High-profile breaches which make regular headline news have moved privacy up the agenda for many businesses. The regulatory landscape changes at pace and claimant firms are often prepared to act on a no-win, no-fee basis, regularly backed by after the event (“ATE”) insurance (the premiums for which they will seek to recover from defendants).
In the wake of a serious incident
What might start with a complaint to the Information Commissioner’s Office (“ICO”) or unfavourable press coverage may develop into a longer and more expensive experience for any business in the wake of a serious incident. Furthermore, although the Supreme Court’s decision in the representative action of Lloyd v Google has clarified that damages cannot be awarded for loss of control of personal data in a claim for breach of data protection rights without any proof of distress or material damage, individual claims remain viable in many cases even if this arena may now be less commercially attractive to claimant firms.
Data Breach Claims
Many data breach incidents are the result of human error, such as an email or letter sent to the wrong email address or with the wrong attachment. This makes for a happy hunting ground for claimant lawyers who, together with claims management companies and litigation funders, are likely to be the main winners in any ensuing litigation. Liability can be difficult, if not impossible, to defend and the prospect of dealing with what appears initially to be a complex high value claim and incurring substantial costs can mean that many potential defendants may simply pay up even if they have a potential defence. As a result UK businesses of all sizes will face a growing number of low-value but disproportionately expensive data breach claims for the foreseeable future, even if a number of recent decisions have served to help build a useful toolkit and strategy for defending them.
BLM’s Data Breach Unit provides the essential support to those businesses facing claims resulting from:
- the accidental loss of data,
- unintentional misuse of data,
- unauthorised or misdirected e-communications, correspondence and direct marketing.
We also support organisations experiencing more significant incidents involving the theft of data and cyber-attacks, including ransomware or major incidents involving the accidental loss of data.
Download our Data Breach Unit flyer for more information.
Keep up to date with the latest news with our Data Protection Insights