Gordons Employment Update - 26 October 2018

Friday 26th October 2018

Sexual Discrimination: The ‘gay-cake’ case

In Lee v Ashers Baking Company Limited and others, the Supreme Court (‘UKSC’) has ruled that a bakery did not discriminate on grounds of sexual orientation when refusing to ice a message supporting gay marriage on a cake.


“A person (‘A’) discriminates against another person (‘B’)” where “on grounds of sexual orientation, A treats B less favourably than he treats or would treat other persons”


Mr Lee is a gay man who wished to purchase a cake with the message ‘Support Gay Marriage’, and featuring the logo of Queerspace, an organisation at which Mr Lee volunteered, and which supports the LGBT community in Belfast.

Ashers is a bakery owned and operated by a Christian family who hold religious beliefs that gay marriage is inconsistent with Biblical teaching. Ashers’ brochure does not indicate any restrictions on the decorations that may be added to cakes, and Ashers’  initially took the order, before subsequently informing Mr Lee that it could not be fulfilled and providing Mr Lee with a full refund.

Decision and comment

The UKSC found that the reason for treating Mr Lee less favourably than another prospective customer had not been his sexual orientation, but the intended pro-gay marriage message. The UKSC found that any customer who had requested the same or similar message would have been treated in the same manner.

In declining to set out a definitive test, the UKSC has blurred the boundaries of discrimination law, leaving a degree of uncertainty around associative discrimination. Where will the trigger point lie between the extremes of discrimination occurring specifically because of sexual orientation, and discrimination that has something to do with the sexual orientation of some people? It certainly appears that a ‘message, not the messenger’ defence could be put forward in the future.

Finally, what of the balancing act of workplace rights, with religious belief on one scale, and the sometimes incompatible LGBT rights on the other?

This then is a decision with as many questions as answers, and which leaves the door ajar for future development of the law.

Vicarious Liability: From the show to the after party to the hotel lobby?

As we approach the Christmas party season Bellman v Northampton Recruitment Limited offers a reminder of the possible extent of an employer’s liability for its employees.


An employer is vicariously liable where an employee (or person in a relationship similar to employment) commits an act of wrongdoing and the act is sufficiently connected with the position in which the wrongdoer is employed so as to make it just and fair to hold the employer responsible.


Mr Bellman was a sales manager for the respondent recruitment firm. It was a small company, and Mr Major was the firm’s MD and ‘directing mind’. At the end of the company Christmas party Mr Major arranged and paid for taxis to transport staff to a hotel where the party continued, with drinks mainly paid for by the company.

After a couple of hours, there was a discussion regarding company politics between Mr Major and Mr Bellman. Feeling that he was being challenged, Mr Major summoned the remaining staff and began to lecture them on his authority. When this was questioned by Mr Bellman, Mr Major punched him causing significant brain damage.

Decision and comment

While finding for Mr Bellman, the Court of Appeal was quick to emphasise that it was heavily influenced by the unusual facts of the case. Therefore, this is not to say that employers will be liable for all wrongful acts done by their employees.

The Court pointed to the fact that Mr Major owned the company, was its most senior employee and directing mind, and had full control over how he conducted his role. Significantly, he was wearing his managerial hat and establishing his authority in that role at the time of the attack. Additionally, the party was not a purely social event happening to involve colleagues, but a follow-on from an organised work event attended by most of the company’s employees, where the company paid for taxis and drinks.

The case shows that vicarious liability will arise more readily for an MD  – and probably other senior managers – than for junior employees. That said, the issue remained whether the wrongful act took place in the exercise of managerial authority (no matter how misguided). In this case it did. As such, there is limited risk of employers being exposed to liability, provided of course the cause of the seasonal scrap is not connected with work.

Vicarious Liability (part deux): Data Protection

Providing us with a vicarious liability double bill, the Court of Appeal has handed down its judgement in Various Claimants v WM Morrison Supermarkets PLC, holding that the supermarket should be held liable for the deliberate and wrongful disclosure of personal information perpetrated by an employee.


As outlined above, vicarious liability requires a sufficient connection between the employment and the wrongful act. The claim against was brought under DPA 1998, though it is anticipated that the same result would be reached applying the GDPR and DPA 2018 regime.


A senior internal auditor (‘S’) became disaffected with Morrisons following a disciplinary hearing.

In the course of his employment, S was authorised to access some personal (including sensitive personal) data about fellow employees. In late 2013 Morrisons was asked by its external auditors for various data, and S was asked to handle the transfer between the two companies

The data was stored securely, and was extracted onto an encrypted USB stick for transfer. S did not have permission to access the data. He copied it onto his work computer before passing the data onto the auditor as required. Crucially however, he did not delete it from his computer, and in early 2014 he uploaded personal information to the internet, posting it under the name of a fellow employee.

Decision and comment

In finding against Morrisons, the Court confirmed that the statutory data protection regime exists to supplement, not exclude, vicarious liability. It may also be worth noting that the result would have been the same for claims brought for breach of the duty of confidence or misuse of private information.

Further, inasmuch as S had deliberately set out to damage Morrisons, rather than achieve some benefit for himself, the Court of Appeal has applied the view that motive is irrelevant in a claim for vicarious liability.

Given that this was a deliberate act, there was little Morrisons could have done to mitigate the breach. Nonetheless, it still faces a class action claim. The fear for organisations will be that a data protection perfect storm is brewing: increased statutory protection under the GDPR, greater public awareness of data protection issues, and now the possibility of a strict liability regime for vicarious liability for data breaches. It will be interesting to see whether the floodgates do in fact open. In the meantime organisations would be advised to check the extent of their cyber insurance.

Morrisons has said it intends to appeal to the Supreme Court, so we may return to this case again.

If you require any further information on the above developments please do not hesitate to get in contact with a member of the Employment Team.