of Confidence be Extended to Protect Privacy Rights?
Proponents in favour of extending the tort of breach of confidence to act as a cause of action for invasion of privacy would favourably cite the Singapore High Court case of Nicholas Hugh Bertram Malcomson and Another v Naresh Kumar Mehta[2001] SGHC 309 (“Malcomson”) where the Court openly recognised the plaintiff’s “right to privacy”.25However, the Court’s holding in Malcomsonmust be understood in the specific context of that case, concerning the common law tort of harassment. In Malcomson, the defendant was restrained via injunctions from harassing the plaintiff through various unwanted electronic and non-electronic communications. In coming to its landmark decision, the Court recognised the tort of harassment in response to a “lacuna in the law” that the statutory provisions of the Miscellaneous Offences (Public Order and Nuisance) Act did not cover situations “relating to words expressed by the perpetrator over the mobile phone”.26Properly understood, the Court in Malcomsonwas not recognising a broad, overarching tort of privacy; it merely recognised the need to balance the plaintiff’s right to be free from harassment. Another potential argument in favour of recognising a general tort of privacy is that the current tort of harassment paves the way by acting as a precedent for the development of other torts relating to privacy.27
It could be argued that establishing a right to privacy through the tort of breach of confidence in Singapore would be following the UK approach of giving greater protection to individual rights and liberties. Alternatively, given that the Australian and Malaysian Courts have judicially recognised privacy rights, despite the fact that there is no legislation in Australia and Malaysia to support this, an argument can be made that we should follow suit.
While such arguments are well meaning, with respect to the Australian and Malaysian Courts, developing the law in Singapore to protect the privacy of individuals under common law breach of confidence may not be a principled development.
In examining the doctrinal roots of an action for breach of confidence, regard must be given to the fact that the law of confidence is founded on equitable principles. As Megarry J said in the seminal case of Coco v A N Clark (Engineers) Limited[1969] RPC 41, “the equitable jurisdiction in cases of breach of confidence is ancient, confidence is the cousin of trust”. Further, as Lord Neuberger noted in Vestergaard, “an action in breach of confidence is based ultimately on conscience”.28Traditionally, breach of confidence is used to protect information that has the necessary quality of confidence and is not a general tort of privacy.
As mentioned in the introduction, privacy and confidentiality are “conceptually different”29as recognised by Chan Seng Onn J in AAY v AAZ[2011] 2 SLR 528. As Lord Nicholls noted in Campbell, traditionally “a breach of confidence was restrained as a form of unconscionable conduct, akin to breach of trust”.30The practical significance of this is that for information to be protected under traditional laws of confidence, there needs to either be a pre-existing relationship of reposed trust and confidence between the parties or very clear circumstances that the information received is of a character that imports an obligation of confidence. In contrast, a plaintiff can be protected by the “new” tort of misuse of private information whenever she has a reasonable expectation of privacy. For example, photographs of a celebrity pushing her baby in a pram outdoors may be regarded as private because it intrudes into her family life. However, it would be a stretch to argue that such information is necessarily confidential in the same way that trade secrets are.31
Thus, arguing from first principles, any extension of breach of confidence as a general cause of action that goes toward protecting privacy rights may not be doctrinally sound. To do so would elide the conceptual differences between privacy and confidentiality. Also, as noted earlier, the English Courts have already been criticised for “judicially legislating” a right to privacy through the use of breach of confidence, despite the UK’s ECHR obligations and the Human Rights Act 1998. Further, Singapore Courts are not bound by legislative and judicial developments in the UK and Europe. Any decision to introduce a right to privacy into Singapore may best be left to parliament as part of its legislative function under the separation of powers doctrine.
How Then Do We Protect Personal Private Facts in Singapore?
It is argued that the current laws in Singapore are sufficient to protect an individual’s personal information.
From a statutory perspective, the Government has passed various laws that seek to legitimately guard an individual’s personal and confidential data. A sample of such legislation is usefully provided in Professor Gary Chan’s The Law of Torts in Singapore32and is reproduced here: Banking Act,33Official Secrets Act,34Penal Code,35Computer Misuse Act,36Electronic Transactions Act 2010,37Statutory Bodies and Government Companies (Protection of Secrecy) Act,38Statistics Act39and Spam Control Act.40
At common law, apart from the tort of harassment,41“old fashioned” breach of confidence still serves as a powerful bulwark in securing the confidentiality of an individual’s private facts. In X Pte Ltd v CDE 1992 2 SLR(R) 575, the plaintiff successfully restrained the defendant from disclosing information evidencing the plaintiff’s adulterous relationship contained in telephone bills and receipts, even though those documents were not marked confidential. Further, in the High Court decision of Vestwin Trading Pte Ltd v Obegi Melissa[2006] 3 SLR(R) 573 (“Vestwin”) (affirmed by the Court of Appeal), Andrew Ang J held that breach of confidence is “not confined to commercially valuable information: the obligation is capable of encompassing all information which any party has an interest in keeping confidential”.42The learned Judge went on to provide a catalogue of the types of information that have been protected, in particular telephone conversations, details of a relationship and even, photographs of a closed-door celebrity wedding. Thus, it can be posited that the traditional laws of confidence sufficiently protect personal private facts.
Further, while the older cases43seem to suggest that there has to be intentional communication of the information by a plaintiff to a defendant in order to found an action for breach of confidence, Singapore Courts have made it clear that there is no such requirement. For example, in Vestwin, the defendants were liable for breach of confidence even though they had retrieved the confidential information from a rubbish dump after the plaintiffs had disposed of it. Andrew Ang J held that the decisive factor in Vestwinwas that the defendants continued to use the information despite knowing it was confidential. This recognises the equitable origins of breach of confidence and is on all fours with Lord Neuberger’s pronouncement in Vestergaardthat the law on confidence is founded on conscience.
If a case with the same factual matrix as Mosleywere to come before the Singapore Courts, it is likely that a claimant in the exact same position as Max Mosley would be able to establish a prima faciebreach of confidence because an individual’s sex life is regarded as confidential information (see Stephens v Avery[1988] Ch 44944). Any newspaper in receipt of details of an individual’s sex life would be bound in conscience by a duty of confidence not to disclose such information. As a caveat though, much may depend on arguments put before the Court and the specific facts of the case.
Further, any action for breach of confidence will always be subject to the “public interest” defence where a defendant is not liable for breach of confidence if the disclosure of such information is in the public interest, eg if the plaintiff had concealed the truth (Campbell), broken the law (Initial Services Ltd v Putterill45) or his behaviour is iniquitous.46This is based on the classic pronouncement of Wood VC in Gartside v Outram(1857) 26 LJ Ch 113 that “there is no confidence as to the disclosure of iniquity”.
Conclusion
With the advent of modern technology like social media, the lines between what is “public” and “private” are blurring and will continue to blur even more. Arguably, intrusions into our personal lives by others will become the norm rather than the exception. Thus, privacy becomes a paramount concern for many individuals, especially public figures. While it is undisputed that privacy is an important aspect of modern life, the desire by individuals to maintain their privacy should not override more important communal interests such as the need to maintain a highly transparent approach to “public discourse on matters of public interest”, especially in light of the Singapore Government’s “heavy emphasis on honesty and integrity” (Review Publishing Co Ltd v Lee Hsien Loong) [2010] 1 SLR 52. Ultimately, a calibrated approach, tailored to fit modern Singapore’s unique societal, economic and political conditions may be required and any decision whether or not to recognise a right to privacy in future should best be left to the legislature.
However, that does not mean that the existing law in Singapore is unable to protect private personal facts. At present, statutes like the Personal Data Protection Act 2012 arguably serve to legitimately address privacy concerns in an increasingly technological age. Further, the traditional cause of action of breach of confidence continues to protect information that has the necessary quality of confidence, with the types of information that have been protected gradually increasing to take into account modern considerations.47Until a right to privacy is recognised in Singapore, “old fashioned” breach of confidence serves as a current solution to new problems that may arise in light of increasing privacy concerns.
► Mohammed Reza
Partner
Rajah & Tann LLP
E-mail: [email protected]
► Azri Tan
Student
National University of Singapore
E-mail: [email protected]
Notes
1 Vestergaard Frandsen A/S (now called MVF 3 ApS) and others v Bestnet Europe Limited and others[2013] UKSC 31 at [44].
2 Due to limitations of space, this article does not seek to rigorously define the terms “privacy” and “confidentiality”.
3 Thomas Cooley, Law of Torts(2nd Ed, 1888), p 29. For further reading on the meaning of “privacy”, see also Samuel Warren & Louis Brandeis, “The Right to Privacy” (1890) 4 Harvard Law Review.
4 Coco v A N Clark (Engineers) Limited[1969] RPC 41 at [47]-[48].
5 Article 8 governs the right to respect for privacy.
6 Article 10 governs the right of freedom of expression.
7 Mosleyat [108]. The use of “old fashioned” here refers to a breach of confidence arising out of a pre-existing relationship of reposed trust and confidence.
8 Campbellat [58].
9 Campbellat [137].
10 It should be noted that the holdings of the two dissenting Judges in Campbellare not without weight. Arguably, reporting on a drug addict’s treatment should be regarded as reporting on her addiction and part of the entire “journalistic package”.
11 Campbell at [14]. However, it must be noted that despite the strong words of Lord Nicholls, future Courts have retained the traditional name of “breach of confidence”.
12 This was affirmed unanimously by the House of Lords at [30]-[35], [52]-[56] and [62].
13 See Vestwinat [37] for a substantive list of types of information that have previously been regarded as “confidential”.
14 http://news.bbc.co.uk/2/hi/uk_news/7718961.stm.
15 http://news.bbc.co.uk/2/hi/uk_news/7718961.stm.
16 Penal Code (Act 574) (M’sia) s 509.
17 Lee Ew Pohat [6]-[9].
18 Constitution of the Republic of Singapore (1999 Reprint).
19 Miscellaneous Offences (Public Order and Nuisance) Act (Cap 184, 1998 Rev Ed Sing), s 27A(1)(b).
20 Sing., Parliamentary Debates, vol 65, col 699 (27 February 1996).
21 This amendment to the Miscellaneous Offences (Public Order and Nuisance) Act was moved in response to concerns over a couple that were seen nude in their Yishun Town flat. See ibid.
22 Personal Data Protection Act 2012 (No. 26 of 2012).
23 Singapore Hansard. Notice Paper No 9 of 2011 (14 February 2011) Question No 683 for Written Answer.
24 George Wei, “Effectively Protecting Private Facts – Privacy and Confidentiality” (2012) 24 SAcLJ49.
25 Malcomsonat [56].
26 Malcomsonat [54].
27 Indeed, Professor Gary Chan has argued as much in his book. See Gary Chan, The Law of Torts in Singapore(Academy Publishing, 2011), pp 635-637.
28 Vestergaardat [22].
29 AAY v AAZat [58]. It must be noted that and the learned Judge stated that as a matter of practice, it would be for parties to submit in appropriate cases “where the practical import and consequences of breach of privacy and confidentiality diverge, if at all”.
30 Campbellat [13]-[14].
31 In David Murray v Big Pictures (UK) limited, JK Rowling (suing in the name of her then 5-year-old son) successfully resisted a striking out application by the defendant commercial picture agency and the Court held that photographs of JK Rowling pushing her son in a pram were sufficiently private and that her son had a right to privacy because despite being a famous author, JK Rowling had not exposed her son to publicity.
32 The Law of Torts in Singapore (Academy Publishing, 2011), p 632.
33 Cap 19, 2008 Rev Ed (see s 47 on secrecy of customer information).
34 Cap 213, 1985 Rev Ed.
35 Cap 224, 2008 Rev Ed, s 509 (offence of “intending to insult the modesty of any woman … or intrudes upon the privacy of such woman”).
36 Cap 50A, 2008 Rev Ed, s3.
37 Act 16 of 2010, s 28 (obligation of confidentiality).
38 Cap 319, 2004 Rev Ed, s 3.
39 Cap 317, 1999 Rev Ed, s 7 (disclosure of information).
40 Cap 311A, 2008 Rev Ed.
41 In 2004, Malcomsonwas referred to in Parliament as one of the reasons underlying the Government’s decision not to enact legislation on stalking. The then Senior Minister of State for Home Affairs and Law highlighted how the tort of harassment adequately covers the act of stalking.
42 Vestwinat [35].
43 The case of Coco v A N Clark (Engineers) Limited[1969] RPC 41 seems to suggest that the word “communicated” should be interpreted in the narrow sense of direct communication between one party to another. Also see Lord Ashburton v Pape[1913] 2 Ch 469.
44 In Stephens v Avery[1988] Ch 449, details of a lesbian relationship between a plaintiff and a third party were regarded as confidential information.
45 In Initial Services Ltd v Puterill[1968] 1 QB 396, a laundry company tried to obtain an injunction to prevent their ex-employee from disclosing that they had agreed with other laundries to keep up prices in breach of the Restrictive Trade Practices Act 1956 and that increases in their charges were mainly to offset an employment tax was misleading. Despite the fact that the ex-employee would be disclosing such information in breach of confidence, the injunction was refused on the grounds that where the employer was guilty of a crime or fraud, it was in the public interest for such information to be disclosed.
46 The scope for disclosure of iniquitous behaviour in the public interest is wide. It is not limited to crime or illegal activity as suggested by the Appellant. Disclosure “is not limited to these categories” and “will not be restrained where there is a just cause or excuse” (Anthony Dugbale & Michael A. Jones, Clerk & Lindsell on Torts, (19th edition, Sweet & Maxwell Ltd, 2006)).
47 Vestwin at [35]–[37].