BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Protect client data, warns law firm

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Mon, 27 Apr 2015 18:29:19 -0600
http://www.mortgagefinancegazette.com/legal/protect-client-data-warns-law-firm/

A new ruling means that compensation is now payable without the need to
show financial loss in the event of data breaches, warns law firm Moore
Blatch.

This follows the ruling in last month’s Google Inc. v Vidal-Hall Court
case, where the Court of Appeal clarified the rules under the Data
Protection Act 1988, which were previously interpreted as allowing
compensation claims only if a data breach caused a financial loss.

Following clarification by the Court, Clause 13 of the Act will now be
interpreted so that financial loss no longer needs to be shown for a
compensation claim for emotional impact on the claimant, such as anxiety or
distress. The previous interpretation had meant that compensation was not
available for most breaches.

Moore Blatch warns that while all reputable organisations follow good data
protection policies, more stringent practices need to be in place for data
where a financial risk might be exposed by a data breach, such as the
holding of bank or credit card details, as “appropriate measures” will be
tougher in the financial sector.

The decision is likely to have a number of potentially wide-ranging
implications, including an increase in claims for compensation under Clause
13, and a likely rise in class actions, in which a large number of
individuals have suffered emotional distress or invasion of privacy due to
the same data breach. Such claims could be very costly to brokers in terms
of damages.

John Warchus, partner at Moore Blatch, said: “Anyone in control of data,
will now have an even stronger incentive to comply with data protection
rules. The decision by the Court of Appeal is also consistent with the
likely future trend of data protection legislation – the draft EU Data
Protection Regulation will mean that someone can seek damages regardless of
a financial loss.”

He urges firms to review their data protection procedures and strengthen
them where necessary as more compensation claims are likely and the amount
of damages awarded is also likely to increase.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!
Previous By Date Next
Previous By Thread Next

Current thread: