The Information Commissioner’s Office (ICO) is the UK’s data protection regulator. It exists to protect your information rights and data privacy. It also helps organisations to meet their obligations under the Data Protection Act (the UK’s interpretation of the GDPR).
If you discover that your personally identifiable information has been compromised in a data breach, you can ask the ICO to investigate why this happened.
The ICO has imposed substantial fines on organisations in breach of their duties. And, while the ICO does not award compensation to individuals, we can use evidence uncovered by the ICO to support your data protection compensation claim.
Organisations are legally obliged to tell you if they have breached your personal data. But all too often this isn’t happening. To find out if you have been involved in a data breach, look at some of the recent cases investigated by the ICO.
Scottish charity fined for contraventions of Articles 5(1)(f), 32(1) and 32(2) of the UK GDPR.
Your Home Improvements Ltd have been fined for making 1,718 unsolicited calls for direct marketing purposes to people who were registered with the Telephone Preference Service (TPS). This resulted in 4 complaints being made to the TPS and the Commissioner.
Your Home Improvements Ltd made 1,718 unsolicited calls for direct marketing purposes to people who were registered with the Telephone Preference Service (TPS). This resulted in 4 complaints being made to the TPS and the Commissioner.
The ICO has fined We Buy Any Car Limited £200,000. It sent 191.4 million marketing emails and 3.6 million marketing SMS messages to individuals without fully satisfying the requirements of the soft opt in, resulting in 42 complaints to the Commissioner, over a period of twelve months.
The ICO has fined Saga Services Ltd £150,000 for sending messages containing direct marketing material, for which subscribers had not provided valid consent.
Our expert data breach lawyers use evidence uncovered by the ICO to support your data protection compensation claim.
No. We can start a data breach action against an organisation without you going to the ICO, but we would always recommend this as a first step.
Personally identifiable information (PII) is any data that can be used to identify a specific individual – either on its own or together with other information.
Examples of PII include full names, bank account numbers, passport numbers, email addresses and a whole range of other data.
No. We can start a claim before the ICO has concluded its investigation. In some cases, actions are settled before an organisation has been fined by the ICO.
No. The ICO does not award data breach compensation to individuals.
At Keller Lenkner UK, we help clients in England and Wales with cybercrime claims. You can find out more about how we do this here.
If you have been scammed, defrauded or experienced cybercrime in England, Wales and Northern Ireland, you should also report this to Action Fraud.
Once you make a report, Action Fraud will provide you with a police crime reference number and your case will be passed to the relevant local police force/law enforcement agency for investigation. Action Fraud does not investigate the cases and cannot advise you on the progress of a case.
It is important to make a report via Action Fraud, as it uses this data to make reports and passes these to the National Fraud Intelligence Bureau (NFIB). The NFIB uses this data to identify serial offenders, organised crime groups and find emerging crime types.
Keller Lenkner UK has been shortlisted at The British Legal Awards 2021 in the ‘Independent Law Firm of the Year’ and ‘Strategic Legal Operations Team of the Year’ categories. We have also been shortlisted for the ‘Disputes Boutique Firm of the Year’ award at this year’s The Lawyer Awards.
