Solicitors, the police, and the wider criminal justice system have access to some of our most sensitive information. As such, strict policies and procedures must be in place to ensure the safe processing of such data. But all too often, this is not happening.
This is especially worrying as many in the sector use paper files which are not secured by encryption. What’s more, legal professionals often carry around large quantities of information (e.g. when going to court or to work on at home). This can increase the risk of a data breach.
There are many different types of legal, police and criminal justice data breaches to watch out for, including:
The Police. Officers, police staff, and suppliers must know how to work with sensitive information securely. However, this is not happening too often, and in 2020, there were over 2300 data breach incidents reported by just 22 of the UK’s police forces.
Legal professionals (e.g. lawyers, law firms and claims management companies). At Keller Lenkner UK, our expert data breach lawyers are committed to upholding the standards of our industry. That’s why it’s particularly upsetting when we are contacted by someone who has been let down by their solicitor.
Conveyancers. Many conveyancers deal with large sums of client money. This can increase the risk of a data breach and prove devastating if sensitive data falls into the wrong hands.
The Crown Prosecution Service. The CPS is the principal public agency for conducting criminal prosecutions in England and Wales. The ICO has previously fined it for losing unencrypted DVDs containing recordings of police interviews.
Criminal Injuries Compensation Authority (CICA). The CICA deals with compensation claims from people who have been physically or mentally injured because they were victims of a violent crime in England, Scotland, or Wales. The data held by the CICA is extremely sensitive, and the consequences of a data breach are grave.
Data breaches across this sector are happening because of a combination of human error (e.g. staff emailing sensitive information to the wrong recipient) and malicious cyberattacks. In many cases, people with access to police databases unlawfully used them to search for individuals.
The information held by the legal and criminal justice system is often extremely sensitive, and a data breach can have a devastating impact on the public. Privacy infringements can also harm officers themselves.
Keller Lenkner UK has gained an enviable reputation in data breach law. And, with a team of data breach experts led by Kingsley Hayes – arguably the UK’s foremost data breach solicitor – and considerable expertise in this field, it’s easy to see why. Here are just some examples of the legal, police and criminal justice cases our data protection lawyers have dealt with…
After his ex-partner was jailed for his attempted murder, Matthew made a compensation claim via the Criminal Injuries Compensation Authority (CICA). The CICA is an executive agency, sponsored by the Ministry of Justice. It awards compensation to victims who have been physically or mentally injured due to violent crime.
Despite there being an agreement in place to protect Matthew’s address, the CICA sent documentation that included Matthew’s home address to his ex after his release from prison. Matthew is now living in fear, his PTSD has been exacerbated, and he has had to relocate as his home no longer felt secure.
We are helping Matthew to claim compensation for this serious breach of data protection.
The Taylor family experienced a serious assault and subsequently gave witness statements to the police. The Police and the Crown Prosecution Service (CPS) erroneously passed these statements – which included their full names and home addresses – to the attacker, a known violent and aggressive offender.
The Taylor family is now living in fear of possible retribution and one member has had to move out of the family home as he does not want to put his children in danger.
We are helping the family claim compensation for this shocking and dangerous breach of their privacy, and the terror and emotional distress suffered.
*Names have been changed to protect client confidentiality.
In some cases, you won’t be the only person to experience a data breach. In these instances, it might be worth joining a group action. Our current legal, police and criminal justice data breaches include:
The personal details of victims of crime in Greater Manchester have been put online by mistake.
The data breach affects victims of sexual abuse, witnesses and people reporting crime. According to the Force, no informant details were breached.
Thousands of people are thought to be affected.
In 2019, The Police Federation of England and Wales (PFEW) suffered a severe data breach following a ransomware cyber-attack hit the PFEW headquarters. Around 120,000 current and former officers are affected.
In August 2019, over 750 annual benefit statements were sent to the wrong postal addresses. These statements were for police officers of Sussex Police.
Equiniti, a company that provides support, communications and technology platforms to help manage company pensions, was responsible for distributing these statements.
We are one of the most experienced multi-claimant law firms in the UK.
We represent clients in group actions and individual cases with innovation, resources, and expertise.
We work with expert barristers to ensure you get the very best level of legal support available.
We have all the resources and global expertise necessary to take on complicated cases and win.
We have offices in Chancery Lane, London and Liverpool City Centre, and the technology to provide a nationwide service.
We use technology to deliver a better legal experience to our clients.
We work on a no-win, no-fee basis.
We make the process straightforward and hassle-free.
Data breaches and cyberattacks are only going to become more common if firms do not adequately identify the risks of personal IT equipment being used by at home-workers and ensure that robust security measures such as virus protection, system access tools and encryption are used as standard.
Legal and professional services firm Gateley has experienced a significant cyberattack. The business, which has offices in Leicester and Nottingham, is currently investigating how its systems were compromised.
Client data has been stolen in the attack by an external source.
When news of this breach broke, the Police Federation told victims of this data breach that they did not have a claim. At Keller Lenkner, we disagreed with the assessment and started a test case against Equiniti.
Thousands of victims of crime have been compromised in the Greater Manchester Police data breach. Find out what you can do if your data was involved.
The Police Federation of England and Wales (PFEW) has admitted that it suffered a severe data breach across a number of its databases. This data
In August 2019, over 750 pension benefit statements, meant for officers of Sussex Police, were sent to the wrong postal addresses. Equiniti, a company that
While each case is judged on its own merits, there are some things we would typically look for when it comes to when claiming compensation following a data breach, cybercrime or other GDPR violation:
With stolen data, cybercriminals can make purchases using your bank and credit cards, apply for credit in your name, set up fraudulent bank accounts and access your existing online accounts.
GDPR failures, cybercrime and data breaches can have a significant impact on you, both mentally and physically. They can cause or exacerbate anxiety, stress and other psychological conditions.
Keller Lenkner UK has been shortlisted at The British Legal Awards 2021 in the ‘Independent Law Firm of the Year’ and ‘Strategic Legal Operations Team of the Year’ categories. We have also been shortlisted for the ‘Disputes Boutique Firm of the Year’ award at this year’s The Lawyer Awards.
