Data Breach Compensation Claims | No Win No Fee

Making a claim for data breach compensation could be a necessary step if you’ve been impacted psychologically or financially by a violation of data protection laws.

In this guide, we’ll explain how such breaches can occur,  what the impact could be, and you can find links to lots of other useful resources and guides where you can learn more.

data breach compensation

What Is A Data Breach?

The Information Commissioner’s Office, which is the UK’s independent data watchdog, defines a personal data breach as a security incident that results in the accidental or unlawful loss, alteration, disclosure, or access to personal data. This covers violations brought on by both unintentional and deliberate factors. Additionally, it implies that a breach involves more than merely losing personal information.

Under the UK General Data Protection Regulations (UK GDPR), personal data is any information relating to an identified or identifiable natural individual. For example, your name, email address, telephone number, or online identifiers such as an IP address.

The ICO considers some types of personal information as more sensitive since it may contain more specific details. Special category data may include medical data, racial or ethnic origin, political opinions, trade union membership details, pregnancy and other medical data, sexuality and religious or philosophical beliefs.

Personal data breaches may involve:

  • Unauthorised third-party access
  • A controller or processor’s intentional or unintentional action (or inaction)
  • Sending personal information to the wrong recipient
  • Loss or theft of devices carrying personal data
  • Unauthorised modification of personal information
  • Loss of personal data accessibility

Learn More About What A Data Breach Is

How To Claim Data Breach Compensation

The Data Protection Act 2018 makes it possible for you to claim data breach compensation under certain criteria.

In connection to a personal data breach, we should define the following key phrases:

  • Data controllers: Usually a business or organisation that decides why and how to utilise a person’s personal data.
  • Data processors: A third party that processes data on the controller’s behalf.
  • A data subject: An individual whom a controller holds personal data on.

A personal data breach may happen due to negligence on the part of the controller or processor, or it may result from unlawful action. However, you may have grounds for a legitimate claim if the breach impacts your data and you experience financial loss or psychological harm as a result.

Ultimately, to be eligible to make a data breach claim, you will need to prove the following:

  • A data breach occurred that affected your personal data
  • The breach occurred due to the wrongful conduct of the controller or processor
  • You suffered harm or loss as a result of the breach

If you are able to show that a personal data breach caused you harm or stress, you must make a claim within the time limit. Under the Limitation Act 1980, the current time limit for filing a data breach claim is six years. However, you have just one year if a violation of human rights occurred during the breach.

Learn More About How To Claim Data Breach Compensation

Data Breach Claims – What Can You Be Compensated For?

You might be entitled to claim material damages as part of your compensation for a data breach. This covers any financial loss brought on by a data breach. For instance, fraudulent purchases on your account, a lower credit score, and even identity theft could result from your credit card information being compromised or stolen due to lost paperwork or another factor. Any associated expenditures may be refunded to you.

In Vidal-Hall v. Google Inc. 2015, the Court of Appeal decided that you can now also make a claim for any psychological injury without having suffered financial loss. Previously, you could only claim for mental suffering if you had endured financial damage. Non-material damage is what we call psychological harm.

Furthermore, following the Gulati & Ors V MGN Ltd (2015) case, a judge ruled that, similar to personal injury claims, personal data breach claimants may be entitled to compensation for any psychological injuries. Therefore, we may use the 16th edition of the Judicial College Guidelines to estimate different compensation ranges for any mental suffering. Legal professionals use the document to value injuries based on previous court rulings. 

Learn More About How To Claim GDPR Compensation For Distress

How Much Compensation Will I Get For A Data Breach

Now that we’ve discussed what you can be compensated for, you might wonder, ‘how much compensation will I get for a data breach?’.

To offer an insight into what non-material damage compensation for a data breach could look like, we have used figures from the April 2022 edition of the Judicial College Guidelines (JCG) to create the table below.

InjuryCompensation AmountNotes
Severe Psychiatric Harm Generally £54,830 to £115,730The prognosis is poor and your quality of life will be impacted.
Moderately Severe Psychiatric Harm Generally £19,070 to £54,830The impact is still significant, however, the prognosis is slightly better than above.
Moderate Psychiatric Harm Generally £5,860 to £19,070There will have been a marked improvement.
Less Severe Psychiatric Harm Generally £1,540 to £5,860
Your ability to carry out daily activities influences the award within this bracket.
Severe Post-Traumatic Stress Disorder £59,860 to £100,670
Inability to sleep or maintain relationships in your life.
Moderately Severe Post-Traumatic Stress Disorder £23,150 to £59,860

The prognosis is likely to be better if you seek professional help.
Moderate Post-Traumatic Stress Disorder £8,180 to £23,150
Symptoms are still there, however, the prognosis is much more positive.
Less Severe Post-Traumatic Stress Disorder £3,950 to £8,180
A full recovery is made by two years.

Whilst legal professionals use the JCG to value claims, it’s important that you only use the figures above as guidelines. Solicitors will also take into account any material damage you may have suffered as a result of the breach.

Speak to our advisors for free legal advice at any time convenient for you, and they can answer questions, such as, ‘can I get compensation for a data breach?’.

Learn More About Data Breach Compensation Claims

Below, you can learn more about data breach compensation claims: