The Information Commissioner’s Office (ICO) is the UK’s data protection regulator. It exists to protect your information rights and data privacy. It also helps organisations to meet their obligations under the Data Protection Act (the UK’s interpretation of the GDPR).
If you discover that your personally identifiable information has been compromised in a data breach, you can ask the ICO to investigate why this happened.
The ICO has imposed substantial fines on organisations in breach of their duties. And, while the ICO does not award compensation to individuals, we can use evidence uncovered by the ICO to support your data protection compensation claim.
Organisations are legally obliged to tell you if they have breached your personal data. But all too often this isn’t happening. To find out if you have been involved in a data breach, look at some of the recent cases investigated by the ICO.
ICO orders facial recognition database company Clearview AI Inc £7.5m to delete all its UK data.
ICO fines facial recognition database company Clearview AI Inc £7.5m and orders UK data to be deleted.
Reed Online Limited fined £40,000 for breaching the Privacy and Electronic Communications Regulations.
Between 1 and 30 November 2020 Finance Giant Ltd instigated the sending of a confirmed total of 505,759 unsolicited direct marketing messages that were received by subscribers contrary to regulation 22 of PECR.
Between 15 November 2019 and 15 July 2020 Bizfella Limited instigated the sending of 224,550 unsolicited direct marketing SMS messages that were received by subscribers contrary to regulation 22 of PECR.
Our expert data breach lawyers use evidence uncovered by the ICO to support your data protection compensation claim.
No. We can start a data breach action against an organisation without you going to the ICO, but we would always recommend this as a first step.
Personally identifiable information (PII) is any data that can be used to identify a specific individual – either on its own or together with other information.
Examples of PII include full names, bank account numbers, passport numbers, email addresses and a whole range of other data.
No. We can start a claim before the ICO has concluded its investigation. In some cases, actions are settled before an organisation has been fined by the ICO.
No. The ICO does not award data breach compensation to individuals.
At Keller Lenkner UK, we help clients in England and Wales with cybercrime claims. You can find out more about how we do this here.
If you have been scammed, defrauded or experienced cybercrime in England, Wales and Northern Ireland, you should also report this to Action Fraud.
Once you make a report, Action Fraud will provide you with a police crime reference number and your case will be passed to the relevant local police force/law enforcement agency for investigation. Action Fraud does not investigate the cases and cannot advise you on the progress of a case.
It is important to make a report via Action Fraud, as it uses this data to make reports and passes these to the National Fraud Intelligence Bureau (NFIB). The NFIB uses this data to identify serial offenders, organised crime groups and find emerging crime types.
Keller Lenkner UK has been shortlisted in three categories at the Modern Law Awards 2022. These categories are ‘Business Growth Award’, ‘Innovation of the Year’ and ‘Boutique Law Firm’. We have also been shortlisted for ‘Law Firm of the Year’ at the 2022 LexisNexis Legal Awards.
This follows our 2021 success where we were shortlisted in the ‘Independent Law Firm of the Year’ and ‘Strategic Legal Operations Team of the Year’ categories at The British Legal Awards, and the ‘Disputes Boutique Firm of the Year’ category at The Lawyer Awards.