UK Court of Appeal’s award of compensation following breach of Data Protection Act could open floodgates - .PDF file.
By Steven P Farmer
While regulatory action by the UK Information Commissioner’s Office (ICO) is relatively commonplace and well reported following data breaches, particularly since the ICO was granted powers to issue on-the-spot fines for serious breaches by data controllers of up to £500,000 back in 2010, private actions for data breaches could be described as occurring ‘once in a blue moon’.
Nevertheless, in what is a rare and groundbreaking case, the Court of Appeal recently awarded compensation to an individual for distress following a breach of Section 13(2) of the Data Protection Act 1998 (Data Protection Act).
In Halliday v Creation Consumer Finance Limited (2013) EWCA Civ 333, a claim for compensation for an individual’s distress under Section 13(2) Data Protection Act was considered. Significantly, the Court of Appeal clarified that, when considering compensation for distress under the Data Protection Act, it should be borne in mind that it is ‘not the intention of the legislation to produce some kind of substantial award’…
If you are registered and logged in to the site, click on the link below to read the rest of the Pillsbury briefing. If not, please register or sign in with your details below.