In this guide, we discuss the question ‘Can you sue someone for disclosing personal information?’. Data controllers, those who set the purpose for processing, and data processors, those who act on the processors behalf, have a responsibility to adhere to certain laws that protect your personal data. If either of these parties breached these laws, and it led to the unauthorised disclosure of your personal data, causing you monetary damage or mental harm, it may be possible for you to start a claim for a personal data breach. We will provide information about the eligibility criteria you need to meet in more detail later in this guide.
Additionally, we discuss the responsibilities controllers and processors have in more detail and provide examples of how they could fail to adhere to data protection laws.
This guide will also explain the factors considered when calculating data breach compensation and the evidence you could gather to support your case.
To conclude, we explore the advantages of having legal representation from a solicitor off our panel and the No Win No Fee terms under which they could offer their services.
For more information, please contact an advisor via the contact details below. They can provide further guidance on your potential data breach compensation claim.
- Speak to our team 24/7 on 020 8050 3051
- Contact us online.
- Ask an advisor your question via the live chat option below.
Section A Section
- Can You Sue Someone For Disclosing Personal Information?
- Examples Of How Personal Information Could Be Disclosed
- Evidence That Could Help In Data Breach Claims
- How Much Compensation Could You Receive After Your Personal Information Has Been Disclosed?
- Make A Data Breach Compensation Claim On A No Win No Fee Basis
- Learn More About What Constitutes A Data Breach
Can You Sue Someone For Disclosing Personal Information?
If you are wondering ‘Can you sue someone for disclosing personal information?’, you should consider whether you meet the eligibility criteria. In order to have a valid personal data breach claim, you must be able to prove:
- Failings by the data controller or data processor to adhere to data protection laws.
- Due to these failings, your personal data was involved in a breach.
- This breach of your personal data caused you to suffer financial harm, psychological injury or both.
Two main pieces of legislation called the Data Protection Act 2018 (DPA) and the UK General Data Protection Regulation (UK GDPR) lay out the responsibilities controllers and processors have with regard to the storing, handling and processing of your personal data.
Personal data is information that could be used by itself or in conjunction with your information to identify you. This may include your name, home address, email address, phone number or credit card details. It can also include more sensitive information that requires extra protection such as data revealing ethnicity or racial origin, sexual orientation and data concerning health such as your medical records. This type of data is referred to as special category data.
The Information Commissioner’s Office enforces data protection rights for the public in the UK. The definition of a personal data breach they give is a security issue in which your personal data’s availability, integtity or confidentiality is impacted.
If you have evidence that your personal data was breached, please contact an advisor on the number above.
Examples Of How Personal Information Could Be Disclosed
Now we’ve answered the question “can you sue someone for disclosing personal information?” we want to provide some examples of how this could occur.
These include:
- An email data breach can occur if your healthcare provider sends information regarding your treatment to the email address of a patient with the same name.
- A bank data breach occurred when staff accidentally sent your replacement card to the wrong address.
- Inadequate training resulted in physical copies of your HR data being thrown out with other office papers instead of being destroyed. Unauthorised persons were subsequently able to access your personal information.
To discuss your specific circumstances further and find out if you’re eligible to make a claim, contact our team today.
Evidence That Could Help In Data Breach Claims
There are several pieces of evidence that could help you support a personal data breach claim, such as:
- Correspondence that relates to the data breach. This could include a letter of notification from the organisation letting you know that a breach has occurred and what information was affected. Organisations need to notify you of a breach without delay if it puts your rights and freedoms at risk.
- Evidence of any mental harm. This could include reports from a psychiatrist or doctor.
- Financial documentation. Bank statements, credit card statements and credit reports can show any financial losses caused by the personal data breach.
Additionally, if you report the breach to the ICO and they investigate, their findings could be used to support your case. The ICO do not award compensation and it is not essential to contact them in order to make a claim.
One of the experienced and helpful data breach solicitors off our panel may be able to assist you in gathering evidence and building your case, provided you are eligible to continue with your case. To find out more about the ways they could help you, please contact an advisor on the number above.
How Much Compensation Could You Receive After Your Personal Information Has Been Disclosed?
After a data breach claim that has succeeded, you could be receive compensation to address the non-material damage and material damage you have suffered.
Non-material damage refers to the psychological harm caused by the breach of your personal data, such as distress, depression and anxiety. In order to value this, solicitors can use a publication called the Judicial College Guidelines. This contains guideline award brackets for different types of mental harm.
We include an excerpt from this publication below but please note, they are only guide figures and not a guarantee of the compensation you could receive.
Guideline Award Brackets
Harm Type | Level Of Severity | Further Details | Guideline Compensation Amounts |
---|---|---|---|
Psychological Harm | (a) Severe | Marked issues affecting multiple aspects of the person's life with a very poor prognosis. | £66,920 to £141,240 |
(b) Moderately Severe | Problems of a significant nature affecting multiple parts of life but an improved prognosis than the bracket above. | £23,270 to £66,920 | |
(c) Moderate | Improvement of a significant nature is made and the person has a good prognosis. | £7,150 to £23,270 | |
(d) Less Severe | The award given can depend on how long the person is affected and to what extent. | £1,880 to £7,150 | |
Post-Traumatic Stress Disorder (PTSD) | (a) Severe | Permanent and negative impact on all areas of the person's life. They are unable to function the way they did prior to the trauma. | £73,050 to £122,850 |
(b) Moderately Severe | A better prognosis due to receiving professional help but significant disability is present for the foreseeable future. | £28,250 to £73,050 | |
(c) Moderate | A large recovery with persisting issues not being majorly disabling. | £9,980 to £28,250 | |
(d) Less Severe | Mostly a full recovery within a couple of years and only minor issues continuing for longer. | £4,820 to £9,980 |
Material Losses In A Data Breach Claim
Material damage refers to the costs and expenses caused by the breach of your personal data. For example:
- Loans taken out in your name following a credit card data breach.
- Money stolen from your account.
- Lost earnings for time taken off work to deal with the emotional impact of the breach.
Evidence, such as wage slips and bank statements, could help prove any monetary losses.
To discuss how data breach compensation is calculated, please contact an advisor on the number above.
Make A Data Breach Compensation Claim On A No Win No Fee Basis
If you are eligible to sue someone for disclosing your personal information, you could choose to work with a solicitor from our panel. They could offer the following services:
- Help to collect relevant supporting evidence.
- Value your potential claim.
- Provide regular updates on the status of your claim at every stage
- Help understanding complex legal jargon
Additionally, they have experience handling data breach claims and could offer their services under a type of No Win No Fee agreement, called a Conditional Fee Agreement, to help. The usual terms of this agreement can mean no payments are expected in advance to secure the solicitor’s services or as the claim moves forward. Not only this, there are no fees for completed work should the claim fail.
Claims that enjoy a successful outcome require only a small deduction from the compensation awarded. This acts as a success fee for the solicitors and is taken as a percentage which is subject to a legislative cap.
Our advisors can provide a free assessment of your eligibility to pursue your claim. If it’s valid, they could assign a data breach solicitor from our panel to take up your case. For more information:
- Speak to our team 24/7 on 020 8050 3051
- Contact us online.
- Ask an advisor your question via the live chat option below.
Learn More About What Constitutes A Data Breach
We offer further guides from our website to help:
- What should I do if my data is breached?
- When can I claim for a data breach at a bank?
- What types of personal data breach could you claim for?
Or you may find these external resources useful:
- Government information about data protection.
- Read here about how to make a complaint to the ICO.
- Helpful tips for staying secure online from the National Cyber Security Centre.
Thank you for taking the time to read our guide about whether you can sue someone for disclosing personal information. Please feel free to get in touch if you have any other questions or queries.
Writer Jeff Walker
Editor Meg Monsoon