What is a data breach?

A data breach happens when an individual’s personal data is accessed, stolen, published, or otherwise used without their authorisation. Crucially, a breach can have a range of adverse effects on individuals, including emotional distress and financial losses. And, despite fears about cybercrime, human error is still the biggest cause of data protection breaches. There are several ways a data breach could occur, for example: access by an unauthorised third party (e.g. a cyberattack) unauthorised disclosure via human error (e.g. an email being sent to the wrong person) computing devices containing personal data being lost or stolen alteration of personal data without permission accidental or unlawful destruction of personal data.

What is personal data?

Personal data is any information about a person that could be used to identify them, either on its own or in combination with other information. For example, a name, email address or even an IP address. Personal data also includes extremely sensitive information such as medical records, details about a person’s political or religious leanings, and criminal convictions.

The Information Commissioner’s Office (ICO) is the UK’s data protection watchdog regulator. It protects your information rights and data privacy. And it helps organisations to meet their data protection obligations. If your personal information is involved in a data breach, you can ask the ICO to investigate why this happened. Importantly, the ICO can impose substantial fines on organisations in breach of their data protection responsibilities. For example, in 2020 the ICO individually fined Marriott International £18.4 million, British Airways £20 million, and Ticketmaster £1.25 million for failing to keep their customers’ personal data secure. However, the ICO does not award compensation to individuals, so it is vital to appoint an expert lawyer to get the compensation you deserve following a data breach. Your solicitor will use evidence uncovered by the ICO to support your data protection compensation claim.

How do I know if my data has been breached?

To avoid falling foul of data protection rules, organisations MUST tell you if they have breached your personal data “without undue delay”. However, in reality, this does not always happen. If you suspect your data has been breached, but you have not heard from the company you think failed to protect it, you can make a subject access request (SAR) to find out if your information was involved in a privacy violation. You can also contact the ICO if an organisation fails to respond to a SAR, or if it does not do so adequately.

What should I do if my data has been breached?

Victims of data breaches often become the target of cybercriminals. So, following a privacy violation, before you do anything else, it is essential to take steps to keep yourself safe. As well as following any security instructions provided by the organisation that breached your data, here are some top tips to prevent the impact of a data breach from escalating.

How do I start a data breach compensation claim?

If you discover you are involved in a data breach, you should start a compensation claim. To do this, contact Keller Lenkner UK for a free assessment of your case. We will talk you through your options and explain everything in plain English.

What is a group action data breach?

In some cases, where a data breach occurs, you will not be the only victim. In these instances, you might be able to join a group action claim. Because there is strength in numbers, a group action (also called a class action or multi-party action) helps to even the playing field between large organisations and individual claimants. So, a group action usually makes a big organisation take the matter more seriously. This increases the chances of success for the claimants.

How much data breach compensation will I get?

There are no set amounts awarded for a data breach claim. If you go to court, the judge will consider all the circumstances, including the seriousness of the breach and the impact on you. However, it is important that your data breach solicitor knows what to claim for. Inexperienced solicitors might not understand the full and lasting impact a data breach can have on a person.

A quick guide to no-win, no-fee data breach claims.

When you register with Keller Lenkner UK, we might ask you to sign a Conditional Fee Agreement (CMA). This is also known as a no-win, no-fee agreement. In this quick guide, we explain more about CFAs, and what clients agree to when they sign.

If an organisation fails to protect your private information, it’s important that you are able to make a cybercrime or data breach compensation claim. In fact, access to professional legal advice is an essential right. But concerns about the cost of making a claim can stop people from appointing a solicitor.

To help protect your rights and ensure you get the compensation you deserve, at Keller Lenkner UK, our expert data breach lawyers provide our services on a no-win, no-fee basis.

But what does this actually mean? And are there any hidden costs you should know about?

What is a no-win, no-fee agreement?

At Keller Lenkner UK, our data breach solicitors offer no-win, no-fee agreements to help our clients. No-win, no-fee means that, if your claim is not successful, you won’t have to pay a penny towards your case.

A no-win no-fee contract is also known as a Conditional Fee Agreement (CTA).

How can Keller Lenkner UK afford to take on no-win no-fee cases?

We expect to win the vast majority of our no-win, no-fee cases. And, when we do, the defendant has to pay your costs, fees, and disbursements*.

However, we also take out insurance to insure against the risk of losing a case. This is called ‘After the Event’ insurance (ATE). With ATE insurance, if we lose your case any costs will be paid by the insurance provider.

* A payment we make on your behalf to a third party.

Your obligations under a no-win, no-fee agreement

You have obligations when signing a no-win, no-fee data breach agreement. For example:

You must not mislead your solicitor.
You must not fail to co-operate.
You must act in accordance with the agreement and the advice given by your solicitor.
Should you wish to terminate your claim, you will be responsible for all costs and disbursements incurred by your solicitor*.

* If we lose your case, you do not have to pay these costs. If we win your case, we will recoup these from the other side.

What will you pay if you win your case?

If your claim is successful, you usually have to contribute towards your solicitor’s costs. This is called a ‘success fee’. It is taken from the compensation awarded to you.

At Keller Lenkner UK, our fees are reasonable and we always explain what you will have to pay if you win up-front.

In some group actions, we might even be able to waive this success fee and get the defendant to pay it instead of you. In such cases, there are no solicitor’s fees win or lose.

We always make sure you are fully informed about any potential costs before we proceed.

Are there any hidden costs you should know about?

No. There are no hidden charges or other administration fees.

How do you start a no-win, no-fee data breach or cybercrime claim?

Inform the ICO

You have the right to ask the ICO* to assess an organisation if you think it is guilty of a data protection breach. You can then use any evidence the ICO uncovers to support a data breach compensation claim.

Contact Keller Lenkner UK

At Keller Lenkner UK, our initial consultation is always free. We’ll talk through what’s happened to you, advise you on whether you have a winnable case, and go through your options without charging you a penny.

We’ll start the claims process

Once we have established that your data has been breached, the extent of the breach, and whether other people have also been affected, we’ll confirm if we can take on your case on a no-win, no-fee basis. We’ll then investigate your case, gather together the relevant paperwork and evidence, and make sure all the necessary court forms are filled in on time.

We will try to reach a settlement

Before taking your claim to court, the judge will want to know what steps you have taken to settle the claim. So, we’ll write to the offending company offering a settlement.

We will progress to court

If the other party does not agree to our terms, and we fail to reach an agreement, we will write to tell them that we intend to take the matter to court. In many cases, especially where the ICO has already fined the company, this threat is taken seriously. So there is usually a willingness to pay a reduced amount rather than face larger costs and bad publicity.

*Find out more about the ICO here.

How much compensation could you receive?

There are no guidelines about how much compensation you can be awarded for a claim under the Data Protection Act. If you do go to court, it is up to the judge to consider all the circumstances, including the seriousness of the breach and the impact on you.

However, while each case is judged on its own merits, there are some things we would typically look for when it comes to when claiming compensation for a data breach.

Financial losses

With stolen data, cybercriminals can make purchases using your bank and credit cards, apply for credit in your name, set up fraudulent bank accounts and access your existing online accounts.

Distress

Cybercrime and data breaches can have a significant impact on you, both mentally and physically. They can cause or exacerbate anxiety, stress and other psychological conditions.

Loss of privacy

Your data has value, and organisations must be held to account if they fail to protect your right to data privacy.

There is strength in our numbers

Keller Lenkner UK Limited is a formidable law firm. Combining technical expertise with experience in handling large volume cases, we represent our clients with passion, experience and diligence.

Having opened a data breach division in 2020, Keller Lenkner UK has gained an enviable reputation in data breach law. And, with a team of data protection experts led by Kingsley Hayes – arguably the UK’s foremost data breach solicitor – and considerable multi-party expertise, it’s easy to see why.

We have offices in London, Birmingham and Liverpool. And the technology to provide a nationwide service.

The Keller Lenkner name is synonymous with negotiating power. Other firms might claim to be data protection experts, but it takes more than an understanding of the law to succeed. At Keller Lenkner UK our team of data breach lawyers has the passion, skill, persistence and resources to fight your corner and win.

Why use Keller Lenkner UK to make a claim?

We are one of the most experienced multi-claimant legal firms in England and Wales.

Our legal team represents tens of thousands of workers and consumers across England & Wales.

We act for clients who deserve to win, and we do everything we can to ensure that they do.

We have all the resources and expertise necessary to take on complicated cases and win.

We are never afraid of a fight and are ready to take on large, deep-pocket defendants that other law firms shy away from.

From specialist barristers to expert lawyers, we always make sure you get the best possible legal support.

We have offices in Chancery Lane London, Birmingham and Liverpool, and the technology to provide a nationwide service, so we can help clients across England & Wales.

We combine expertise and technology to streamline the legal process and deliver an efficient, hassle-free experience to our clients.

We don't take on a case unless we believe we can win, and we are so confident in this that our clients don't pay us a penny unless we succeed.

Start Your Claim Today

Our experienced and professional team is ready to start your no-win, no-fee claim.

START YOUR CLAIM TODAY