Helping victims claim Group Actions worldwide

The third anniversary of the GDPR

Need HELP! Let Us Call You Back...

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.

This May, we have reached the third anniversary of the GDPR, which was introduced in the UK and across the EU in 2018. Seen as a momentous event for data security, the General Data Protection Regulation was predicted to overhaul data protection policies in UK businesses and organisations, affording data subjects greater rights and securities.

Designed to update data protection for the digital age, the GDPR requires that all data controllers use the appropriate technical cybersecurity measures and organisational strategies when processing and holding personal information. To some extent, important changes have been made, but it seems many data controllers have yet to fully grasp what their legal obligations are under the GDPR.

Unfortunately, there has been no major downturn in the occurrence of data breaches over the last few years, which have left countless victims worrying about the mishandling and/or exposure of their private information. Over more than 6 years of representing victims for privacy matters, we have seen how profoundly victims have been affected by incidents. We will be here to support victims in making data breach claims for as long as organisations neglect their data protection duties.

How has the GDPR affected data security?

At the third anniversary of the GDPR, we can look back and see that, in theory, the GDPR has put increased pressure on data controllers to safeguard personal information. The legislation has allowed the Information Commissioner’s Office, the UK’s data protection regulator, to take greater action against, and even force greater penalties, on third parties that are found to be in breach of the law. With this threat looming over them, companies should have been persuaded to rethink their data protection policies.

However, thousands of data breaches still occur every year, with some of the largest incidents suggesting that some organisations still have little understanding or respect for their legal obligations. For example, the Virgin Media data breach, for which are representing claimants in a group action, affected around 900,000 UK consumers, all of whom had their information exposed due to an avoidable security vulnerability.

The rights of victims – data breach compensation claims

While many victims continue to be put at risk by data breaches as we reach the third anniversary of the GDPR, the law can nevertheless enable those affected to claim compensation for any harm caused.

In fact, the GDPR can account for the dual impact of data breaches, allowing victims the chance to claim for the emotional distress that they have suffered, as well as any financial losses or expenses that they may have incurred as a result. The financial impact is a vital inclusion, as many victims of data exposure can fall prey to fraud and scam attempts due to cybercriminals misusing their compromised information.

The third anniversary of the GDPR – looking to the future

Now we have come to the third anniversary of the GDPR, it is important to look to the future. As specialists in data breach group action claims, we believe that companies need to do a lot more to protect personal data, starting with educating their employees on data protection and employing up-to-date cybersecurity measures.

If you have been on the receiving end of a data breach, it is important to remember that you may have the right to make a compensation claim. Having represented thousands of clients for privacy matters since 2014, we have also been involved in a number of high-profile data breach group actions, including those against Virgin Media, British Airways and Equifax.

We have the expertise to win you the compensation you deserve, so contact us for free, no-obligation advice if you think you may have a claim to make.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a call back from our team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.


The easyJet cyberattack – victims can still claim compensation
Diesel emissions claims