A big Newcastle City Council data leak occurred three years ago after the personal data of thousands of children and their adoptive parents was sent out in an accidental email attachment.
The email concerned a party invitation sent out to 77 people for the council’s adoption summer party, with the inclusion of an internal spreadsheet that should never have been seen by unauthorised eyes.
In a reason that has become all too common in recent council data leaks, human error was blamed for the incident. Indeed, as this explanation recurs and recurs, it raises questions about how much progress has been made in local government data protection. Further, in today’s turbulent times of coronavirus leading to us all having to adapt to a more remote way of working and living, what else needs to be done to rectify these issues.
Since the Newcastle City Council data leak
As exemplified by the Newcastle City Council data leak, local authorities are often in possession of social services data. This kind of sensitive information can make the effects of a data breach even more devastating due to the private matters that can be exposed.
In the email in this incident, the names, addresses and birthdates of the adopted children were reportedly revealed. This may have placed them in a significantly vulnerable position, particularly for any children who had their identities hidden for safeguarding and/or general wellbeing reasons.
In a similar breach late last year, an employee of Bristol City Council mistakenly exposed names and email addresses of children with disabilities and special educational needs. While this occurred at a different council, it is still distressing to think that councils appear to still be failing to learn from the mistakes of their counterparts; particularly after the introduction of the GDPR in 2018.
Another issue at Lichfield City Council was brought to light recently, stressing the issue of the unencrypted laptops used by councillors. This is a particularly worrying problem due to the fact remote working has become so common in the wake of the coronavirus outbreak. As such, not only are some councils failing to adapt to new data protection legislation, they are also struggling to adjust to the demands of current events.
Council data breach claims
Although the Newcastle City Council data leak was followed swiftly by the launch of a victims’ helpline and a promise to review data protection, sometimes these responses are not enough.
The GDPR can entitle victims of data breaches, even those caused by human error, to claim compensation for material and non-material damage. This means that victims could be compensated for any financial losses or expenses, as well as any emotional distress caused by a breach. This element could have been severe in the case of the Newcastle City Council data leak.
Claiming with The Data Leak Lawyers
If you wish to make a claim for a data breach, whether it occurred at a council or any other organisation, you can entrust your compensation claim to Your Lawyers – The Data Leak Lawyers.
We strongly believe in the importance of data protection, which is why we have forged a strong reputation in this niche area of law. It is unacceptable that these kinds of mistakes keep being made, so it is vital that we hold organisations to account for failing to follow basic data protection procedures.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.
First published by Matthew on February 24, 2021
Posted in the following categories: Claims Council Data GDPR Government ICO and tagged with compensation | council | council data breaches | data breach | data controllers | data leak | email leaks | gdpr | personal data