Fourth anniversary of the GDPR – have things changed?

Last month saw us marking the fourth anniversary of the GDPR. As leading data breach compensation lawyers, we ask: have things changed?

Given the number of events that have taken place in recent times, it seems that much more still needs to be done to safeguard personal information. We represent thousands of people for cases now on a No Win, No Fee basis, which shows that breaches are still taking place at a monumental rate.

The fourth anniversary of the GDPR

The fourth anniversary of the GDPR marks another milestone in the betterment of data protection legislation here in the UK. This is important given that the world continues to become more digitised, and we expect that this will continue. Our laws in this area must continue to evolve to make sure that we are all protected from information misuse and from the growing threats of cybercrime.

The GDPR is also a powerful tool in our legal arsenal when we are claiming compensation for anyone who has suffered due to the misuse or exposure of their personal intimation. The GDPR can be clearer in helping people to be able to succeed with a claim for compensation, allowing us as lawyers to fight for the victims’ rights to justice.

Have we seen much in the way of change?

There has certainly been a great deal of change in the time between its inception and the fourth anniversary of the GDPR. All organisations are having to put in a lot more work to make sure that they comply with the law, which is designed to make sure that people’s information and their right to privacy is protected.

This should mean that our right to privacy is much better these days. The changes should also have made it easier for people to control the use of their information, and to access data about them. However, despite the clarity in terms of protecting information from cybercrime and avoidable leaks, we have seen a number of incidents that have resulted in the exposure of people’s personal information, with victims suffering as a result.

There have been quite a few events, but to name some of the big ones:

• The British Airways cyberattacks of 2018. You would think that in the year of the GDPR coming into being, when organisations where really focused on being prepared of the new laws, that a company as big as BA would have avoided being compromised. Instead, they were hacked.
• Ticketmaster cyberattack of 2018 is similar to the above, with some of the data theft taking place after the GDPR had come into force.
• The easyJet cyberattack of 2020 where millions of people’s data has been compromised. Two years on from the GDPR, how did this happen?
• The Virgin Media information exposure of 2020: how did a database end up exposed and accessible online in the GDPR era? Worse, how was it left unsecured for almost 10 months and it taking a third-party security researcher to identify the issue?
• The Watford Community Housing Data Breach was an avoidable email leak where a spreadsheet containing personal data was sent to residents. There is no excuse for this kind of lack of respect for people’s personal information.

Your Lawyers – The Data Leak Lawyers – as leading privacy claims experts represent thousands of people claiming compensation in the actions above. These events are examples that, despite the GDPR, too little has been done in some circumstances to adhere to the law.

Free, no-obligation advice

Even though we are passed the fourth anniversary of the GDPR, breaches, leaks and hacks continue to take place.

We are here to help.

For free, no-obligation advice about pursuing a claim for compensation, please do not hesitate to contact the team here now.

Data breach class action claims for compensation

Data breach victims receiving threats from hackers