Privilege exemption saves trustee from DSAR-ster

Posted by on

Summary: In recent years there has been a trend of beneficiaries exploiting their rights under data protection legislation to gain access to personal data in the trust context, cutting straight through the trustees’ discretion to withhold trust information. Increasingly, Data Subject Access Requests or “DSARs” have been used by beneficiaries to prise open the closed doors of confidentiality behind which trustees have historically been able to operate.

The recent case of Dawson-Damer v Taylor Wessing [2019] EWHC 1258 (Ch) offers some comfort to trustees facing these requests. Specifically, the High Court’s decision provides a favourable clarification of the legal professional privilege (“LPP”) exemption which trustees may be able to rely on to withhold information.


This is the third judgment to arise out of DSARs served by Mrs Dawson-Damer and her two children (the beneficiaries of a Bahamian-law discretionary trust) on Taylor Wessing (the English solicitors advising the trustee over the course of 30 years).

One of the key issues for the High Court in this round of the proceedings was the extent to which Taylor Wessing could rely on the LPP exemption in order to withhold information from Mrs Dawson-Damer and her children.

Note: Dawson-Damer concerns a DSAR made under the Data Protection Act (“DPA”) 1998. The DPA 1998 has since been repealed and replaced by the DPA 2018 - implementing the General Data Protection Regulation “GDPR”. However, the LPP exemption has been replicated in the DPA 2018 and, as such, the court’s findings are equally applicable to DSARs made under the DPA 2018/GDPR.  

The LPP Exemption

The Court of Appeal had previously ruled in this matter that the LPP exemption did not extend to data which was subject to privilege under Bahamian law: the LPP exemption had to be considered as a matter of English law.

With that in mind, Mrs Dawson-Damer argued that the trustee (and, by extension, Taylor Wessing) could not assert privilege against her because she was a beneficiary of the trust, and as a matter of English law, there is joint privilege as between a trustee and a beneficiary.

In response, Taylor Wessing argued that, even as a matter of English law, the question of whether there is joint privilege as between a trustee and a beneficiary is determined by the governing law of the trust in question. Under Bahamian law, no joint privilege arises as between a trustee and a beneficiary. Accordingly, the trustee and Taylor Wessing were entitled, as a matter of English law, to assert privilege against Mrs Dawson-Damer.

The judge accepted this analysis and concluded that Taylor Wessing was entitled to rely on the LPP exception against Mrs Dawson-Damer because she had no Bahamian trust law rights which “cut across, limit or qualify the trustee’s claim to legal professional privilege” under English law.  

The implications

In particular, the decision will provide significant comfort to trustees of trusts governed by any law which does not recognise joint privilege as between a trustee and a beneficiary.

More generally, the case highlights that the existing judicial analysis underpinning joint privilege (as between trustees and beneficiaries) is inconsistent and requires reassessment. This is an area of law which would welcome judicial consideration and clarification, so that trustees can have certainty as to the circumstances in which they will be able to assert privilege as against a beneficiary (whether in the context of a DSAR or more generally).

DPA 2018 / GDPR

Finally, it is worth emphasising that there are a number of significant distinctions between the DPA 1998 (under which the DSARs in this case were issued) and the DPA 2018, which is now in force and gives effect to the GDPR.

In particular, the GDPR contemplates certain additional grounds upon which trustees might be justified in withholding disclosure – for example, on the basis of conflicting duties of confidentiality or where such disclosure would “adversely affect the rights and freedoms of others” (Article 15(4) GDPR).  

Alongside the LPP exemption, this should provide some comfort to trustees who have been concerned about the potential for DSARs to be deployed by litigious beneficiaries as an additional weapon in their armoury.


This site uses cookies to help us manage and improve the website, your browsing experience, and the material/information we send to our subscribers. For further information about cookies, including how to change your browser settings to no longer accept cookies, please view our Privacy Notice. Otherwise we will assume you are OK to continue.