Check Your Eligibility To Make A Data Breach Emotional Distress Claim
If a company has mismanaged your personal data leading to a breach, you may be feeling somewhat distressed. But did you know that this emotional distress, caused by someone else’s negligence or irresponsible behaviour could lead to you being able to make a data breach distress claim?
This guide explains what you may need to know if you’re looking to make this kind of claim. In the sections below, we explain what suing for breach of data protection that has caused harm involves. As well as this, we explain how your data should be protected by certain entities and the types of data breach that could occur.
We also offer some insight into how much compensation you could claim if you have suffered cyber stress or you’ve suffered a data breach and it has psychologically affected you. If you would like to move forward with a claim, or you’d like to ask us about any of the information contained in this guide, we would be happy to help you.
We could offer a free eligibility check on your case, and if we believe you could make a successful claim, connect you with a lawyer. The lawyer could take on your claim on a No Win No Fee basis. You can reach the Accident Claims UK team on 0800 073 8801.
Select A Section
- A Guide To Data Breach Distress Compensation Claims
- What Are Breaches Of Personal Data?
- What Is Data Breach Distress?
- Causes Of Breaches In Data Protection
- How Else Could Data Breaches Impact Someone?
- Complaining To The ICO About Distress And Data Breaches
- What Data Breach Distress Compensation Could You Claim?
- How Could People Be Compensated For Distress Caused By A Data Breach?
- No Win No Fee Data Breach Distress Claims
- Begin Your Claim
- Essential References
You may already have read or heard about people whose data has been breached, whether this is via a cyber attack or a business’ lack of protection when it comes to your data privacy. But what you may not understand until it happens to you is the level of data breach distress that it can cause.
If you’ve suffered stress due to a data breach, you could make a claim. This could be for expenses associated with the breach too. This guide has been created to help you understand data breach claims and offer you guidance as to whether you could make a claim of your own.
In this guide, we explore:
- How data breaches could happen.
- The connection between data breaches and cyber stress
- The compensation you could claim if you’ve suffered data breach emotional distress.
We also offer some guidance on how to get a solicitor to help you with a claim on a No Win No Fee basis.
Unfortunately, with the advancements in technology and much of our private data being stored by many different entities such as the NHS, government, public and private businesses, there comes a risk of that data being breached.
According to the Government’s Cyber Security Breaches Survey 2020, 46% of businesses and 26% of charities reported suffering cyber attacks or data security breaches within the 12 months leading up to the survey. 68% of medium and 75% of large businesses reported breaches or attacks. 57% of high-income charities reported them too.
How Should My Data Be Protected?
Your data was previously protected under the Data Protection Act 1998 (DPA), which has now been updated to the Data Protection Act 2018. This brings it into line with the EU GDPR, the General Data Protection Regulation.
What Constitutes A Data Breach?
If a company holding your personal data suffers some kind of data breach, you could make a claim for compensation if it has harmed you.
Those who decide how and why they’ll use your personal information are known as the data controller. They may also process that data. However, sometimes a data controller chooses to use another body (such as an agency) to process the data. This agency would then be a data processor. Either could be liable if their negligence leads to a data breach that causes you to suffer.
A data breach in terms of compensation claims could include situations where your data is:
- Accessed in an unauthorised way
- Disclosed in an unauthorised way
- Altered without your permission
Data breaches could happen accidentally, or they may be malicious in nature. Breaches could be caused by someone inside or outside the organisation that holds your data.
The consequences of data breaches could be significant. Whether it has been financial data, medical data or personal information that has been breached, it could have an impact on your mental health. You could suffer anxiety or depression, for example.
Data breach distress, put simply, is anxiety and emotional stress due to a data breach. For example, you may suffer because of someone using your personal data in an unauthorised way due to them having access to it. You may suffer because your private personal information is now in the public domain. A breach that leads to the theft of your bank details could have a significant effect on your finances and mental health.
In order for you to make a data breach emotional distress claim, you would have to prove that:
- Your data has been breached.
- You have suffered upset and distress as a direct result of the breach.
Data Breach Cases
In one case (TLT v Secretary of State for the Home Department. Reference ), damages were awarded to some victims whose mental health suffered after their data was subject to a breach. Thousands of asylum and leave to remain applicants had their personal data published on the Home Office’s website in error.
Previously, you could only claim compensation for a breach of data that caused you financial loss. However, a landmark case (Vidal-Hall vs Google) which was heard at the Court of Appeal in 2015 led to a settlement being agreed for compensation for loss of dignity, distress and anxiety caused by a data breach.
Now, if you can prove you have a valid claim, you could claim for either financial loss or mental suffering or both because of a data breach.
If you believe you have suffered anxiety or cyber stress due to a data breach, and you would like to have your case assessed for free to see if you could be eligible for compensation, Accident Claims could help. If our opinion is that you could have a valid claim, we could then connect you with a professional lawyer. They could begin your claim for data breach distress and get you the compensation you deserve.
Your personal information may be held by different entities in a variety of ways. There are also various ways in which it could be breached. Some causes of a breach could include:
- A hack: This is where someone gains unauthorised access to a computer system.
- A virus: This inserts its own code into computer programs, effectively infecting them with code.
- Cyber attacks: This is where a malicious attack is launched by cyber criminals. Attackers could intend to steal data, cause a loss of data or use the attacked computer systems as launch points for further attacks, for example.
- Human error: If someone has accidentally sent a file with your personal data, for example. This can also happen with physical documents.
Data breaches do not only have to be online. For example, an employer may send your salary details in a letter to a colleague in error.
All of these causes could lead to GDPR breaches, leaks and losses of data, or data being sent to a third party.
While this guide concentrates largely on data breach distress, there are other ways in which data breaches could impact a person. These could include:
- Accessing your accounts: If a cyber criminal is able to access certain data, they may be able to gain access to your financial accounts. Data theft could lead to spending in your name, or even emptying your bank account.
- Identity theft: Not only could stolen data be used to access your financial accounts, but it could also be used to set up new ones. Criminals could use stolen data to apply for financial products in your name and commit fraud in your name.
- Selling of your data: Your data could be sold to a third party without your knowledge
If a breach of your data has led to financial harm, you could claim compensation for it, as well as claiming compensation for distress from the data breach.
The ICO has given instructions as to how you could complain about a data breach that has caused you emotional distress. They advise affected parties to:
Approach the organisation that is responsible for breaching your data. The ICO advise you to do this quickly, ensure you send it to the right address, and be specific. You could ask them to investigate and you should also explain how the breach has affected you. If the experience has been stressful and you have been left distressed by it, you should mention this.
If you do not receive an adequate response, or the organisation doesn’t respond at all, as a last resort you could register a complaint with the ICO. The ICO would not usually investigate data breach concerns where an undue delay has occurred in bringing your concerns to the ICO’s attention. Therefore, you should contact the ICO before 3 months has passed since there has been any final contact from the data controller or processor you’ve contacted.
If you’re concerned that any time limits have passed or you haven’t raised the issue in the right way, get in touch for free legal advice from our advisors.
As we mentioned earlier, in Vidal-Hall and others v Google (2015), the judge in the Court of Appeal addressed the issue of how distress caused by data breaches could lead to a compensation.
How Much Is The Average Compensation For A Data Breach?
Unfortunately, it can be tricky to accurately calculate the compensation you could get for a data breach.
In your case, you may take into consideration:
- How many people were able to access the data.
- The sensitivity of the data that had been breached.
- How long it was between the breach of data and you being informed of it.
- How long unauthorised people could access your data for.
- Financial losses caused by the breach.
- Emotional distress and anxiety caused.
In order to ascertain how much a data breach compensation amount could be for mental suffering, we could take a look at what the Judicial College Guidelines say could be appropriate for psychiatric and psychological injuries. (The JCG is a regularly updated publication solicitors may use to value injuries.)
Below is a table containing these potential figures. It could give you some insight into how much compensation could be appropriate for the level of data breach distress you’ve experienced.
You would, as in a personal injury claim, be advised to have a medical assessment to verify any injuries and ascertain how serious these could be. You would be asked to visit a specialist so that they could assess how severe the distress and anxiety you’ve suffered has been. They could also determine how long it might affect you for. They could then produce a report that could be used to evidence your claim.
|Psychiatric Damage Generally||£51,460–£108,620||Severe – leading to marked effects with regards to their ability to cope with education, work and life and on their relationships. Could leave them vulnerable to risk in the future. The prognosis would be very poor.|
|Psychiatric Damage Generally||£17,900–£51,460||Moderately severe – significant effects as per the above bracket but with a more optimistic prognosis.|
|Psychiatric Damage Generally||£5,500–£17,900||Moderate – with the kind of problems associated with more severe damage, but there will have been a significant improvement and a good prognosis.|
|Psychiatric Damage Generally||£1,440–£5,500||Less severe – the level of the effects on the person’s sleep and daily activities would be taken into account, and the length of time the person has suffered.|
|PTSD||£56,180–£94,470||Severe – permanently affecting the claimant, who would not be able to work or function on a pre-trauma level. This would affect all aspects of the person’s life.|
|PTSD||£21,730–£56,180||Moderately Severe – better prognosis than in the category above, but with significant disabilities that could last for the foreseeable future.|
|PTSD||£7,680–£21,730||Moderate – the injured party would have largely recovered but any continuing symptoms wouldn’t be disabling grossly.|
|PTSD||£3,710–£7,680||Less severe – where the injured party would have made a virtually full recovery within 1–2 years.|
As we mentioned, the compensation you could receive for data breach distress would largely depend on how distressed you were. However, there are other types of compensation you could seek if you’ve been affected by a data breach. You could seek compensation for material damage (financial) and non-material (psychological) damage.
Data breach compensation examples could include claims for:
- Loss of privacy
- Financial losses
- Medical harm caused by a data breach
- Anguish caused by a data breach
To obtain an assessment of your potential data breach claim, why not get in touch with our expert team at Accident Claims UK? We could talk to you about the breach and the effect it has had on you. We could also advise you as to what compensation you could claim and how we could help you to move forward with a claim.
Our advice is free and comes with no obligation to proceed with our services. We want to help you get the compensation you deserve if your data has been breached.
While it could be possible for you to claim compensation without legal help, many claimants prefer to have an experienced solicitor on their side to help deal with their data breach distress claim.
A solicitor could help build a strong case for compensation for cyber stress. They could also help ensure that action is taken before the time limit is reached. A solicitor could negotiate a settlement for you out of court if the liable party admits liability. If the organisation you’re claiming against disputes your claim, a solicitor could represent you in court.
You may assume that to retain the services of a lawyer, you’d have to pay them a retainer upfront. However, solicitors working under No Win No Fee terms could fight your claim without you having to pay their fee until your claim is successfully settled. To make a claim under such terms, you would need to:
- Find a No Win No Fee lawyer – we could help you with this.
- Sign a Conditional Fee Agreement. This would detail the amount you’d pay the lawyer as a success fee if they negotiate a payout. This fee would be capped, legally. It would only be payable if compensation was obtained.
If a solicitor negotiates a compensation settlement for you, their success fee is taken from your payout, with the balance benefitting you. If no compensation payout was achieved, you wouldn’t be asked to pay them the success fee.
To ask us any questions about making a data breach distress claim on a No Win No Fee basis, please don’t hesitate to get in touch.
Do you want to see if you qualify to claim? Or do you have questions surrounding the claims process or how long you could have to claim? Perhaps you’re not sure whether you could be eligible to make a claim. Whatever you need in terms of help and support, we’re here. You can contact us in a number of ways, including:
- Phoning: 0800 073 8801
- Emailing: email@example.com
- Completing the online contact form.
- Using our live chat.
Our Commitment To Client Care: You can read more about how Accident Claims UK put you first at all times during the claims process.
Learn More About Psychological Injuries: Here, we explore psychological injuries in more detail. You might find this useful if you wish to make a claim for a psychological injury.
Post-Traumatic Stress: This guide could be of use to you if you have suffered PTSD. It gives an explanation of how PTSD could affect you and how much you could claim.
Government Information On Data Protection: You can read more about data protection on the government’s website.
A Guide To Compensation From The ICO: This page on the ICO website offers some insight into how to claim compensation for a data breach.
Government Guidance On Personal Data After Brexit: This sets out the guidelines for personal data after the transition period when the UK leaves the EU.
Thank you for reading our guide to data breach distress.
Guide by JJ
Edited by RV