Database rights: ownership, breaches and remedies


There is, at common law, no property in information (Oxford v Moss [1978] 68 Cr App Rep 183).  An employer may want to use database rights where traditional restrictive covenant approaches to protecting a business interest will not succeed.  In this article Declan O’Dempsey covers some of the ways in which an employer can use the Database Regulations. The remedy for an employer is either an injunction to restrain use of the employer’s property or damages.

Databases are property but are not treated like tables and chairs. In the case of a table or a chair if I took it from you, you could bring an action in tort for an interference with your possession. However a database maintenance provider could not exercise a lien over its customer’s database against allegedly unpaid fees (Your Response Ltd v Datateam Business Media Ltd [2014] EWCA Civ 281).  Whilst there are rules concerning the use of confidential information, what is the employer to do when the information falls outside that category? Similarly an employer can try to rely on copyright, but what if that reliance is not available?  It is in this area that a database right may be of service.

A database is “a collection of independent works, data or other materials which are arranged in a systematic way and are individually accessible by electronic or other means” (regulation 6). Thus a list of names and addresses could constitute a database.  A database right subsists in a database where there has been “a substantial investment in obtaining, verifying or presenting the contents of the database” (regulation 13, Database Regulations).  The phrase “investment in obtaining the contents” connotes resources which were used to find existing independently created materials and to collect them as a database (British Horseracing Board Ltd and others v William Hill Organisation Ltd (Case C-203-02) [2004] ECR I-10415). Resources used to create the materials which sat within the database are not contemplated by the phrase. If the organisation creates the materials forming part of a database, it cannot rely on the database right.  However if it can prove that, as well as making an investment creating those database materials initially, it invested further in the database, and that investment is independent of the resources used to create those materials it may still obtain protection via the database right. The net effect of this is that a database protection right may be unavailable if the database’s creator never used resources to find, check or present the contents. It may have used a great deal of time and money in creating the contents but this is not sufficient.

Customer lists may well constitute a database into which such investment in obtaining the contents has been made if the company does not create new information by putting a customer’s details into the database but simply records pre-existing information in a systematic way (see e.g. British Sky Broadcasting Group Plc and others v Digital Satellite Warranty Cover Ltd and others [2011] EWHC 2662 (Ch)).

The employer is likely to be the first owner of the database rights in such a list if the employer was the maker of it as a database.  The employer will be the first owner of database right in it (regulation 15). Where an employee of the employer makes the database, in the course of their employment, then the employer is (unless there is a contrary agreement) the maker of that database (regulation 14(2)).

The database right lasts for 15 years.  This is 15 years from the end of the calendar year in which the making of the database was completed (or 15 years from the end of the calendar year in which the database was first made available to the public) (regulation 17, Database Regulations).  However if the company makes a “substantial change” to the contents which results in it being a “substantial new investment”, the amended database will qualify for a new 15-year term. The updating involved must be such as to result in a “substantial new investment”.

If there is no express term of any agreement regulating the ownership of a database then the court is likely to find that where the database is held on the employer’s system (e.g. in outlook) “which is part of the employer’s e-mail system and backed up by the employer or by arrangement made with the employer, the database or list of information (depending whether one is applying the Database Regulations or the general law) will belong to the employer. I do not consider that the position will change where the database is accessed not from the employer’s computer but from the employee’s home computer by “dialling up” or otherwise “logging on” to the employer’s e-mail system by some form of remote access.” (Pennwell Publishing (UK) Ltd and others v Ornstien [2007] EWHC 1570)

The nature of the employee’s profession or occupation may affect the question of database ownership.  A journalist (e.g. Penwell’s case) uses his contacts in a different way to a sales representative. A sales representative can move between jobs easily despite not taking any contact details with him a journalist has long-term contacts that he would need to carry on using in any job he did.  Even in the case of a journalist the court may conclude that such a list is not a personal list maintained by him “apart from his work systems and for his own use”.  

Social media and data base rights

What if the ex-employee starts to use a contacts database built by them for the purposes of their work, but using social media. Who would own such a database is unclear.  It is arguable under regulation 14(2) that the employer is the owner. Where all of the employee’s contacts result from the employment say on  Linkedin page, there will be little difficulty in saying that the database is the property of the employer (see e.g. Whitmar v Gamage & Others [2013] EWHC 1881)  Use of such a list to compete with the ex-employer’s business is likely to be restrained. What if not all of the contacts result from the former employment?  

The ex-employer would be best advised in those circumstances to marshal their evidence carefully. It should cover the manner in which both the employer and the employees use social media accounts.  Other relevant information will include the nature of the industry and industry practice as some industries will use social media as simply a work tool.  As the underlying protection that the employer seeks is for the investment that went into obtaining, verifying and presenting the contents of the database, it is sensible in any case to ensure that there is clear evidence of that investment. 

Breaches and remedies

If a person extracts or re-utilises all or a substantial part of the contents of a database without the owner’s permission a breach of the database right occurs (regulation 16(1)). Regulation 12 defines “extraction” as “the permanent or temporary transfer of all or a substantial part of the contents of a database to another medium by any means or in any form”. So this would cover copying the contents to a USB stick.  “Re-utilisation” means making the contents available to the public by any means.  This would include distributing copies, renting, and by online or other forms of transmission.  An ex-employee seeking to damage a business by making its databases public would breach the database right of the employer.  The Regulations also prevent a salami slicing approach to leaking the data or using it in small parcels. Repeated and systematic extraction or re-utilisation of insubstantial parts of the contents of the database may also amount to the extraction or the re-utilisation of a substantial part of those contents (regulation 16(2)). Moreover if only a quantitatively small part of the database, which nonetheless is qualitatively valuable, is extracted or reutilised, this will also constitute extraction or reutilisation (see British Horseracing Board v William Hill [2001] RPC 612 for a discussion of these concepts). There is no need to copy features of the form of the database in order to infringe the database right; only the contents need be copied for a breach to occur. 

The remedies available for infringement of the database right include equitable remedies.  Thus the claimant employer could seek an interim and then final injunction restraining further acts of infringement, together with damages, and an order for delivery up or seizure of copies which have infringed the database right.  Significantly the claimant can also seek an account of profits as well as damages.  This means that the ex-employer can obtain any of the profits the person breaching the database right makes out of the breach.

Interim orders may in particular be useful. (QB). In Warm Zones v Sophie Thurley and Alex Buckley [2014] EWHC 988 an obtained an interim injunction to prevent ex-employees disclosing their customer database and information contained in the database. The employer obtained access to their personal computers for imaging and inspection, thus enabling the wrongfully held confidential information to be secured and returned.  An example of the kinds of order that can be obtained under a database right claim can be seen in Intercity Telecom Limited, Modern Operations Limited v Mr Sanjay Solanki [2015] 2 Costs L.R. 315.  They include orders for compensation.  The orders are capable of restricting a former employee’s activities beyond the end of a restrictive covenant or in cases where a restrictive covenant does not suffice.*


Whilst the database right has been available for employers for some time, use of it may become more prevalent as the boundary between work information and personal information becomes blurred so that the source of information and its format become more important.  Database rights may provide some protection for employers whose restrictive covenants are ineffective or who have none.  The database right is therefore a useful additional tool for the employer to protect business interests. 

*This decision was subsequently overturned on procedural grounds, see here.