Legal help for data breach compensation claims

ICO take no further action: can I still claim?

Start Your Claim Today!

Your privacy is extremely important to us. Read how we handle your data in our Privacy Policy

If the ICO take no further action, does this mean that you cannot make a claim? What if no fine is issued, can you still claim then? What are your rights?

The short answer is that no further action from the ICO (Information Commissioner’s Office) doesn’t mean no ability to make a claim for you. Claims and fines are separate matters, and you could still be eligible for compensation either way.

As a leading firm of consumer action and data breach compensation experts, here’s the insight when it comes to ICO matters and your ability to receive compensation.

Claims and fines are separate

If a fine is issued, or if the ICO take no further action, it’s important to recognise that claims and fines are separate matters entirely anyway.

Money that’s recovered from financial penalties issued from the ICO is not intended to be used as compensation for the victims. The money will normally end up in the public purse. As such, the money can be a good punishment and a solid deterrent, but it doesn’t do much for the victims. For the victims themselves to receive some form of justice, they can make their own separate legal case.

And that’s what we do. We represent victims of a data breach who can make their own separate legal compensation case. Data breach compensation values are separate to any fines issued and can be based on the impact to you. You could be entitled to receive damages for the distress caused by the loss of control of your personal information, and this could be based on the nature of the data involved and the extent of the breach.

For example, when it comes to incredibly personal and sensitive cases like medical data breach claims, pay-outs can be substantial. You don’t have to have suffered any form of actual financial loss to be able to make a claim, but if you do incur losses and expenses, these can also be considered.

ICO take no further action: what can I do?

In terms of any complaint, if the ICO take no further action, you can still be eligible to make a claim for compensation.

The test in terms of whether you can claim or not is based on whether there has been some form of negligence, and how this has affected you. Sometimes, the ICO may take no formal further action by way of a fine, but this doesn’t mean that they do not consider the matter as a breach. They may have spoken to the organisation at fault and issued advice to them for making sure that it doesn’t happen again. As such, it may still be recognised that a breach has taken place, but no further or formal action doesn’t mean the end of the road for you as a victim.

Sometimes, it may not be beneficial to issue a fine or take matters further. This can especially be the case in what may be deemed as a minor and now resolved breach. If your information has been exposed or misused, you could still be entitled to compensation.

In a recent example, the University of Hertfordshire reportedly escaped further action and fines from the ICO for a data breach. It was another one of those email leak incidents where an attachment was sent in a mass email that contained the names and email addresses of around 2,000 students. The ICO issued advice to them and appear to have left it at that.

No fine does not mean no claim

In a situation where the ICO take no further action and no fine is issued after a data breach, this doesn’t mean that you cannot make a claim.

Our team can offer you free, no-obligation advice about whether you may be entitled to compensation. All you need to do is contact them today and we will be able to asses the case for you.

If we can take it forward, we can also offer No Win, No Fee options.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a call back from our team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.

First published by Matthew on May 12, 2020
Posted in the following categories: Claims GDPR ICO and tagged with | | | | | |

Impact of a council cyberattack
Hospital ransomware attacks: rights for victims