, ,

What is a group action claim?

equifax data hack

If an organisation has failed to protect your personal data and breached any part of the Data Protection Act, you have a right to claim compensation. However, in many cases, where a breach occurs, you won’t be the only person making a claim. In such circumstances, it is often worth joining a group action data breach claim.

In this jargon-free guide, we take a look at what a group action claim is, and how you can join one.

What is a group action claim?

A group action claim is where a group of people – sometimes even thousands of people – have been affected by the same issue. Group action cases are also sometimes called class actions, collective redress actions, or multi-party actions. With a group action, this group of people (the Claimants) collectively bring their cases to court against a Defendant. These victims then fight together to achieve compensation in the High Court of Justice.

In 2015 – in the first group litigation of its kind in the UK – 5,518 people brought a claim against Morrisons under the Data Protection Act 1988, for misuse of private information and breach of confidence.

What is a representative action?

A representative action is a type of group action. Representative actions are launched when a group of people are affected by the same issue and have experienced the same level of harm.

Representative actions tend to be used in straightforward mass data privacy scenarios. For example, where customers of a company have had their email addresses stolen and data privacy violated.

In representative actions, one solicitor will represent all clients. A judge will decide who this solicitor is. Because of our unique experience in data breach group actions, we expect that Hayes Connor will be appointed as the representative in many future actions.

In representative actions, one member of the action will typically sue on behalf of themselves and the rest of the group. Once compensation has been agreed, each member of the representative action will receive the same amount.

The benefits of group action claims

Group action claims are becoming far more common in the UK. Here are just some of the reasons why:

  • Strength in numbers. Starting a claim can be frightening, and it’s not unusual for people who have perfectly valid complaints to be put off due to the risks of going up against a large and well-resourced Defendant. Where cases are very similar, group actions can be a powerful tool and can redress the balance
  • Save on legal costs. By joining together, individuals can share the risks and costs of claiming compensation. Legal advice is also shared, so not everyone in the action needs to pay for their own solicitor
  • Help victims with smaller claims. Group actions provide a way for people with more modest cases (that may not justify legal fees) to claim the compensation they deserve. Often, solicitors will agree to take such cases on a no-win-no-fee basis
  • You might not have to go to court. Usually, a Lead Test Case is started, and common issues are tried. The result of this case is then used as a precedent for other cases in the action; so every single claim doesn’t have to be taken to court.

Who can make a group action claim?

In data breach cases, the Information Commissioner’s Office (ICO) investigates any reported breaches and has the power to impose hefty fines. If the ICO believes that an organisation broke the law, this information can be used in court to support a group action claim.

If you have suffered damage, distress, or a loss of privacy caused by an organisation breaching any part of the Data Protection Act, and the ICO finds that the organisation did indeed break the law, you have a right to claim compensation. However, in many cases, where a breach occurs, you won’t be the only person making a claim. In such circumstances, it is often worth joining a group action claim.

However, before you can join a group action, the court decides whether claims can be grouped together. Where approved, a group litigation order (GLO) is created which grants permission for group action proceedings to begin.

In many cases, people start to think about joining a group action before the court has issued a GLO, or even before an organisation has been found guilty and fined by the ICO. For example, at Hayes Connor Solicitors, having witnessed an influx of queries from clients who have received letters from Equifax informing them that their data may be at risk following the latest hack, we are currently building a secure database of victims who want to seek compensation for damages or distress suffered. If Equifax is fined, we will let people know when their claim for compensation can be made and help them get the compensation they deserve.

Does everyone in a group action claim get the same amount of compensation?

No. Just because your case is part of a group action doesn’t mean that you will receive the same amount of compensation as everyone else.

All claims within a group action are settled based on their merits, and, as with any case, the value of your claim depends on the extent of your suffering. So if your claim is successful, you will receive what you are owed.

What can we claim for?

You can claim compensation if an organisation has failed to protect your personal data – regardless of whether or not you have suffered as a result of the breach. However, where you have experienced financial, medical harm, anguish or anxiety, we can make a more significant case. In group action cases we will claim for:

  • Financial losses. A data breach can lead to both financial and/or identity theft. And the result of either of these can be devastating. With enough information, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts
  • Distress, anguish and anxiety. Even if you haven’t lost out financially after a data breach, this doesn’t mean that there is no harm done. Being the victim of a crime can have a significant impact on you mentally and physically.
  • Loss of privacy. You do not have to have experienced harm as a direct result of a data breach.  If a company does not protect your data in the way it is legally obliged to do, and you have suffered a loss of privacy, you can make a claim. For example, if your email address was stolen or otherwise put at risk.

There are no guidelines about how much compensation you can be awarded for a claim under the Data Protection Act. If you do go to court, it is up to the judge to consider all the circumstances, including the seriousness of the breach and the impact on you.

Making a group action with Hayes Connor Solicitors

If you want to  join one of our group actions, contact Hayes Connor Solicitors ASAP. We’ll advise you on whether you have a valid claim, answer any questions you might have and go through your options with you. It goes without saying that our process is fully compliant with ICO guidance and we never put your details at risk.

Once we have established that your data has been breached – and the extent of this failing – we’ll start the claims procedure on your behalf. We’ll only do this with your explicit agreement

Once we have your permission we’ll investigate your case,  gather together the relevant paperwork and evidence, and make sure all the necessary court forms are filled in on time.

We will try to reach a settlement

Before taking your claim to court, the judge will want to know what steps you have taken to settle the claim. So, we’ll write to the offending person or company offering a settlement. The minimum amount of damages sought will depend on the nature of the injustice and the impact this had on you. If the claim includes substantial losses or harm, or the leak of personal, medical, financial or sensitive business information, the level of settlement required would increase. At Hayes Connor Solicitors we seek the maximum compensation possible on your behalf.

Going to Court

If the other party does not agree to our terms, and we fail to reach an agreement, we will write to them to tell them that we intend to take the matter to court. In many cases, including data breach cases where the company has already been fined by the ICO, these claims are taken seriously. Likewise, the costs of contesting a claim often far exceed the costs of settlement, so there is usually a willingness to pay a reduced amount rather than face larger costs and bad publicity.

If your group action case does go to court, you will need evidence to back up your claim, and we will work on establishing this for you. Where the company/individual has already admitted to a crime, or to breaching private data, or has already been found culpable, the chances of success are very strong.




1 reply

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply