Personal data is often referred to as “the new oil” and, following the significant changes to UK data protection law in the wake of the Data Protection Act 2018 and the EU GDPR (and its new “retained” version, the UKGDPR), it’s truer than ever that with big data comes great responsibility.
Much as businesses are more aware of the potential of personal data as an exploitable asset, individuals are also more aware than ever of their rights and their ability to seek redress through the Information Commissioner’s Office and/or the Courts when their wishes aren’t complied with, mistakes are made or when compliance obligations are breached. Personal data breaches make headlines on a daily basis and hard-won trust can easily be damaged in the wake of negative press coverage of an unforeseen or deliberate cyber or other privacy incident.
The stakes for misuse of personal data have never been higher. As the uses to which personal data is put expand and evolve and as legislators, regulators and courts rush to keep up, BLM is ideally placed to help you keep pace with this dynamic landscape, having advised on data privacy issues since before the coming into force of the Data Protection Act 1998.
Whether your issue relates to training, data sharing agreements, data protection audits, putting in place policies and procedures, compliance with existing obligations, dealing with regulators and investigations, responding to breaches and crisis management, stakeholder complaints or Subject Access Requests, our integrated offering and national coverage enables us to help you manage your risks holistically and cost-effectively. Additionally, our decades of niche expertise and relentlessly commercial approach helps us to help you simplify complex requirements and provide advice that never loses sight of your wider objectives.
HOW BLM CAN HELP
Our data protection team has extensive experience advising some of the UK’s largest insurers and their policyholders, corporates and SMEs. With digital transformation high on the agenda of many businesses, BLM's Data Breach Unit provides the essential support to businesses facing claims resulting from the accidental loss of data, unintentional misuse of data, and unauthorised or misdirected communications and correspondence.
Here are just some of our recent data protection case studies demonstrating how our expert team has helped our clients.
We act for a medical clinic in relation to a data protection claim in which the claimant’s medical records were accessed by an employee without authorisation. The claim settled for less than £2,000. The claimant’s solicitors have submitted a bill of costs seeking approximately £9,000. We are challenging the claimant’s costs, including on the basis that the claim would have been allocated to the small claims track. A detailed assessment hearing is due to be heard shortly which we hope will result in the recoverable costs being limited to small claims costs.
We act for a national hospitality brand in relation to various civil data protection claims as a result of security failures and an alleged breach of security relating to third par ty software. Of the 10 separate claims received, only one has led to the issue of Court proceedings, which have been transferred (on our application) from the Media & Communications List of the High Court to our client’s local County Court based on its low value and straightforward factual background, with a view to the case being dealt with on the Small Claims Track. This will lead to a significant reduction in our client’s costs exposure (notably in relation to the claimant’s ATE Premium) to a claim which will, in any event, be vigorously defended.
We act for a national financial services company in relation to a data protection claim which resulted from an email containing details of employees on annual leave being sent to about 100 employees by accident. Although this error was swiftly rectified, the claimant brought a claim for breach of their data protection rights. We have successfully argued that the claim should be allocated to the County Court based on its low value and straightforward factual background. The costs claimed of approximately £14,000 are being robustly challenged.
We are representing a client in relation to a technical data protection breach which was settled for £500, where the claimant’s solicitors have incurred costs of nearly £10,000. They suggested that the claim involved complex litigation which was suitable for the multi-track and/or High Court. We have successfully disputed this and the matter is being dealt with in the County Court. The claimant’s solicitors have already conceded two-thirds of their claimed costs.
Keep up to date with the latest news with our Data Protection Insights