Stolen Device Data Breach Compensation Claims


Stolen Device Data Breach Compensation Claims

In this guide, we are going to look at claiming compensation for a stolen device data breach. By reading this guide, you will learn about how a device can be lost or stolen. You will also learn how this can affect you. Additionally, we will cover who could have a valid personal data breach claim if a device containing their data is stolen. 

Your claim may be based on a scenario that falls outside of the scope of this guide. You might have questions this guide doesn’t answer. You can still get these answers though. Please telephone and speak to a claim advisor on 020 3870 4868. Or message us via our contact form and we will call you back.

Select A Section:

What Is A Stolen Device Data Breach?

Many of us use a device such as a smartphone or a tablet daily. We also depend on devices such as USB memory sticks and external hard drives to store data. Organisations that collect your personal data (data controllers) store lots of information about you (data subject) on computers and digital files and databases. But what happens when devices stored with lots of personal information are stolen? Could this be deemed a data security breach?

Below, you will find information that will define what a stolen device data breach is. You will also find all of the information you need to decide whether you potentially have a claim for one.

What Laws Protect Data?

We have a public independent body in the UK known as the Information Commissioner’s Office (ICO). The remit of the ICO is to monitor compliance with data security and privacy laws. These laws include the Data Protection Act 2018 (DPA). As well as the UK version of the General Data Protection Regulation (UK GDPR).

Stolen Device Data Breach Statistic

Every year the UK Government carry out the Cyber Security Breach Survey. This year it was published March 2022. The statistics we have produced below are taken from the survey and based on: 1,243 UK businesses; 696 micro firms; 264 small firms; 149 medium firms; 134 large firms; 146 prof/sci/technical; 424 charities.

We have used figures showing the amount of staff using personally owned devices to complete work tasks. 

  • Businesses overall – 45%
  1. Micro firms – 46%
  2. Small firms – 42%
  3. Medium firms – 43%
  4. Large firms – 40%
  5. Within prof/sci/technical – 53%
  • Charities overall – 64%

What Devices Could Be Stolen?

The number of devices that organisations now use in this new technology era means that they are all vulnerable to being lost or stolen. Within the UK GDPR, one of the main 7 key principles is that any personal data collected about a data subject and handled by the data controller must be kept secure. We have listed some devices that have the potential to be stolen:

  • A laptop or desktop computer.
  • A smartphone or tablet.
  • Some form of a digital storage device such as a USB drive, hard drive or a memory card.

All of these devices could contain personal data that could be put at risk if they are stolen. When making a claim for a stolen device data breach you will need to show how the party who had their devices stolen was liable for the data breach. In many cases, this will mean showing how they failed to adhere to data protection laws.

How Could You Be Affected By A Stolen Device Data Breach?

There are many types of data that are stored on digital devices by organisations. But not all of it is protected by law and could become the basis of a claim for a stolen device data breach. Below, we have explained some of the data that is protected.

  • Special data – that tells something about you. Your religion, race, information about how you identify as a gender, and trade union memberships are an example.
  • Personal data – that can be used to identify you and is somewhat unique. For example, financial information about your bank account, debit card or credit card information. As well as personal data such as your phone number, date of birth, email address, address, and name.

If data such as this is exposed to unlawful use or access due to a device being stolen, a claim may be possible. Call and speak to one of our advisors for further help and advice.

Protecting Devices

Organisations when adhering to data protection laws will need to ensure that any personal data that is handled is kept safe. This means physical files and digital ones too. Therefore training staff on data awareness and principles of the UK GDPR is vital.

Human error is one of the leading causes of data breaches and therefore training staff on the importance of keeping their devices safe and locked away is of the utmost importance.

Options such as this would minimise the risk of a device being stolen. However, it could still be possible to make a claim for lost device data breaches when a data controller is liable for the personal data breach.

How To Sue For A Stolen Device Data Breach

If you believe that you have become the victim of a stolen device data breach, then there are steps you can take to help strengthen any claim you may think you have.

First, you can contact the organisation that you think is at fault. You can request to be informed about a data breach and how it has had an effect on your data.

Second, you might want to try reporting the data breach to the ICO. Keep in mind that the ICO will only likely follow up on a complaint about a data breach if the last time you spoke to the third party about the breach was less than three months prior.

For free legal advice about a personal data breach claim or just information on the steps to take when gathering necessary evidence please give our claim advisors a call. They will be able to help you further with this.

Stolen Device Data Breach Compensation Calculator

A precedent was set for claiming non-material damages due to a data breach, even though no financial loss was incurred, in the case Vidal-Hall and others v Google Inc. It was heard at the Court of Appeal in 2015.

We can’t give you an average compensation amount for a stolen device data breach claim. Each claim is unique. However, by using the guidelines referenced by the legal system, and produced by the Judicial College, we made the table below. It shows data breach compensation ranges for mental injuries.

Psychological Injury Information How Bad? Damages
PTSD (Post Traumatic Stress Disorder) An individual suffering from severe PTSD will be severely affected by it and will be unable to function normally. Severe £59,860 to £100,670
PTSD (Post Traumatic Stress Disorder) An individual with PTSD will have a significant impact on their lives. For any recovery professional help will be needed. Moderately Severe £23,150 to £59,860
PTSD (Post Traumatic Stress Disorder) There will be a good prognosis with professional help but significant issues at the beginning. Moderate £8,180 to £23,150
PTSD (Post Traumatic Stress Disorder) It would take two years to recover from PTSD almost completely. Less Severe £3,950 to £8,180
Psycholgical Injuries An individual who suffers from a severe mental illness will have difficulty with work, home life, education, etc. The prognosis is poor. Severe £54,830 to £115,730
Psycholgical Injuries The sufferer may have significant challenges with their ability to work, their relationships, etc. Moderately Severe £19,070 to £54,830
Psycholgical Injuries In spite of mental health concerns initially, the chances of a good recovery for the sufferer are high. Moderate £5,860 to £19,070
Psycholgical Injuries In this category, compensation will be based on how much mental harm the patient suffered and for how long. Less Severe £1,540 to £5,860

Material damages, that reimburse financial losses caused by the data breach, may also be available. These must be proven by providing documented evidence of the losses. These can be past losses, or predicted losses. Speak to one of our claim advisors to find out what type of damages you may be able to claim for.

Begin A No Win No Fee Personal Data Breach Claim

No Win No Fee solicitors can process data breach claims. Using such a legal service, means you won’t need to pay any upfront or ongoing fees. You only pay if the claim is resolved successfully. Then you pay the lawyer a modest success fee. If the claim has not been a success, your lawyer won’t be paid a fee at all.

Do you have additional questions about making a compensation claim for a stolen device data breach? Our claim advisors can help with this. Use the information below to get in touch with one of them. They will offer you any additional assistance you require.

Phone: 020 3870 4868

Contact form and webchat

Check Your Rights After A Data Breach

More useful links.

Cyber Security Data Breach Survey 2021

Your Data Protection Rights Explained 

Your Data Related Human Rights

Some of our other data breach guides.

Could You Claim For Stress Due To A Data Breach?

Data Subject Rights Following A Breach Of Data Protection

Lost Medical Records Compensation Claims

Writer CE

Checked by IE.