The Information Commissioner’s Office (ICO) is the UK’s data protection regulator. It exists to protect your information rights and data privacy. It also helps organisations to meet their obligations under the Data Protection Act (the UK’s interpretation of the GDPR).
If you discover that your personally identifiable information has been compromised in a data breach, you can ask the ICO to investigate why this happened.
The ICO has imposed substantial fines on organisations in breach of their duties. And, while the ICO does not award compensation to individuals, we can use evidence uncovered by the ICO to support your data protection compensation claim.
Organisations are legally obliged to tell you if they have breached your personal data. But all too often this isn’t happening. To find out if you have been involved in a data breach, look at some of the recent cases investigated by the ICO.
Leads Work Limited sent 2,670,140 marketing text messages to individuals without their consent, resulting in excess of 10,000 complaints, over a period of 41 days.
Leads Work Limited sent 2,670,140 marketing text messages to individuals without their consent, resulting in excess of 10,000 complaints, over a period of 41 days.
Muscle Foods Limited sent approximately 135,651,627 marketing emails and 6,354,426 marketing SMS messages to individuals without their consent, over a period of seven months.
Muscle Foods Limited sent approximately 135,651,627 marketing emails and 6,354,426 marketing SMS messages to individuals without their consent, over a period of seven months.
Between 15 June 2020 and 20 July 2020 a total of 95,004 connected unsolicited direct marketing messages were received by subscribers, resulting in 114 complaints.
Our expert data breach lawyers use evidence uncovered by the ICO to support your data protection compensation claim.
No. We can start a data breach action against an organisation without you going to the ICO, but we would always recommend this as a first step.
Personally identifiable information (PII) is any data that can be used to identify a specific individual – either on its own or together with other information.
Examples of PII include full names, bank account numbers, passport numbers, email addresses and a whole range of other data.
No. We can start a claim before the ICO has concluded its investigation. In some cases, actions are settled before an organisation has been fined by the ICO.
No. The ICO does not award data breach compensation to individuals.
At Keller Lenkner UK, we help clients in England and Wales with cybercrime claims. You can find out more about how we do this here.
If you have been scammed, defrauded or experienced cybercrime in England, Wales and Northern Ireland, you should also report this to Action Fraud.
Once you make a report, Action Fraud will provide you with a police crime reference number and your case will be passed to the relevant local police force/law enforcement agency for investigation. Action Fraud does not investigate the cases and cannot advise you on the progress of a case.
It is important to make a report via Action Fraud, as it uses this data to make reports and passes these to the National Fraud Intelligence Bureau (NFIB). The NFIB uses this data to identify serial offenders, organised crime groups and find emerging crime types.
