When we send or receive communication via email, we expect those communications to be prompt and secure. So when your personal information is exposed via email, this can be a source of considerable distress. That’s why we have created this guide on claiming email data breach compensation.
We cover topics such as eligibility to claim, example scenarios and how compensation is calculated in data breach claims. You will also see a compensation table to help illustrate this.
At the bottom of this guide, there is a short overview of the type of No Win No Fee contract that our panel of expert data breach solicitors can offer their services under and how such a contract can offer significant benefits.
Whether you’re looking for a free consultation regarding your eligibility to claim or you have questions about the claims process, our team are available 24 hours a day. To speak to an advisor:
- Call the team on 0800 408 7827
- Fill in our contact form online.
- Open the live chat window on screen now.
Browse This Guide
- What Is An Email Data Breach?
- Can I Claim Email Data Breach Compensation?
- How Could An Email Data Breach Happen?
- How To Sue For Email Data Breach Compensation
- How Much Compensation For A Data Breach Claim?
- Why Claim Data Breach Compensation On A No Win No Fee Basis?
- Learn More About Claiming For Data Breaches
What Is An Email Data Breach?
In broad terms, a personal data breach is a security incident that affects the integrity, availability, or confidentiality of personal data. An email data breach is when your personal data is exposed via email. This could be when an email intended for you is sent to the wrong address or your email is exposed in a cyber attack. This definition was taken from the Information Commissioner’s Office (ICO), the UK’s independent body for the upholding of information rights.
What we mean by personal data is any information that can be used to directly or indirectly identify a living individual. Examples include names, addresses and contact details such as personal email addresses or phone numbers.
Some personal data is considered more sensitive in nature and therefore classed as special category data. This information requires higher standards of protection than regular personal data. The special category includes data relating to health, sexuality and sex life, religious beliefs and trade union membership.
Contact our advisory team today for further guidance on the types of data that could be exposed in an email data breach or for a free assessment of your eligibility to claim.
Can I Claim Email Data Breach Compensation?
There are three parties relevant when discussing data breach claims:
- Data subjects are the living identifiable individuals to whom the personal data relates.
- Data controllers are usually organisations that decide when, how and why your personal data will be processed.
- Data processors are usually external organisations that are contracted to process data on a controller’s behalf. It is important to note that not every data controller will use external processing services.
Both controllers and processors are legally obligated to uphold the standards of data protection set out by the UK General Data Protection Regulation and the Data Protection Act 2018. Together, they set out data protection law. Failure to do so can result in security incidents where your data is compromised. If a data controller or processor fails to adhere to data protection law. this is known as wrongful conduct.
In summary, you may be eligible to claim email data breach compensation if you can show the following:
- There was some wrongful conduct by either the data controller or processor.
- This conduct resulted in a data breach in which your personal data was affected.
- You suffered financial losses, psychiatric injury or both as a result of this.
Talk to our advisors today for further guidance on how to sue for a data breach. The team can also assess your eligibility to claim free of charge.
How Could An Email Data Breach Happen?
There are multiple circumstances in which you could claim email data breach compensation following a breach of your personal data. A few examples of how an email data breach could occur include:
- Your GP sent an email regarding your cancer treatment to your parent’s email address instead of your own. This resulted in your parent discovering your cancer diagnosis, which you had not wished to inform them of.
- Due to inadequate cybersecurity measures, your pension provider experienced a large-scale cyber attack. Cybercriminals stole various contact details, such as emails and phone numbers, including your own.
- Your employer sends an email containing your personal data to one of your colleagues due to you having similar names and they failed to check whether the correct email address was inputted.
Other scenarios where your email is exposed could arise. So, if your particular circumstances are not given above, don’t worry, you could still be eligible to make a claim. Get in touch with our team today to find out more.
How To Sue For Email Data Breach Compensation
In order to make an email data breach compensation claim, you will need to provide some supporting evidence. This evidence will need to prove that the wrongful conduct of either the data processor or controller caused a data breach, and that this caused you to suffer damage.
Examples of evidence include:
- Confirmation from the data controller stating that a data breach affecting your personal information has occurred. This may be a written letter or an email.
- Details of any financial impacts, such as your bank and credit card statements or other bills.
- Medical records or confirmation from a psychiatrist showing that you suffered psychological distress as a result of the data breach.
As a data subject, you have the right to voice your concerns to a data controller about how your personal information is being handled, processed or protected. If you do not get a meaningful response from the organisation or are unsatisfied with the response they give, you can report the matter to the ICO.
The ICO will then look into your concerns and take disciplinary action against the data controller if necessary. While this is not a required step in order to make a data breach claim, any findings from this investigation can be useful evidence for your claim. It is important to note that you must make this report within 3 months of your last meaningful communication with the organisation responsible.
Can I Check If My Email Was Involved In A Data Breach?
A data controller should notify all affected data subjects that a UK GDPR data breach has occurred as soon as possible if they believe that their rights and freedom are at risk. However, if they do not, you can contact the controller and ask them for clarification.
There are also multiple websites that track data breaches. You can look at these to check whether your email address has come up in a breach. However, the best course of action if the organisation has not notified you of a breach is to speak with them directly.
For additional advice on the evidence you can use for your data breach claim, or a free assessment of your eligibility, contact our advisors today. You can reach the team at any time using the contact information provided below.
How Much Compensation For A Data Breach Claim?
Compensation in a successful email data breach compensation claim can be paid out for two different types of damage:
- Material damage refers to the financial impact of having your personal information compromised. We’ll cover this later in the section
- Non-material damage means the psychological impacts of a personal data breach.
Calculating a possible figure for non-material damage is something a data breach solicitor on our panel can assist you with if you have a valid claim. The legal team given this task can look at your provided medical evidence alongside the Judicial College Guidelines (JCG).
The JCG publication contains compensation guidelines for different injuries. Except for the first entry, the JCG brackets for psychiatric injuries have been used in the table here.
Compensation Table
Please be advised that this table has been included for guidance only.
| Type of Injury | Severity | Compensation Guideline |
|---|---|---|
| Severe Psychological Damage With Financial Losses | Severe | Up to £500,000 + |
| General Psychiatric Damage | Severe (a) | £66,920 to £141,240 |
| Moderately (b) | £23,270 to £66,920 | |
| Moderate (c) | £7,150 to £23,270 | |
| Less Severe (d) | £1,880 to £7,150 | |
| Post-traumatic Stress Disorder | Severe (a) | £73,050 to £122,850 |
| Moderately (b) | £28,250 to £73,050 | |
| Moderate (c) | £9,980 to £28,250 | |
| Less Severe (d) | $4,820 to £9,980 |
Material Damage In Data Breach Compensation Claims
As we touched on briefly above, costs incurred as a result of a personal data breach can be reimbursed if your claim succeeds. Examples of costs you could claim compensation for include:
- Loss of earnings due to time taken off work due to psychological trauma.
- The cost of relocation or security installations if your address has been exposed.
- The cost of receiving therapy for the psychological harm you have suffered.
This compensation section has been included to act as a guide only. As data breach claims are assessed on a case-by-case basis, we cannot guarantee compensation amounts here. To find out about how compensation amounts are calculated or for a free assessment of your eligibility to claim, talk to our team today.
Why Claim Data Breach Compensation On A No Win No Fee Basis?
By using a specialist No Win No Fee solicitor from our expert panel for your email data breach compensation claim, you will benefit from a specific type of contract known as a Conditional Fee Agreement (CFA).
The advantages of this type of contract include:
- No upfront fees for the solicitor to begin working on the claim, in most cases.
- No ongoing fees for this work during the claims process itself.
- No fees to pay for the work done on the claim should the claim fail.
Should, however, the claim succeed, you will receive data breach compensation. Some of this compensation will go to the solicitor as their success fee. But, because success fees are subject to a legally binding cap, most of any compensation that is paid out will be yours to keep.
Whether you’re looking for a free consultation regarding your eligibility to claim or you have questions about the claims process, our team are available 24 hours a day. To speak to an advisor about your data breach claim today:
- Call the team on 0800 408 7827
- Fill in our contact form online.
- Open the live chat window on screen now.
Learn More About Claiming For Data Breaches
Here are some of our data breach guides:
- Learn how to sue for a data breach that compromised your personal data.
- Guidance on claiming compensation for a UK GDPR data breach of your data.
- Learn how to sue a post office for a data breach.
We have included some external links for additional information:
- The National Cyber Security Centre has published its top tips for staying secure online for individuals and families.
- Read this guidance on finding out what data an organisation has about you on the Government website.
- You can get support and access a range of mental health resources through the NHS.
We’d like to thank you for taking the time to read this email data breach compensation guide. Get in touch with our advisory team today with questions or for a free assessment of your eligibility to claim.