Data Breach & Cybercrime

Making a data breach claim. What has changed?  

CWU Legal Services in partnership with Keller Postman UK are assisting members claiming compensation they deserve following a data breach or cybercrime.

A case against Google for illegal data harvesting has transformed how data breach claims are managed in the UK. So, what does this mean for CWU members?

The background  

Between 2011 and 2012, Google used cookies on Apple’s Safari web browser to illegally collect data about its users. In response, a group action claim was launched to help people challenge Google over this data privacy violation. While the case was initially thrown out, it was subsequently taken to appeal. And, in a “ground-breaking” ruling, the Court reformed the data breach claims process.

What has changed?  

  • If a company does not protect your data in the way it is legally obliged to do, you can now claim for loss of privacy.
  • So, you can make a data breach claim even if you haven’t suffered financial loss or emotional distress
  • You can now make a data breach claim even if the only thing exposed was your email address.

Different types of group action claims 

Often, when a data breach occurs, you won’t be the only person making a claim. With a group action claim, the people affected collectively bring their cases to court to achieve compensation. Group actions can be a powerful tool and can have a bigger impact than a single claim. The recent ruling also changed the group action compensation process.

People involved in a data breach that has resulted in differing levels of financial loss or emotional harm, can still make a group action case. And now, people who have had their data breached in a mass privacy violation, but who have not experienced any harm (e.g. having their email address stolen), can join a representative action.

In representative actions, one solicitor will represent all clients. Because of their unique experience in data breach group actions.

Individual data breach cases 

The ability to claim compensation for individual personal data breaches still exists (for example, where a bank has posted your financial statement to the wrong address). But now, you can claim compensation even if you haven’t suffered because of the breach.

How will you know if you can make a data breach compensation claim? 

Since the introduction of the General Data Protection Regulation (GDPR), any organisation that processes your personal data MUST let you know if it has been breached. And, once you have been told about any violation, you can make a claim. You can also report any suspected data breaches to the ICO.

How do CWU Members make a data breach claim?  

  1. If you want to make a data breach claim, contact CWU Legal Services who will forward your details via a secure portal direct to Keller Postman UK who will advise you on whether you have a valid claim, answer any questions you might have and go through your options with you.
  2. Once we have established that your data has been breached, they will start the claims procedure on your behalf. Where many people come forward, we may launch a group or representative action.
  3. Before taking your claim to court, the judge will want to know what steps you have taken to settle the claim. So, we’ll write to the offending company offering a settlement. We always seek the maximum compensation possible on your behalf. If the other party does not agree to our terms, we will write to them to tell them that we intend to take the matter to court.
  4. We will gather evidence to back up your claim. Where the company has already admitted to breaching private data, or has already been found culpable, the chances of success are strong.

If your claim is successful, you may have to pay a success fee. This fee is deducted from the compensation awarded to you and this will always be explained in full before the start of your case.

For further information, don’t hesitate to contact our legal department:

CWU Legal Services
150 The Broadway,
SW19 1RX

Tel: 0208 971 7444