Compensation Claim for Bank Exposing Balance to Colleague
Options
Comments
-
82.1 GDPR
Any person who has suffered material or non-material damage as a result of an infringement of this Regulation shall have the right to receive compensation from the controller or processor for the damage suffered.
For the damage covered. So, what is the damage?On the one hand it somehow feels inadequate and I'd have expected something a little more substantial
For an extremely minor breach, it is seems more than adequate.If I rejected this offer and went to the Ombudsman, would I be likely to be awarded something more substantial? Or is £250 fairly typical in these issues?
£100-£250 is the dominant range of FOS awards.I am an Independent Financial Adviser (IFA). The comments I make are just my opinion and are for discussion purposes only. They are not financial advice and you should not treat them as such. If you feel an area discussed may be relevant to you, then please seek advice from an Independent Financial Adviser local to you.0 -
Case law has established that distress alone is grounds for compensation when data protection laws have been breached.
Vidal-Hall v Google Inc
TLT v Secretary of State for the Home Department.82.1 GDPR
Any person who has suffered material or non-material damage as a result of an infringement of this Regulation shall have the right to receive compensation from the controller or processor for the damage suffered.
When actual distress has been caused, which would have to be proven in court. It's not an automatic entitlement just because a breach has occurred.0 -
When actual distress has been caused, which would have to be proven in court. It's not an automatic entitlement just because a breach has occurred.
I never said it was automatic. The fact it's distressed OP has been acknowledged by the bank."Real knowledge is to know the extent of one's ignorance" - Confucius0 -
When actual distress has been caused, which would have to be proven in court. It's not an automatic entitlement just because a breach has occurred.
And the case law talks about "distress", not being a bit embarrassed or quite annoyed.
After all, in this case a former colleague got to find out about four transactions on an account. I wouldn't be pleased about that, but it would take a lot more than that to cause me "distress".
I think a sense of proportion is needed.
If I were offered £250 in such a situation I'd snatch their hand off before they changed their minds.0 -
Let's hope your colleagues not reading this.....
Now that would be embarrassing.0 -
veryintrigued wrote: »Let's hope your colleagues not reading this.....
Now that would be embarrassing.
To whom is that comment meant to be directed?0 -
And the case law talks about "distress", not being a bit embarrassed or quite annoyed.
After all, in this case a former colleague got to find out about four transactions on an account. I wouldn't be pleased about that, but it would take a lot more than that to cause me "distress".
I think a sense of proportion is needed.
If I were offered £250 in such a situation I'd snatch their hand off before they changed their minds.
You're making a distinction that is purely semantic. Being embarrassed or annoyed would be encompassed within distress. If you check the Google case, it's actually rather trivial stuff. Someone seeing some ads because of cookies. It seems thinner skins can to taken into account.
The new statute doesn't make reference to distress or anxiety, it just includes "non-material" damage.
I very much doubt a judge would view the £250 as unreasonable. I was merely establishing that where data protection breaches occur, damages are not limited to financial loss."Real knowledge is to know the extent of one's ignorance" - Confucius0 -
Do we know that the information provided enabled the individual to be identified, or was it the case the individual was identified by the fact the colleague knew it was his old phone?0
-
You gave them a number that was never secure in the first place.
There is zero expectation of that you'd have sole access to that number from day one.0 -
You gave them a number that was never secure in the first place.
There is zero expectation of that you'd have sole access to that number from day one.
Seems a rather facile argument. They notified the bank of the change of number. Even landline numbers are recycled. Likewise, for addresses, people move house."Real knowledge is to know the extent of one's ignorance" - Confucius0
This discussion has been closed.
Categories
- All Categories
- 343.3K Banking & Borrowing
- 250.1K Reduce Debt & Boost Income
- 449.7K Spending & Discounts
- 235.3K Work, Benefits & Business
- 608.1K Mortgages, Homes & Bills
- 173.1K Life & Family
- 248K Travel & Transport
- 1.5M Hobbies & Leisure
- 15.9K Discuss & Feedback
- 15.1K Coronavirus Support Boards