Predicted surge in data privacy litigation claims
The European Court of Justice (ECJ) ruled in May that individuals can seek compensation for non-material damages resulting from General Data Protection Regulations (GDPR) violations. In this article we consider the potential implications for insurers.
The case
The case considered an Austrian citizen who sued the country’s postal service for processing their data without their consent. The Claimant sought reparations for ‘non-material damage’ under GDPR’s liability regime, alleging that they had been caused substantial distress. In its defence the postal service asserted that the Claimant data subject had not suffered sufficient damage.
The national court was unsure as to the extent to which compensation rights for non-material damages apply under GDPR’s Article 82, so it referred the case to the ECJ.
ECJ decision
The ECJ ruled that:
‘Not every infringement of the GDPR gives rise, in itself, to a right of compensation’.
However, there is no requirement for non-material damage to reach a certain threshold of seriousness to confer a right to compensation. As such, data subjects seeking compensation for GDPR breaches can do so without proving that a specific threshold for the seriousness of the harm is met. It is then for national courts to decide on the appropriate level of damages.
Considerations for insurers
Despite the claimant still having to prove a GDPR violation and a causal link between the violation and the harm, this decision could result in an increase in data privacy claims against businesses.
However, this case must be balanced against the case of Lloyd v Google, in which the Supreme Court held that a mere loss of control over data does not automatically result in compensation. Indeed, the ruling of the ECJ is not binding on English courts following Brexit. Nevertheless, the decision could still be persuasive and influential in judges’ decision making in the UK. As such, insurers and underwriters should consider the scope of coverage they offer to policy holders, particularly under management liability, professional indemnity and cyber wordings, where cover for data privacy claims is often provided.
Additionally, insurers may also wish to consider incorporating tighter conditions into their wordings in relation to GDPR compliance.
Contents
Key contact
Tim Johnson
Partner
tim.johnson@brownejacobson.com
+44 (0)115 976 6557
You may be interested in...
You may be interested in...
Legal Update
Building an inclusive workplace: strategies for attracting and retaining disabled talent
On-Demand
Kinship care: DJ v Barnsley Metropolitan Borough Council and SG
Legal Update
After a pause, Buy Now Pay Later (BNPL) regulation becomes one step closer
Legal Update
Updates to the UK’s Arbitration Bill
Legal Update
Ozempic: The rising costs and coverage issues of weight loss medication
Legal Update - Employment Rights Bill
What does the Employment Rights Bill mean for employment practices liability insurance?
Legal Update
ICAEW: Changes to PII requirements
Legal Update
Contractor insolvency: Peabody Trust v NHBC
Legal Update
Insurability by design: Increased transparency for vehicle manufacturers and insurers
Legal Update
By a narrow 2 to 1 majority, the Court of Appeal finds in favour of insurers in the construction of an exclusion clause in a W&I policy
Legal Update
Organisational approaches to ESG and sustainability matters
Legal Update
LMA binders’ consultation
Legal Update
Smooth sailing ahead: The LMA's new Open Form Default Clause
Legal Update
PFAS: The issue that won’t go away
Legal Update
Oklahoma earthquake: Racial discrimination in adjudication
Legal Update
Will the Online Safety Act help reduce Google ad spoofing in insurance?
Legal Update
Vicarious liability for kinship foster carer abuse: Implications for local authority insurers
Legal Update
Latest short-term insurance trends
Legal Update
Motor finance complaints on hold: Why now is the time for strategic action
Published Article
General insurance claims part 3: evidence of the insurance markets’ learnings from the consumer duty
Legal Update
Artificial intelligence putting the ‘actuarial defence’ to the test?
Legal Update
Under the influence: France introduces insurance requirement for influencers
Legal Update
Insuring a summer of sport
Legal Update
The impact of UK riots on insurers
Legal Update - The Word
The Word, August 2024
Legal Update
Product Safety and Metrology Bill: E-bike and e-scooter fires
Opinion
Choose your words wisely: Balancing inclusivity and employees’ beliefs at work
Published Article - Consumer Duty
General insurance claims: The consumer duty’s easy target? (part 2: ‘a history of warnings’)
Legal Update
Words matter: Another case on the importance of accurate drafting
Legal Update
How might AI impact insurer climate targets?
Legal Update
London Fire Brigade to stop attending for automatic fire alarms: Implications for insurers
Legal Update
Navigating Oil Price Cap legislation: LMA issues revised Cargo and Hull wordings
Legal Update
It’s not cricket: Insurers change their mind about jurisdiction
Legal Update
Using AI to help spot vulnerable customers
Legal Update
Is your cyber resilience shored up?
Legal Update
CrowdStrike: Assessing the fallout of potentially the “largest IT outage in history”
Press Release
Browne Jacobson survey finds 38% of insurers considering pulling out of the solicitors PII market
Legal Update - DORA
EU Digital Operational Resilience Act: Countdown to comply with the January 2025 deadline
Legal Update
Changing lanes: Automated Vehicles Act 2024 becomes law
