data breach claims

Has Google put your privacy at risk?

Last week, Google admitted giving hundreds of firms access to your Gmail inbox. Our data breach solicitors look at what happened, and what you can do to protect your data.

In a letter to lawmakers in the US, the multinational technology giant said that third-party developers could both access and share data from Gmail accounts. This means that hundreds of apps (and their human employees) might be able to read your messages and share data from your inbox. Often for marketing purposes.

Google says that it thoroughly vets any third parties that are granted access. But this revelation is bound to concern anyone worried about their data privacy. Especially following the Facebook/Cambridge Analytica scandal.

In a letter, first published in the Wall Street Journal, Google’s head of US public policy revealed that: “Developers may share data with third parties so long as they are transparent with the users about how they are using the data”.

However, our data breach solicitors are very concerned about this revelation. And, in particular, how it impacts users in the UK. And there are fears that the process of sharing data is not compliant with the Data Protection Act (the UK’s interpretation of the GDPR).

At Hayes Connor, we are very worried that data protection regulation has been breached and will be seeking urgent clarification on this matter. If we find that Goggle has put the privacy of its UK customers at risk, our data breach solicitors may launch a group action compensation claim against the company.

What should you do now?

According to Google, you have options around how you grant access to apps. However many people may not be aware that they’ve given apps such access to their accounts.

If you are in any way concerned it is vital that you review your Gmail permissions immediately.

To do this:

  1. Select “Account” from the app menu in the top right-hand corner of your Gmail account
  2. Under “Sign in & Security, click on “Apps with account access”
  3. See the apps which you’ve given access to since you created your account
  4. Select ‘Manage Apps’ to review in more details
  5. If you see an app you don’t trust, you can block it by clicking “Remove Access.”

Only a year ago, Google pledged to protect its user’s privacy and prohibit email scanning. And, while Google has itself stopped scanning Gmail users’ email, this latest revelation is bound to cause distress.

Industry experts have called the practice a “dirty secret” while other security experts are surprised that Google permits this practice. Especially when considering the recent increases in data breaches.

If you are in any way concerned we would encourage you to report this issue to the ICO for further investigation. You can do this here.

You call also (securely) register your data with Hayes Connor Solicitors, and we will keep you updated as the outcome of any investigation into this matter.

REGISTER HERE

data breach solicitors
, ,

Can you claim compensation for the Police Federation data breach?

Last month, the Police Federation of England and Wales (PFEW) admitted that it suffered a severe data breach across a number of its databases. This data privacy violation happened as a result of a ransomware cyber-attack. A criminal investigation has now been launched into the Police Federation cyber-attack.

What happened in the Police Federation data breach?

In a Twitter statement, posted on 21st March, the PFEW said: “We can confirm we have been subject to a malware attack on our computer systems. We were alerted by our own security systems on Saturday 9 March. Cyber experts rapidly reacted to isolate the malware and prevent it from spreading.”

The statement also included a press release with more information about the attack. You can read this in full here.

However, people were soon pointing out that the PFEW took 12 days to inform its members about the attack. And the way some members found out was also questioned.

 

“So this happened on 9th March and it is only now the 21st March that you tell your paying members?? Absolutely disgraceful handling by the federation.”

@RonanDonohue1

“I’d rather my OH not be told via a press release, but direct contact from federation! Press releases are for the public not the potential victims”.

@lucycdoyle

“So if the attack was discovered on 9th March, why did it take 12 days to alert everyone? I assume you have reported your data breach to the information commissions office?”

@ RPUSC2

“Members are always last to find out. Why has it taken over 11 days to inform your members…”

@CopsAgainstXtr

 

What information was exposed in the PFEW data breach?

The names, email addresses, National Insurance numbers, ranks and serving forces of around 120,000 police officers may have been exposed. The breach affects officers at all levels up to the rank of chief inspector.

Also, any guests who stayed at the PFEW conference and hotel facilities in Leatherhead between 1 September 2018 and 9 March 2019 may also have had their financial details (credit card number and expiry date) put at risk.

In addition, the PFEW claims case management system has also been compromised. So any members who requested PFEW assistance for any investigation, inquiry or complaint could have had their name, address, National Insurance number, and bank details accessed.

However, the PFEW claims that there is no evidence at this stage that any data was extracted from PFEW’s systems, although this cannot be discounted.

Local Federation branches have not been affected.

How is the PFEW ransomware attack impacting police systems?

Ransomware is a type of malicious software. Typically cybercriminals use ransomware to threaten to publish the victim’s data, or to block access to it unless a ransom is paid. Ransomware attacks are becoming more widespread.

As a result of this ransomware attack, the PFEW has suffered severe disruption to services. Backup data was also deleted. Indeed, following the breach the PFEW has made the “difficult decision” to cancel its national conference in June. A statement on Twitter read:

“Experts in business recovery estimate it takes 4 – 6 months to recover from a cyber-attack and with annual conference due in 9 weeks it would not be possible to deliver this on time.”

Can you claim compensation for the Police Federation data breach?

The Information Commissioner’s Office (ICO) is aware of the situation. However, while it has the power to impose hefty fines on organisations who fail to meet their data protection requirements, the ICO does not award compensation.

But, should the ICO find that the PFEW did not meet its data protection requirements, you could have a claim for compensation.

Indeed, even if there is no immediate evidence that personal and sensitive data was successfully extracted from PFEW systems, that doesn’t mean that there will be no impact on those officers affected. In many data breach cases it can take months for the full implications and losses to become apparent. We have seen instances where the financial losses only start to occur three to six months later. This is often because data stolen is used in batches over time.

What’s more, simply knowing that your details could be in the hands of cybercriminals can lead to anxiety and distress. Experiencing a data breach can result in adverse life events such as having to move house or area, losing a job, relationship stress and separation, and dislocation from friends and family. All of which can lead to a diagnosable psychological injury. For police officers knowing that their personal information could be in the hands of criminals is bound to be even more distressing.

How to make a claim following the Police Federation data breach

At Hayes Connor Solicitors, we are experts in data breach cases. Committed to helping victims of data breaches and cybercrime to achieve the justice they deserve, we are now considering launching a no-win, no-fee group action to compensate victims of the Police Federation cyberattack.

Find out more about group actions.

 

By now those who have been affected should have been emailed. If you have received this email then you may be able to claim compensation once the matter has been investigated.

To ensure that you are fully informed and kept up-to-date, simply fill in our quick form and we will notify you about the investigation and your legal rights when making a claim.

REGISTER HERE

 

data
,

Disposing personal data? Do so carefully

With human error the leading cause of data breaches, the Information Commissioner’s Office (ICO) has produced a handy toolkit to help businesses communicate the importance of information security to staff.

At Hayes Connor, we’re sharing some of the tips included in this toolkit to raise awareness of the importance of this issue, and to help organisations across the UK improve their data protection processes.

Tip: All information you work with has value. Dispose of it carefully

The risk of not disposing data carefully

When personal and sensitive information is not disposed of correctly, it can fall into the wrong hands. As such, organisations of all kinds must make sure that they correctly destroy and get rid of any such data. Not least because where they don’t, they could face huge fines.

For example, in 2018 the Bayswater Medical Centre in London was found guilty of a serious data protection breach and fined £35,000 by the Information Commissioner’s Office (ICO) after it left highly sensitive medical records, registration forms and repeat prescription information unsecured in an empty building for a year and a half. The data was left on decks, in unlocked cabinets, on windowsills, and in bins. Find out more about this case.

Quick tips

  • Employers must understand the importance of data protection and make sure that strict policies and procedures are put place to ensure the safe disposal of information
  • Simply binning paper-based personal information is not good enough. Un-shredded documents left in the bin or thrown outside for collection could be stolen and used to commit identity theft or corporate fraud. Any organisation that doesn’t have and adhere to a corporate shredding policy could also be in breach of the GDPR
  • Likewise, confidential waste should always be properly disposed of and separated from regular recyclable waste
  • Electronic information held on hard drives and PCs must also be disposed of correctly. This can be done by a professional hard drive and media destruction service
  • In many cases, data breaches can be avoided by staff abiding by the data protection principles of their businesses. But it is up to employers to make sure that all staff receive regular data protection training to make sure they understand the potential consequences of breaching data protection laws.

Not just hackers

Data breaches are not just caused by cybercriminals. For more advice on how to keep your data safe, follow our #notjusthackers campaign on Twitter and Facebook.

Alternatively, if you have been the victim of a data breach or cyber fraud, find out how we can help you to recover any losses or give us a call on 0151 363 5895 to discuss your case in more depth.

police data breach
,

How to protect yourself following the PFEW data breach

The Police Federation of England and Wales (PFEW) has admitted to a severe data breach across a number of its databases. As a result, the personal information of some 120k police offices has been held to ransom. The data breach affects officers at all levels up to the rank of chief inspector.

If you have been affected by the PFEW data breach, you should have received an email to let you know. And, if you are worried about how this could impact you, here are some tips to help you stay safe.

  1. Understand the risk

To stay safe from cybercriminals you need to be digitally aware. Here is a quick summary to let you know what happened in this case:

  • The attack is thought to have impacted a number of PFEW databases. These include:
    • A database that holds the names, email addresses, NI numbers, ranks and serving forces of around 120,000 police officers
    • A booking system for the PFEW conference and hotel facilities in Leatherhead. Any guests who stayed at the facilities between 1 September 2018 and 9 March 2019 may have had their personal and financial details put at risk
    • The PFEW claims case management system. Members who requested PFEW assistance for an investigation, inquiry or complaint could have had their name, address, National Insurance number, and bank details accessed
  • A ransomware attack caused the breach. Ransomware is a type of malicious software. Typically cybercriminals use ransomware to threaten to publish data, or to block access to it unless a ransom is paid
  • There is no evidence that any data was extracted from PFEW’s systems, although this cannot be discounted at this stage
  • Local Federation branches have not been affected.
  1. Follow the advice given by the PFEW

The Federation has said that any officers concerned about fraud or lost data should contact Action Fraud. Advice can also be obtained from the National Cyber Security Centre.

A PFEW helpline is also available on 0800 358 0714. Opening hours are Monday to Friday 8am to 6pm, and Saturday and Sunday 9am to 3pm.

The PFEW website has the latest information and FAQs regarding this breach.

  1. Take steps to protect yourself

Those affected by the PFEW data breach should consider the following steps:

  • Inform the Information Commissioner’s Office (ICO) about your concerns
  • If you are concerned that your financial details have been compromised contact your bank/credit card provider immediately
  • You may also want to consider a credit freeze until you are confident that your details are safe
  • Report the scam to the police and contact Action Fraud for advice on what to do next
  • Keep an eye on your bank and credit card statements to see if there is anything you don’t recognise
  • Look out for any bills or emails showing goods or services you haven’t ordered
  • Let the credit reference agencies know of any activity that was not down to you
  • Register with the Cifas protective registration service. This will slow down credit applications made in your name with additional verification checks made to ascertain that the applicant is actually you
  • Beware of fraudsters who attempt to gather additional personal information (phishing)
  • Change your passwords on all your accounts.

For more advice on how to keep your data safe, follow us on Twitter and Facebook.

  1. Understand the possible impact the data breach could have on you

Unfortunately, while the Federation claims that the risk to data is low, in many data breach cases it can take months for the full impact and losses to become apparent.

We have seen instances where the financial losses only start to occur three to six months later. This is often because data stolen is used in batches over time.

What’s more, simply knowing that your details could be in the hands of cybercriminals can lead to anxiety and distress. Experiencing a data breach can result in adverse life events such as having to move house or area, losing a job, relationship stress and separation, and dislocation from friends and family. All of which can lead to a diagnosable psychological injury. For police officers knowing that their personal information could be in the hands of criminals is bound to be even more distressing.

So, as well as taking steps to keep your information and finances safe from further attack, it’s also worth keeping an eye on your state of mind and seeking help if you are distressed or worried about the data privacy violation.

  1. Claim for compensation

If you have suffered damage or distress caused by an organisation breaching any part of the Data Protection Act, you have a right to claim compensation.

In most cases, data breaches happen because of a failure to implement reasonable and robust processes. So claiming compensation isn’t just in your best interests, it is often the only way organisations will be persuaded to take their responsibilities seriously and make the necessary improvements.

Committed to helping victims of data breaches and cybercrime to achieve the justice they deserve, we are now considering launching a no-win, no-fee group action to compensate victims of the PFEW data breach and cyberattack.

To ensure that you are fully informed and kept up-to-date about this action, simply fill in our quick form and we will notify you about the investigation and your legal rights when making a claim.

REGISTER HERE

 

data breach fine
,

What do you need to know about the Bounty pregnancy club personal data breach?

In what is being called an “unprecedented” data breach case, the Bounty pregnancy club has been fined £400,000 after it illegally shared the personal information of more than 14 million people.

What happened in the Bounty pregnancy club data breach case?

Bounty is a pregnancy and parenting support club. It provides free samples, vouchers and guides to new parents and expectant mothers. These parents can sign up through its website and mobile app, and are even directly recruited on maternity wards.

In a shocking breach of trust, between June 2017 and April 2018 the Bounty pregnancy club shared approximately 34.4m records with 39 organisations – without its users’ permission.

The data shared was sensitive and included information about potentially vulnerable new mothers, mothers-to-be, and very young children.

According to the Information Commissioner’s Office (ICO), this data sharing appears to “have been motivated by financial gain”.

Commenting on the data breach, the ICO’s director of investigations said: “Such careless data sharing is likely to have caused distress to many people, since they did not know that their personal information was being shared multiple times with so many organisations, including information about their pregnancy status and their children.

“The number of personal records and people affected in this case is unprecedented in the history of the ICO’s investigations into data broking industry and organisations linked to this.”

While Bounty’s managing director has admitted fault, and ended the company’s relationships with data brokerage companies, he has not apologised for Bounty’s actions.

Has the Bounty pregnancy club been fined?

Yes. But not as much as you might think. In fact, while the fine is still among the highest ever issued, the breach happened under the UK’s old data protection laws and before the introduction of the European general data protection regulation (GDPR). This caps the potential fine at £500,000. Under the new data protection regime, the maximum fine for a company of Bounty’s size is now €20m (£17m).

What’s more, while the ICO has the power to impose fines for data breaches, it doesn’t award compensation to victims. However, many of these victims could go on to suffer distress at finding out their data has been manipulated in this way; especially as it includes information about young children.

Claim for compensation for the Bounty pregnancy club data breach

If you have suffered damage or distress caused by an organisation breaching any part of the Data Protection Act, you have a right to claim compensation. And crucially, you can make a compensation claim if you have struggled emotionally following a data breach, even if you have not experienced any financial loss.

Some people would have us believe that claiming for distress is an overreaction. That your physiological suffering and anguish doesn’t matter. You might hear friends and family saying that, while it is acceptable to claim compensation for any financial losses, you should put up with any anxiety caused by having your information sold in this manner.

But being the victim of a data breach can have a substantial impact on you mentally and physically. For some people, the effects can include a lack of sleep, feeling ill, unsettled or confused. So why shouldn’t you seek compensation for a failure to look after your information correctly? Especially when it included data about young children.

If you are worried that your trust has been exploited and the Bounty pregnancy club has breached your data, contact us to find out how we can help.

For more advice on how to keep your data safe, you can also follow us on Twitter and Facebook.

,

Police gangs database breached data protection laws

A Metropolitan Police database of suspected gang members has seriously breached data protection laws. That’s the findings of an investigation by the Information Commissioner’s Office (ICO).

What is the Gangs Matrix?

The Gangs Matrix was set up following the 2011 London riots. It contains the names and personal details of thousands of people. According to the Met, these individuals either pose a risk of committing gang violence, or of becoming victims.

In total, the matrix holds details of around 3,500 people, some of who are as young as 12. It stores their full name, date of birth, home address, and information on whether someone is a firearms offender or a knife carrier. Also, each individual is allocated a green, amber or red rating indicating their apparent risk of violence.

There are a significant number of children and vulnerable individuals on the list.

What was the problem with the Gangs Matrix?

Concerns were raised that the matrix violated human rights. Not least because young black men and boys made up more than three-quarters of the list.  What’s more, the Guardian newspaper found that in one London borough, 40% of young people on the list had “zero” risk of causing harm.

In response, the ICO undertook a review of the database.

What did the ICO find?

While the ICO acknowledged the severity of gang crime, its investigation into the police database found that a failure to adhere to data protection principles potentially caused “damage and distress” to the disproportionate number of black men on it.

According to the ICO, some boroughs also operated informal lists of people who no longer met the criteria for being on the matrix. This meant that the police continued to monitor people that intelligence indicated were not gang members.

Also, data on the list was inappropriately shared with other public bodies such as local councils, housing associations, and education authorities. And there was no guidance on how this data should be used. As a result, people faced sanctions relating to housing, jobs and other public services. The Information Commissioner said that: “simply being on this database could lead to denial of services and other adverse consequences”.

The investigation also found that the matrix failed to distinguish between victims of crime and offenders, leading to confusion among officers.

Amnesty International welcomed the report stating that: “The investigation by the Information Commissioner’s Office confirms a lot of our own findings into the gangs matrix: namely, that it is currently not fit for purpose”.

What was the outcome of the investigation?

The Metropolitan Police force was ordered to radically reform the matrix.

The ICO’s recommendations included:

  • Conducting an impact assessment on the Gangs Matrix
  • Ensuring people are clearly identified to distinguish between victims of crime and suspects
  • Improving guidance to explain what constitutes a gang member
  • Removing people from the matrix where necessary
  • Erasing any informal lists of people
  • Conducting a full review to establish how information on the list is being shared and used
  • Developing guidance setting out how information on the list can be used
  • Training officers and staff who have access to and use the database
  • Putting more robust data security systems and access restrictions in place.

The Met said it accepted the findings and was working to address them. The ICO also launched a separate investigation into how police information was being used by other public bodies, such as local councils.

However, concerns have now been raised about Concern Hub – a new criminal database similar to the Gangs Matrix. Not least because information gathered by Concern Hub will be shared with other agencies.

A spokesperson for Amnesty International said: “Any police database being developed must comply with human rights standards and conform to data protection laws and needs to be far more than a rebrand of the deeply problematic Gangs Matrix”.

What can you do if you have suffered because of the Gangs Matrix?

It is the job of the police to protect us, and in a digital society that also means protecting our data. However, where this trust is being undermined, it is vital to hold them to account.

According to the ICO, problems with the Gangs Matrix go back to 2011 and created a plausible risk to this data.

There is also real concern about the impact on its mainly black and ethnic minority data subjects (people on the database). And, while the investigation focused on London, this issue could be more widespread.

If you have suffered damage or distress caused by the Gangs Matrix you have a right to claim compensation. To find out how we can help you recover any losses, give us a call on 0151 363 5895 to discuss your case in more depth.

Find out more about how we are helping to reduce the impact of police data breach violations. Or, for more advice on how to keep your data safe, follow us on Twitter and Facebook.

VICTIMS
,

Businesses must invest in cyber insurance to protect victims of data breaches

It’s almost impossible to pick up a newspaper or turn on the television without finding out about how some big company has been hacked. But, while it might seem that data breaches are a new and pressing concern, the issue of how to maintain the integrity of information stored on computers is nothing new.

In fact, in a recent article by the Financial Times, the author shares how, as far back as 1979, economist (and former CIA analyst), Mark Skousen published the ‘Complete Guide to Financial Privacy’. In this book, he warned about the relentless collection of information and the need to recognise the need to protect against “unwarranted intrusion into sensitive information”.

Fast forward to today, and as the FT article states, “there is no company or product that doesn’t have cyber risk attached to it.”

The impact of data breaches on business

A data breach can be devastating for victims. And, at Hayes Connor, every day we hear about how privacy violations are causing misery and upset to people across the UK. Crucially, in most cases, these breaches aren’t caused by scammers trying to hack big businesses, but by simple human errors.

But it’s not just victims of data breaches that suffer long-term effects following a cyber problem. Organisations of all types and sizes can also find it difficult to recover.

Here are just some of the possible consequences faced by companies that fail to keep their data safe:

  • Loss of time and money due to having to repair affected systems and disruption to trading
  • Loss of reputational damage and sales (lack of trust from current and potential customers)
  • Loss due to the legal consequences of a data breach (e.g. fines, legal fees and compensation payments)
  • Loss of competitive advantage due to the theft of trade secrets or copyrighted material
  • Having to pay fraudsters (cyber extortion)
  • Rises in insurance premiums.

Worryingly, according to the latest statistics, almost 30 million cyber-related crimes were launched in the last quarter of last year.[1] And nearly half of all UK businesses fell victim to cyberattacks or security breaches[2].

43% of UK organisations surveyed had experienced a cyber security breach or attack in the last 12 months

  2018 Cyber Security Breaches Survey

Standard insurance policies do not cover cyber risk

Despite the rise in cybercrime, many UK organisations are still failing to insure themselves against the threat of a data breach. In fact, according to the article in the FT, only 9% of UK companies are said to have specific cyber insurance. Standard insurance policies do not cover cyber risk.

When it comes to data privacy violations, it is clear the problem isn’t going away. And with prevention better than cure, as well as improving security processes and IT governance, every business, regardless of size or ownership, must now consider cyber insurance. Because if a data breach claim is made against a company, and it is found liable for data privacy errors, the consequences of not being covered could be catastrophic.

The impact on individuals

The introduction of the General Data Protection Regulation (GDPR) in May 2018 coincided with a significant increase in reported data breaches. So the GDPR has created greater public awareness about individual rights.

Indeed, at Hayes Connor, we are currently dealing with over 200 enquiries per month from consumers. Complaints range from the inappropriate use of email to the deliberate or inadvertent disclosure of sensitive, financial, and medical information to third parties.

We’ve seen cases where experiencing a data breach has resulted in adverse life events such as having to move house or area, losing a job, relationship stress and separation, and dislocation from friends and family. All of which can lead to a diagnosable psychological injury.

In most of these cases, the victim of the data breach will have tried to engage with the organisation that has committed the violation and been either rebuffed or provided with a wholly inadequate excuse. In almost all cases the organisation at fault fails to recognise the damage caused by the breach and loss.

Often this failure to provide adequate redress to the victims of data breaches comes from fear. Fear that giving proper compensation could put an organisation out of business. But, with the right insurance in place – alongside improved data security processes – both companies and individuals would be better protected.

Leading by example

At Hayes Connor, we want to reduce the number of data violations taking place across the UK. To do this, we are helping to raise awareness of this issue and educating people and businesses to prevent similar mistakes from happening.

For more advice on how to keep your data safe, follow our #notjusthackers campaign on Twitter and Facebook.

Alternatively, if you have been the victim of a data breach or cyber fraud, find out how we can help you to recover any losses or give us a call on 0151 363 5895 to discuss your case in more depth.

[1] Kaspersky

[2] 2018 Cyber Security Breaches Survey

data breach
,

Out of office. Think before you do

With human error the leading cause of data breaches, the Information Commissioner’s Office (ICO) has produced a handy toolkit to help businesses communicate the importance of information security to staff.

At Hayes Connor, we’re sharing some of the tips included in this toolkit to raise awareness of the importance of this issue, and to help organisations across the UK improve their data protection processes.

Tip: All information you work with has value. Think before you take it out of the office.

The risk of mobile working

When personal and sensitive data is retained in offices, it’s easier to keep it safe and prevent unauthorised access. But today, more and more employees are enjoying the benefits of mobile working and this comes with additional data security risks.

For example, in a recent case, we saw the impact of what can happen when an individual’s personal information was left on a train by their solicitor. Following this shocking data breach, the woman suffered severe psychological effects including stress, anxiety and trauma.

Quick tips

  • Employers must understand the importance of data protection and make sure that strict policies and procedures are put place to ensure the safe processing of information – both in and out of the office.
  • In many cases, data breaches can be avoided by staff abiding by the data protection principles of their businesses. But it is up to employers to make sure that all staff receive regular data protection training to make sure they understand the potential consequences of breaching data protection laws.

Not just hackers

Data breaches are not just caused by cybercriminals. For more advice on how to keep your data safe, follow our #notjusthackers campaign on Twitter and Facebook.

Alternatively, if you have been the victim of a data breach or cyber fraud, find out how we can help you to recover any losses or give us a call on 0151 363 5895 to discuss your case in more depth.

data breach
,

What can you do if you are a victim of tech abuse?

The Victoria Derbyshire programme has highlighted how domestic abusers are using technology to stalk, trap, control, isolate and hunt down their victims.

Sharing her experience, domestic abuse survivor Ellen said how her ex-husband tracked her down after she had moved to a secure refuge in a new town by hacking into her Gmail account and accessing her diary. Although her ex is no longer tracking her movements, the experience is still affecting Ellen physiologically.

Watch Ellen share her experience here.

Speaking to the BBC programme, Refuge – a charity that supports women and children experiencing domestic violence – said that 95% of the cases they see involve tech abuse.

How are abusers using technology?

In some cases, abusers sow location trackers into the linings of a child’s coat or toy in a bid to keep track of their ex-partner’s movements. Also, the charity says that it has found “a rise in the number of women whose children’s IPads, Xboxes and PlayStations have been hacked by the perpetrator to gain full access to their accounts.”

Other common abuse includes hacking email accounts, using social media channels as tools to harass and stalk, monitoring calls and messages, exploiting phone tracking software, and installing cameras around the home.

Are you experiencing tech abuse?

In some cases, people might not know that they are the victim of tech abuse. To help identify the problem, Refuge as provided a quick checklist on its website. People who answer yes to these questions may be experiencing domestic violence.

This includes things like:

  • Has your partner/abuser threatened to share any information about you online
  • Does your partner/abuser seem to know about conversations that you have had without being present?
  • Does your partner/abuser know your whereabouts or turn up unexpectedly wherever you go?
  • Does your partner/abuser stalk and harass you via social media?
  • Has your partner/abuser installed any apps such as ‘find my iPhone’ onto your device?

You can see the list in full here.

What can you do to protect yourself from tech abuse?

Refuge also provides a range of helpful guides and tips for domestic abuse survivors. These include:

  • Technology safety quick tips
  • How to document tech abuse (this is critical for a number of reasons, including if you ever want to pursue legal action)
  • An iPhone privacy and safety guide
  • Tips on how to stay safe on Facebook and Twitter
  • Advice on how privacy could be compromised on online gaming platforms (and what to do to stop this from happening)
  • A guide on spyware and surveillance tools and how breached privacy and security can be re-established
  • A guide on how to create a technology safety plan
  • A list of questions and considerations to go through when looking at using apps
  • A guide to how home devices can be used to facilitate tech abuse.

You can access all of these resources here.

For more advice on how to keep your personal data safe, you can also follow us on Twitter and Facebook.

The tech abuse and empowerment service

Refuge has launched a nationwide tech abuse and empowerment service to support women who have had technology used against them as a weapon of domestic abuse. The service was created to empower survivors so they can use technology positively and safely. You can find out more about this service here.

Taking legal action following tech abuse

In some cases, taking legal action is necessary to end cyberstalking, cyberabuse and harassment. And, if someone is convicted of a cybercrime against you, as well as putting measures in place to stop the unwanted behaviour, the court may also order them to pay you compensation. Where the authorities are not interested, we can assist with a private prosecution.

It’s also possible to take legal action where poor data security processes have allowed someone to access your personal information and carry out tech abuse against you.

If you have been the victim of tech abuse give us a call on 0151 363 5895  or complete our contact form to discuss your case in more depth. Our sensitive, expert team is on hand to answer any questions you might have.

 

data breach compensation
,

Government admits Windrush data breach

In a serious breach of data protection laws, the Home Office has admitted that an administrative error has exposed the email addresses of hundreds of Windrush migrants. These recipients had all signed up to be kept informed about the Windrush compensation scheme which was launched last week.

Immigration Minister Caroline Nokes has apologised for the Windrush data breach data breach, and the matter has been referred to the Information Commissioner’s Office (ICO).

Windrush generation compensation scheme

Today, an estimated 500,000 people are living in the UK who arrived between 1948 and 1971 from Caribbean countries. Many were given indefinite leave to remain. These workers have been called the Windrush generation in reference to a ship which brought people to the UK.

However, despite living and working in the UK for decades, many children of these citizens were subsequently told to leave because of a lack of official paperwork. Many travelled on their parents’ passports.

And, without documentation, changes to immigration law in 2012 resulted in many people being held in detention or made to leave the UK.

Following a backlash, the government has since apologised for the “appalling” way these people have been treated. And, a scheme was launched to help those who experienced a loss because they could not demonstrate their lawful right to live in the UK.

The government is expected to pay up to £200m in compensation to people who suffered after being wrongly classified as illegal immigrants. According to the home secretary, there is no cap on the fund.

Windrush data breach

In a written statement, the Immigration Minister said: “Regrettably, in promoting the scheme via email to interested parties, an administrative error was made, which has meant data protection requirements have not been met, for which the Home Office apologises unreservedly.

“This occurred in emails sent to some of the individuals and organisations who had registered an interest in being kept informed about the launch of the compensation scheme, which included other recipients’ email addresses. Five batches of emails, each with 100 recipients, were affected. No other personal data was included.

“A recall was commenced as soon as the problem had been identified. The departmental data protection officer has been informed and an internal review will be conducted to ensure this cannot happen again. The department has voluntarily notified the Information Commissioner’s Office of the incident. I am firmly committed to doing right by the Windrush generation.”

What can you do if you have suffered because of the Windrush data breach?

Experiencing a data breach can result in significant stress and anxiety, which can lead to a diagnosable psychological injury.

For people who have already been wrongly branded as “illegal immigrants” knowing that their personal information has been violated could be particularly distressing.

If you have suffered damage or distress caused by the Windrush data breach you have a right to claim compensation. To find out how we can help you recover any losses, contact us to discuss your case in more depth.

For more advice on how to keep your data safe, follow us on Twitter and Facebook.