The data minimisation principle is an essential part of data protection law in the UK to allow us to have greater control over who knows what about us, and why they store our information.
Any abuse of this principle could be a breach of the GDPR. A breach of the GDPR can entitle a victim to claim compensation for any distress that has been caused by the loss of control of personal information. In such a case, we may be able to represent eligible claimants on in No Win, No Fee basis.
Your Lawyers – The Data Leak Lawyers – is a leading firm of privacy claims specialists. You can speak to our team for free, no-obligation legal advice here now.
What is the data minimisation principle?
In short, the data minimisation principle simply means that information collected from people that is stored and processed must be adequate, relevant and limited to only what is necessary. It is about ensuring that we have greater control over our information by preventing organisations that store and process our data from having too much of it when they do not need to. This can help us to manage our expectations in respect of who knows what about us – and why.
We live in an age where information processing and storage is essential to function in the digitised society that we have today. However, that does not mean that we should not be allowed to control use of our information, and the GDPR entitles us to rights and protections.
How could this lead to a claim for compensation?
An issue in respect of the data minimisation principle could lead to someone suffering distress that could allow them to claim compensation in accordance with GDPR.
If there is a situation where an information controller stores and processes too much information about us, or accesses data that is not relevant, there can be an argument that this is not in keeping with the data minimisation principle. A person could be well within their rights to request the information controller reduce or remove the information that they have, and they should comply with such a request so long as it is reasonable. Failing to comply with such a reasonable request could be a breach of the GDPR, and this could cause distress to anybody who is simply wanting the control over their information that is afforded to them by the law.
If we find out that an information processor has more data about us than they should have, this revelation in itself could cause distress which could also allow a person to pursue a case for compensation.
How much compensation will I get for a data breach?
We are often asked: how much compensation will I get for a data breach?
Ultimately, the amount of your data breach damages assessment and final pay-out will depend on a number of factors. These include the nature of the information that has been misused or exposed and the extent of it. We can also consider how this personally affected you. As such, this is not a simple question to answer, but we can give you some valuable data based on our experience as a leading data breach law firm.
We have been pursuing privacy compensation cases for almost a decade. In that time, we have recovered over £1m in mostly individual cases, and our average settlement as of this month remains at just over £6,000 per case. This amount is just for the damages alone and does not account for any legal fees that we can pursue the other side for.
Whilst a very simple, straightforward and minor data breach claim could be settled for a few thousand pounds, people could try to estimate their settlement based on our real data which may be helpful as a rough guide for you.