18th October 2021
The threat of a data breach and ensuing litigation is today, unfortunately, ever-present on the corporate risk agenda. Individuals are more aware of their data rights than ever before and the tide of litigation has been fuelled by claims management companies who have made it their business to encourage individuals affected by a data breach to take action.
Many such claims for breach of UK data protection legislation, breach of confidence, misuse of private information and negligence are of a relatively low value but, as they are often backed by ‘no win, no fee’-type agreements and After the Event (ATE) insurance against adverse costs orders, there is little to stop claimants pursuing even spurious or unmeritorious claims. That can result in increased management time being spent dealing with data breach fallout and an increased risk of additional reputational damage for defendant organisations. Plus, of course, large numbers of low settlements can make for high value data breach loss over all (as has been demonstrated by a number of recent high profile class actions).
Walker Morris recently published practical advice about how organisations can proactively protect themselves against the risk of data breach litigation. In this briefing, Commercial Dispute Resolution and data breach litigation specialists Gwendoline Davies offers advice arising from the case of Darren Lee Warren v DSG Retail Ltd , published towards the end of the summer, which should hopefully assist in stemming the flow of data breach claims brought by individuals against businesses. The case should also enable organisations to be more robust in their defensive strategies.
While it is not absolutely a nail in the coffin for all data breach claims , the Warren v DSG case confirms:
This case, along with recent comments from Oliver Dowden (Secretary of State for Digital, Culture, Media and Sport of the United Kingdom) in which he confirmed that the Government intends to diverge from key parts of the General Data Protection Regulation with a view to allowing data to be used more flexibly (in certain circumstances), could signal a general shift towards more of a balanced approach to protecting people’s privacy without unnecessarily stifling businesses.
Walker Morris’ Commercial Dispute Resolution lawyers are highly experienced in resolving and defending data breach claims. This expertise, when combined with our specialist Regulatory & Compliance team’s comprehensive understanding of the regulatory background, ensures that an informed and robust strategy can be adopted.
As well as helping you to respond quickly and effectively if and when a data breach occurs and any claim is threatened, our specialist solicitors can help you to refine your pre-emptive risk management strategies, whether that be carrying out health checks in respect of policies and procedures with a view to mitigating against claims of this nature, training staff and/or keeping you up to date with the legal and regulatory matrix.
If you would like to discuss any of the issues covered in this or our earlier briefings, please do not hesitate to contact Gwendoline Davies who will be very happy to help.
  EWHC 2168 (QB)
 as the case does not impact an individual’s ability to pursue a cause of action which derives from statute (UK data protection legislation/GDPR)
 see our earlier article