We all have a right to privacy. This right is enshrined within Article 8 of the European Court of Human Rights. Our personal information is something we tend to want to remain private. When it comes to how our personal data and information is used and handled, there have been many developments within the law over the past 50 years.
For the most part, organisations have complied with their legal requirements however, over the past decade or so, cyber security has manifested into an entirely new concept, and often, criminals can move at a faster pace than the authorities. Moreover, breaches can themselves occur, not necessarily by expert external forces, but often disgruntled former employees of a business can be responsible for leaking personal data of individuals who themselves become victims to online attacks. This is not helped where organisations have simply ignored the warning signs and put profit before people, and flouted their duties when it comes to ensuring a robust system of data protection and threat management.
There have been an incredible 33.8 million records leaked by cyber attacks and data breaches in 2017 alone!
Personal data leaks can cause a huge amount of stress and worry and have serious implications on a person's domestic and professional life, particularly where the breach results in a financial loss. However, there is also the personal injury element of the breaches – anxiety and stress which can have further knock-on effects cannot be understated.
We live in a digital age where everything we say and do is scrutinised to the nth degree. There is little we can do to stop the tide of personal data being misused or mishandled, particularly when this has been entrusted to the mega-corporations who then become the target for criminal activity.
However, we are here to help you seek redress if you have been the victim of a cyber or data breach.
Can I Claim Compensation?
If you have been the victim of a data leak, data hack, or data protection breach, then we can help you claim compensation!
What are my rights?
If you have been the victim of a data breach then you may have a claim for compensation:
- Private information about you has been leaked or hacked from a third-party organisation, i.e. such as personal banking details from a pay-day loan company;
- Sensitive information about you has been leaked or hacked, such as religious beliefs, political affiliation or sexual orientation;
- Your personal information has been passed to a third party without your express consent;
- Your personal information has been misused or mishandled by an organisation, such as that held and used by a credit reference agency;
- Your personal information has been misused or mishandled by a social networking site;
- You have been filmed without consent or you have been included within wider-scale video footage from which you can be easily identified;
- Where organisations have failed to maintain accurate and up-to-date data about you and this has resulted in damage
How do I know if my personal data has been mishandled or misused?
Contact us and we will take some details from you and make some initial enquiries, including providing you with some guidance as to keeping your information safe.
What if my information has been leaked by a hack?
There have been a number of high-profile breaches due to an external cyber hack, which has culminated in the personal data of thousands of individuals being compromised.
Even though the targeted organisations are themselves a victim, they are under a duty – under both the existing Data Protection Act (DPA) and the General Data Protection Regulations (GDPR) – to safeguard your personal information.
What do I claim for?
There need not be a recognisable injury for you to be able to bring a claim, but rather, the breach must have caused you some sort of ‘distress’. This is a very subjective test. You do not need to have any diagnosable or recognised injury to make a claim as a victim of a data leak - you can claim for the very happening of the incident itself.
There are many things we can look at when it comes to recovering damages for victims of a data leak. Whilst each case is judged on its own individual merits, as experienced lawyers in this area, we can tell you exactly what you can include in a claim for compensation.
How is this possible?
A case called Vidal-Hall v Google entitled the Claimants to seek redress for anxiety. This is because, while the Data Protection Act in this jurisdiction is silent as to non-pecuniary (i,e. non-monetary loss), the European Directive does allow for it.
What is included in a compensation claim?
You can claim for the very fact that you have been a victim of a data leak. If your Personally Identifiable Information (PII) has been leaked, this could have potentially detrimental consequences on your life. This is because once there is a leak of your PII, this can be held and used in a number of potentially damaging ways against you.
What sort of ways could my PII be used against me?
You could be entitled to damages generally, due to you suffering from stress, worry, and anxiety caused by the breach. However, it doesn’t stop there, and data breaches could have the consequence of causing harm which may result in actions such as:
- Defamation proceedings, particularly given the advancement of social media
- psychological injury or depression caused by the breach. Vidal-Hall v Google centred around the ‘right to be forgotten’, and essentially, there may be things used on the web about you that you do not wish to be shared
- The effect that the leak has had on your social and domestic life
- Lost earnings from time off work or for lost and future earnings if you have to leave your employment
- Any other financial loss or expense that has been caused as a result of the incident
- Private treatment expenses arising from the breach
How do I prove my claim?
If the PII which has been leaked includes sensitive or private data, such as sexual orientation or religious beliefs, then this can obviously have an effect on you. We will advise you as to what you need to do in the first instance to help guard against any further damage and mitigate any loss. We can then discuss with you what we will do in respect of the claim, looking at the data leak or hack which culminated in the breach of confidentiality.
In respect of the damage you have suffered, if non-monetary loss, such as stress or anxiety wondering what your data is being used for, then we can arrange for private medical expert consultations for the purpose of providing us with a report medico-legal report detailing the injury. We would use the report to prove your claim and to support any losses and expenses on your part such as lost earnings which stem from the data breach.
The amounts for lost earnings and other losses or expenses can be provided simply by using evidence like wage slips, receipts, invoices, etc.
If you have suffered a data breach which has resulted in loss, then the last thing you will feel like doing is paying money to seek redress. Therefore, we offer a ‘No-Win, No-Fee’ arrangement for people who want to make a claim as a victim of a data leak, data breach, data hack, or in circumstances of a breach of confidentiality.
This works by us entering into a written Damages-Based Agreement with you whereby you pay nothing up front and pay nothing if the case does not succeed. We will only deduct our costs from your damages if the claim is successful.
It really is a case of nothing ventured, nothing gained.
Contact our cyber and data claims solicitors
Data protection and GDPR compliance is a highly specialised and complex area of law with potentially serious consequences. It is essential that if you have concerns about a cyber or data issue that you contact a team of specialist practitioners to work with you. Please do this by completing the form above. We make the process as straightforward as possible with minimal disruption to your business.