Industry News

Home / Industry News
News > News Article

18 October 2013

Compensation for Data Protection Breaches

Compensation for Data Protection Breaches

 

Whilst not an Employment Law case, Halliday v Creation Consumer Finance gives welcome clarity over the level of damages that should be awarded if anyone (including employers) breaches the Data Protection Act.

Given the amount of information employers hold, and the multitude of requests by third parties for access to that information (by, for instance, banks, mortgage companies, solicitors), any clarity on the penalties for getting it wrong is useful

Mr Halliday's sorry tale begins when he bought a new TV.  He entered into a credit agreement with CCF and as a result of CCF delivering incorrect information to Equifax he ended up with an adverse credit report.  Several court claims and counter-claims later, the Court had to decide how much he should be awarded for his distress.

Given that he has pursued this all the way up to the Court of Appeal, it is apparent that Mr Halliday was very distressed indeed.  He claimed he should be compensated in the same way that "injury to feelings" are dealt with in discrimination cases.  This involves 3 different levels of compensation, and Mr Halliday considered he should be awarded something in the "middle band" between £6,000 and £18,000

Unfortunately for him, the Court of Appeal declined to follow Mr Halliday's reasoning.  It found that the intention of the DPA legislation was not to make significant awards for damages. It was not necessary to follow discrimination law principles because, said Lady Justice Arden "discrimination is generally accompanied by loss of equality of opportunity with far-reaching effects and is liable to cause distinct and well known distress to the complainant", whilst a breach of the DPA is only likely to cause a frustrating distress.

Consequently the Court only awarded Mr Halliday £750 for his distress claim under section 13(2) of the DPA.

Conclusion

Controlling employee data can be administratively difficult, and on occasion information may slip through the net. At least an employer now has the reassurance that in similar circumstances to the Halliday case any financial consequences will not be excessive.

However it is worth pointing out that serious breaches under the Data Protection Act may attract the attention of he Information Commissioner, who can levy fines of up to £500,000, as Hertfordshire County Council (£100,000) and A4e (£60,000) have found to their cost

 

 

Share this page
Most Read

Intergraf Economic News (Paper Prices) - September 2024Intergraf Economic News (Paper Prices) - September 2024

16 September 2024

Access the latest edition of the Economic Newsletter for the European Printing Industry for data on paper consumption, and pricing data for pulp, paper, and recovered paper.

Applications open for the 2025 Stationers’ Company WarrantsApplications open for the 2025 Stationers’ Company Warrants

19 September 2024

The Stationers’ Company announced today that it is now open for applications for new Warrants and 2025 Warrant renewals.

Join the BPIF

The BPIF is the printing industries champion. By becoming a member you join a diverse and influential community. We help you solve business problems, connect you to new customers and suppliers and make your voice heard in government.