Welcome To The Data Leak Lawyers Blog
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
A number of people have been unsure as to how the £183m BA GDPR fine works in relation to compensation. They are two separate things, and here’s how it works.
Firstly, the record fine is the current proposal, and British Airways and their owner (IAG) can appeal the decision. Whether any appeal will be successful remains to be seen, but crucially, this is not yet the final fine. However, there will likely be a fine. Even if an appeal is successful, we expect that the Information Commissioner’s Office (ICO) is still going to issue a fine.
In terms of compensation, this is dealt with separately as part of a pending group action that you can sign-up for here.
With this week’s news focused on big GDPR fines for British Airways and Marriott, we can only assume that more fines are on the way.
Our lawyers are fighting for justice in over 25 different data breach group and multi-party actions. That shows just how many big legal cases we’ve taken forward, and some of the incidents took place after GDPR was introduced last year. The BA Group Action is one of those, and the initial fine of £183m shows just how serious the Information Commissioner’s Office (ICO) is on punishing offenders.
With the likes of the Ticketmaster data breach and the Well Pharmacy incidents yet to involve penalties, we expect more big fines to be on the horizon.
Just two days after the announcement of the huge BA data breach fine to the tune of £183m, the Marriott data breach fine is reportedly going to be set at £99m.
These are real statements of intent from the UK’s data watchdog, the ICO (the Information Commissioner’s Office).
When GDPR came into force last year, there was little doubt about the responsibilities that organisations have when it comes to data protection, and the punishments for failure are clear. We’re pleased with the announcement of another huge fine, and as always, we continue to bring the fights for justice for the victims who deserve compensation for the loss of control of their personal information.
We’re one year on from the world of GDPR compensation claims that came with the new legislation that was implemented on 25th May 2018.
We’re pioneers in the field of data protection compensation claims. Before other law firms began looking at them, we were starting group and multi-party actions years ago, and our lawyers are fighting for justice in over 25 different group and multi-party actions. Thousands of people have come to us for help over the years we’ve been specialising in this niche area of law, and we’ve seen the changes since GDPR came into effect last year.
Before GDPR, we primarily used the Data Protraction Act as the basis for the compensation claims we pursued. Now we have GDPR, are things different?
Some 5 million HMRC voice ID records are to be deleted after regulators ruled that a “significant” breach of data protection law had taken place over the use of the “my voice is my password” system.
The UK’s data watchdog, the ICO (Information Commissioner’s Office), has given the government until next month to remove data collected without proper content from millions of taxpayers. Although some people have since opted in for the system, the data for those collected and retained without proper consent is to be removed.
The issue has raised concerns over the government’s own ability to adhere to important data protection laws, with the ICO critical of HMRC’s behaviour.
We’re coming up to the first anniversary of the data law changes next month. Many are still unaware as to how GDPR and compensation claims work, and what the relationship is.
As data breach compensation experts, we can answer the key questions for you.
GDPR and compensation claims can go hand-in-hand, but they can also be viewed as two separate things. The new legislation has made the reporting of data breaches a bigger burden, which has led to an influx of reports since the law changes took place. GDPR can also place a greater burden for accountability when it comes to breaking data laws, and there’s the potential for huge fines.
But compensation is usually something that’s separately pursued to any involvement from the Information Commissioner’s Office (ICO). And that’s why we’re here.
The Bristol council data breach incident that was reported last week is understood to have affected thousands of residents.
The incident was yet another case of an avoidable data breach that has been caused by what appears to be a simple error. We see these kinds of leaks all the time, and they’re not the first council to have committed a breach just like it.
One of the most severe data breach group actions we’re running stemmed from an incident that’s exactly the same as this one. The damage that can be caused from a simple email error that leads to a leak can be substantial. A large volume of the cases we deal with are for council data breach compensation claims. They really are awfully common.
We may see a Marriott GDPR fine applied after the monumental breach that was discovered last year, given the volume of people affected and the nature of the breach.
As many as 500 million people were affected, with data said to have been compromised between 2014 and 2018. An unauthorised third-party is said to have accessed the guest reservation table fore the Startword division of the company. Data exposed in the breach included a lot of personal and account data.
The breach lapses over GDPR coming into force in May 2018. That means that the ICO (Information Commissioner’s Office) could issue a fine that equates to 4% of the Marriott’s global annual turnover.
It seems highly likely there will be some form of Facebook GDPR fine coming at some time. The recent data breaches cannot go unpunished.
As data breaches and our rights to privacy continue to grow in importance, people want to know how GDPR will be there to protect us. With the massive Facebook data breach that took place in September fresh in our minds, people want to know what kind of Facebook GDPR fine may be issued.
Facebook could find themselves as the marker in Europe for how far the new GDPR will go. Although it isn’t the first company to have been at the centre of a data breach since the rule change in May, it could be the biggest.
The British Airways GDPR fine could be as large as £500m, with several more millions on top of that to be paid to victims in compensation.
In terms of a fine, the new GDPR rules mean that a company responsible for a data breach is fined £17m or 4% of the company’s global annual turnover. The potential £500m figure has been based on the estimations of turnover, given how huge British Airways is.
Is this a feasible fine, and what about victims and their rights to compensation? How much could you receive?
EasyJet admits data of nine million hacked
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
