The General Data Protection Regulation and Data Protection Act 2018 were the most significant overhauls of privacy and data protection legislation in the UK for the best part of 20 years. Against the backdrop of changes in how and when damages may be awarded in civil claims involving data protection issues, the introduction of an "effective judicial remedy", many expected a flood of litigation as a result of even the most minor breach, with Claimant Law Firms working to build group actions that have been described as potentially "ruinous" for defendants.
The first major Civil Data Breach Group Claim, involving Morrisons, saw the Court impose long-standing legal remedies based upon existing law around vicarious liability, and sent shockwaves across businesses up and down the country given that it would appear that businesses can only manage the risks associated with the actions of a "rogue employee" to a comparatively limited extent. Since then, various other "group" claims have been issued, although with lesser degrees of success.
With nearly 40 years' combined experience in dealing with Data Breaches of all shapes, sizes and severity, Tim Smith and Steve Kuncewicz, both partners at BLM, will provide a detailed history of how the Courts have dealt with such claims, and with the benefit of their experience in dealing with a raft of ongoing cases, provide insight into the future of this developing area of law, now at the very top of the risk management agenda.
- Steve Kuncewicz, partner, BLM
- Tim Smith, partner, BLM