Data Breach Claims Against A Court – Essential Advice

In this guide, we will examine if and who could be eligible to make data breach claims against a court. HM Courts and Tribunals Service is an executive agency and is sponsored by the Ministry of Justice MOJ. We detail the legislation governing data protection, what information is protected by these laws and how a failure to meet obligations under these laws can lead to data breaches.

You will find explanations of the information that can be handled by courts and why it is important that this information is protected. 

We have also listed the types of harm that can be incurred from having your data breached, and how data breach compensation claims are calculated.

The penultimate section of this guide discusses how our panel of specialist data breach solicitors could take your potential claim under a distinct type of No Win No Fee contract. We likewise explain the benefits of working with a solicitor who offers services under these terms.


Data Breach Claims Against A Court – A Guide

Our team of specialist advisors can provide more details on the data breach claims process, address any queries and offer an assessment of your potential claim. You can talk to an advisor using the contact details listed below:

  • Call the team on 0161 696 9685
  • Complete our “contact us” form here.
  • Click the live chat button on this webpage.

Select A Section

  1. Who Could Make Data Breach Claims Against A Court?
  2. How Do You Prove A Breach Of The UK GDPR?
  3. What Information Could Be Handled By The Courts?
  4. How Are Data Breach Claims Valued?
  5. Start Your No Win No Fee Claim For A Breach Of Your Data
  6. Learn More About Data Breach Claims Against A Court

Who Could Make Data Breach Claims Against A Court?

Data protection in the UK is enforced by the Information Commissioner’s Office (ICO). This independent public body not only provides guidance and rules on how to properly store and handle data, enforces data protection laws and upholds information rights of data subjects but also investigates breaches of data protection law and issues fines.

A personal data breach is a security breach that results in the loss, unauthorised disclosure of or access to, alteration or destruction of personal data, accidentally or deliberately. 

There are 3 relevant parties when discussing data breaches. A data controller is the party that decides when, how and why your data will be processed. They can either process data internally or use an outside party referred to as a data processor. A data subject is the living identifiable individual to whom the personal data relates. 

It is a legal requirement for both data controllers and processors to uphold the data protection obligations set out by the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Failing to uphold their obligations under these laws, data breaches could occur.

In order for data subjects to be eligible to make a personal data breach claim, these 3 criteria need to be satisfied:

  1. A data controller or processor did not abide by data protection law, thus leading to a data breach.
  2. Your personal data was involved in this breach.
  3. You experienced financial losses, psychological injuries or both as a result of having your data breached. 

To get more information on who is eligible to start a data breach claim, speak to one of our advisors via the contact details provided above. You can also see our data breach compensation FAQ guide here.

Is There A Time Limit For Data Breach Claims Against A Court?

Data breach claims must have legal proceedings initiated within 6 years or 1 year if claiming against a public body. There are, of course, exceptions to this, please call our advisors for further advice. Not only can our team offer guidance on how data breach claims work, but they can assess any data breach claims against a court. 

How Do You Prove A Breach Of The UK GDPR?

Data breach claims require evidence supporting them. We have listed some possible examples of evidence that could be collected in support of a claim here:

  • Communications from the data controller that explain that a data breach has occurred and that your personal data was affected, such as a data breach notice letter.
  • Financial documents, such as your credit card statements, if you have suffered financial losses due to the breached personal data. 
  • Medical records if you have suffered any psychiatric harm as a result of having your data breached. 

Data controllers are obligated to notify any data subjects affected by a data breach if it infringes on their rights and freedoms without undue delay. They also have 72 hours to notify the ICO, after they become aware of such a breach, who may then open an investigation into the matter. The results of this investigation can be used as evidence for your claim.

You may find it beneficial to work with a solicitor when collecting evidence for your claim. Speak to our advisors to get an assessment of the circumstances of your claim. You could be connected with a solicitor from our panel if an advisor decides you have valid grounds to proceed with the claims process. 

What Information Could Be Handled By The Courts?

As well as personal data such as your name, contact information (phone numbers and email addresses) and postal address, depending on the nature of any given case, courts can hold sensitive information known as special category data, which is personal information relating to race and ethnicity, sexual orientation, trade union membership or your health which needs added protection. Importantly courts can also handle criminal offence data, which the UK GDPR gives extra protection to.

Data breaches can occur via human error, intentional disclosure and cyber attacks. Examples of how a data breach at a court could potentially occur are listed here:

  • An inadequately trained staff member threw court case files out with the general waste. This resulted in unauthorised parties gaining access to personal and special category data.
  • Online court file databases had a vulnerability that was exploited by hackers who stole not only files containing personal data but also criminal offence data.

How Are Data Breach Claims Valued?

Successful data breach claims will be awarded compensation. There are two types of damage that compensation can be awarded for in a data breach claim. Material damage is the financial impact of a data breach, for example, if unauthorised parties acquire your credit card details and this causes financial losses, or you lose out on earnings due to time spent off work recovering from emotional distress caused by the breach. Non-material damage is any psychiatric harm you suffer due to your personal data being breached. Examples can include stress, depression or anxiety. 

Solicitors can refer to the Judicial College Guidelines (JCG), a publication that provides details of various types of harm and their guideline compensation amounts, to value your data breach claim. We have used a selection of entries from the JCG to compile our compensation table of non-material damage.

Compensation Table

It is important we emphasise we have provided the table below to act as guidance only. We cannot guarantee amounts. 

HarmSeverityDescriptionGuideline Amount
Psychiatric Damage GenerallySevere (a)Very poor prognosis with all aspects of life impacted.£54,830 to £115,730
Moderately Severe (b)Cases with a better prognosis but significant problems affecting daily life.£19,070 to £54,830
Moderate (c)Good prognosis with marked improvement in relation to factors such as employment, daily life and personal relationships.£5,860 to £19,070
Less Severe (d)Awards within this bracket will depend on the extent to which sleep and daily activity have been impacted and the length of the period of disability.£1,540 to £5,860
Post-Traumatic Stress DisorderSevere (a)Permanent effects that prevent the undertaking of any work and all aspects of life will be badly impacted.£59,860 to £100,670
Moderately Severe (b)Effects will cause significant disability but the prognosis will be better than the bracket above (a)£23,150 to £59,860
Moderate (c)This bracket is for cases where there has been a large scale recovery and any continuing effects will not be grossly disabling.£8,180 to £23,150
Less Severe (d)Cases where there has been a virtual recovery within two years and only minor symptoms will persist. £3,950 to £8,180

This table is only a guideline and does not include material damage. Contact our advisors to get a more specific estimate of the data breach compensation you could be entitled to. Use any of the contacts provided below to speak to one of our team. 

Start Your No Win No Fee Claim For A Breach Of Your Data

After speaking to an advisor and getting your potential claim assessed, our team could connect you with one of the specialist data breach solicitors from our panel if it is decided you have a valid data breach claim. Our panel can offer a type of No Win No Fee contract called a Conditional Fee Agreement (CFA).

When working with a solicitor under a CFA, there will not be a fee upfront for the solicitor to begin work on the case. Second, no solicitor fees during the claim. There will be no fee if the claim does not win.

Compensation will be awarded for successful data breach claims. This can be for material damage, non-material damage or both. The solicitor will take a legally capped percentage of the compensation amount as their success fee. This cap means you get to keep the majority of any compensation awarded to you.

To get more information about data breach claims against a court, an assessment of the validity of your potential claim free of charge or to ask any questions about the content of this guide, you can talk to our advisors. Use any of the below contact details to speak to one of our dedicated team: 

  • Call the team on 0161 696 9685
  • Complete our “contact us” form here.
  • Click the live chat button on this webpage.

Learn More About Data Breach Claims Against A Court

See more of our data breach claim guides

Other helpful resources

We appreciate you taking the time to read our guide on data breach claims against a court. Our dedicated team can offer more advice on starting a data breach claim and provide an assessment of your specific circumstances free of charge. To talk to an advisor, use any of the contact details listed above.