Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
CC email data leaks, as we sometimes refer to them as, are events where personal details are exposed as a result of many people receiving an email where they can see the details of other recipients.
Victims of this kind of data breach could be entitled to pursue a claim for compensation with us a on a No Win, No Fee basis. There have been many over the years, and there was a recent one at the end of 2021 where The Midlands Partnership NHS Trust reportedly sent an email this way for people involved in a Covid vaccine trial.
Such incidents are often put down to human error and are sometimes dismissed as minor by the offenders, but they can actually have very serious consequences, as we will explain below.
What we define as CC email data leaks refers to when emails are sent to multiple recipients and the sender uses the “CC” function (“Carbon Copy” function) to send the same email to many different people. The problem with this is that this discloses the email addresses and sometimes the names of the other recipients, as email addresses can be tagged with names. Unless there is consent for those receiving the email to know each other’s identities and/or personal contact details, this can constitute a breach of privacy.
Two key points to press in the case of CC email data leaks are the use of proper ways to mass-communicate, and the context of the email. There are plenty of mailing platforms out there that people can use to send an email to hundreds, thousands, or even hundreds of thousands or millions of recipients with the click of a button. They have been around for years, and we have been using them for years as well. They can ensure that many recipients can receive the same email without seeing the details of the other recipients.
Even the use of the “BCC” function (“Blind Carbon Copy”) can be a dangerous and outdated method. As we said above, there are mailing platforms to use, and the BCC method risks accidental leaks when the CC function is used in error instead.
The second thing to note is the context of the email. If it is an email advertising an event to people who are customers of a retail company then this can still be a breach, as people may not want others to know their contact details. But this may be seen in law as a minor breach, although victims could still be eligible to claim. But if one of the recipients keeps their details very strictly confidential due to an abusive ex-partner, as an example, then this could mean the impact for them is worse, and this can then be taken into account. Or, as we will touch on below, if the recipients are all people receiving treatment for a private and sensitive medical status like HIV, the impact can be substantial.
Sometimes, when a data leak involves personal names and contact data, organisations guilty of the breach pass it off as a minor event. When you consider the context, it could be incredibly severe.
We have already touched on above that context is key, and referenced where a HIV status is leaked in an email. This happened in the 56 Dean Street Clinic data leak of 2015 when almost 800 people, most of whom were service users for HIV treatment, received a generic email from the clinic using the CC function. We have settled a number of cases for victims of this particular data leak, which remains one of the most substantial to date.
Victims of CC email data leaks could be entitled to claim compensation and could be eligible to recover damages for any distress caused by the loss of control of their personal information. Context is key, as is the level of the impact on the victim. Generally speaking, the more a person suffers, the more their data breach compensation pay-out can be.
You could be eligible to benefit from No Win, No Fee legal representation as a victim of a data breach.
The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.