Businessman Denis O’Brien has taken a High Court action against the data privacy regulator, opening a fresh legal front in a bid to seek information about him at public relations firm Red Flag.
Mr O’Brien issued legal proceedings against the Data Protection Commission (DPC) on Wednesday over its dismissal of his complaint about Red Flag’s refusal to provide information that it holds about him under a data access request he submitted under EU data protection law.
The telecoms businessman has fought a seven-year legal battle with Red Flag claiming that it orchestrated a damaging and defamatory “conspiracy” against him and that it compiled a dossier about him and his business affairs that was used to brief politicians, political aides and journalists.
He also sued Red Flag’s chairman Gavin O’Reilly, with whom he previously clashed during their involvement at Independent News & Media, and chief executive Karl Brophy.
The claims are denied and being contested by Red Flag and the other defendants.
Mr O’Brien’s new legal action relates to an attempt to seek information from Red Flag under data protection law.
He submitted a data protection request to Red Flag in June 2018, seeking confirmation that it held personal information about him and requesting the source of the information, the purpose of holding that information and the people with whom it shared that information.
In response, Red Flag refused to provide Mr O’Brien with certain information, saying that it would violate its legal professional privilege and client confidentiality, and that the information being sought arises in the context of the businessman’s long-running legal action.
In July 2020, Mr O’Brien made a complaint to the DPC about Red Flag’s refusal to share information, saying that he was not looking for any privileged material from the PR firm and that it was not plausible to suggest the dossier was privileged.
Red Flag responded to the complaint to the DPC, saying the data access request interfered with the PR firm’s confidentiality rights and would impinge on the rights and freedoms of third parties.
The firm argued that the data access request was an attempt to circumvent the discovery procedures within the High Court litigation between the parties and that the request could not used to secure litigious advantage in those proceedings.
In early November 2022, the DPC rejected Mr O’Brien’s request, telling the businessman that Red Flag was entitled to refuse his request because it would involve disclosing the names of people who received the dossier and might reveal a client’s identity, breaching confidentiality.
In his legal proceedings, Mr O’Brien argues that the DPC’s decision was incorrect and that he has been left with no choice but to appeal the decision to the High Court.
Graham Doyle, deputy commissioner at the DPC, confirmed that it issued a statutory decision in relation to a complaint from Mr O’Brien and that his proceedings relate to that decision.
Comment was sought from the businessman through his spokesman.
A spokesman for Red Flag, a notice party to Mr O’Brien’s new legal proceedings, said that it believed the ruling by the Data Protection Commissioner, Helen Dixon, was “absolutely correct”.
The Red Flag spokesman said that the firm was “more concerned about the systematic hacking of huge amounts of our own personal data” in a data breach at Independent News & Media dating back to 2014 when Mr O’Brien was a major shareholder at the media company.
The DPC investigated that breach, which involved accessing data belonging to a group of 19 people including Mr Brophy and Mr O’Reilly, both INM executives at the time.
The data privacy watchdog concluded that INM broke data privacy law in the breach.
High Court records show that Mr O’Brien was kept informed about the searching of the data in this incident and that his Isle of Man company Blaydon paid for the processing of the data.
Mr Brophy and Mr O’Reilly, both former executives of INM are suing INM, now known as Mediahuis, and the company’s former chairman Leslie Buckley, over the incident.