Have you been subject to a stolen phone data breach? This article will explain what information could be compromised in a stolen phone incident. We will also explain what can happen to companies who breach your personal data and what compensation you may be eligible to receive.
Phones are a big part of life, constantly in use, whether banking or exchanging emails, they store a lot of personal information. It can be a violation of privacy potentially, and negatively impact your finances and mental health, which could strain your personal relationships.
Our advisors are available 24/7 to answer any of your legal questions. They offer free, relevant legal advice to determine the validity of your claim. They may forward you to our panel of No Win No Fee lawyers who can help begin the claiming process. Get in touch today by:
Select A Section
- What Is A Stolen Phone Data Breach?
- Mobile Phone Theft Statistics
- What Information Could Be Stolen From A Mobile Phone?
- What Should Happen If A Company Breaches Your Data Privacy?
- How Much Could I Claim For A Stolen Phone Data Breach?
- How We Could Help You
Since the UK left the EU, the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 were instated into law to run alongside each other to ensure that your personal data is protected.
The UK GDPR defines personal data as identifiable information. It can identify you directly or in combination with other data. Personal data can include:
- Home address
- Email address
- Banking information
As a data subject, there are two main entities that may handle your personal data:
- Data controller – The organisation that determines the purpose of processing your personal data.
- Data processor – A body outsourced by the controller to process the data on their behalf.
A personal data breach is a compromising of your personal information in a security incident. It is where your personal information is accidentally or unlawfully disclosed, destroyed, accessed, altered or lost.
- Legal obligation
- Vital interests
- Public task
- Legitimate interests
It is important to note that the lawful bases are equal to each other meaning that consent does not have more importance to processing your data than contract or vital interests. In the case of a stolen phone data breach, there is no lawful processing of your data, therefore you may be able to claim.
The Information Commissioner’s Office (ICO) is an independent authority that enforces data protection legislation. It reported in their data security incident trends that there were 2404 incidents reported in the 3rd quarter of 2021/22. 1773 were reported as non-cyber with 44 cases of lost or stolen devices containing personal information.
UK Smartphone Theft Statistics
The table below shows the number of lost and/or stolen phone data breaches in 2021/22:
Special category data is more sensitive and, therefore, requires more protection. It includes:
- Racial or ethnic origin
- Political opinions
- Religious or philosophical beliefs
- Trade union membership
- Genetic data
- Biometric data
- Health data
- Sex life and orientation
If a company has a stolen phone data breach and compromises your personal data privacy, the ICO outlines the next steps you can take. The ICO has an extensive complaint system, and if you report a data breach to them, they could investigate the organisation penalising them if they found they have failed to properly safeguard your data.
What Steps Can I Take?
Personally, there are steps you can take after being subject to a stolen phone data breach. If the organisation notifies you of the breach, you can contact them about it to find out what personal information was involved.
If you’ve found out about a potential breach but the organisation hasn’t notified you of it, you could contact the ICO. That’s when you’d take the complaint as outlined above.
When organisations find that a personal data breach has risk data subjects’ rights and freedoms, they have to report it to the ICO within 72 hours of discovery. The ICO’s how to respond section suggests organisations should do the following:
- Don’t panic
- Start the 72-hour timer
- Gather facts about the incident
- Try to contain the breach
- Assess the risks
- And, if necessary, protect those who are affected
For more information on the steps to take after a stolen or lost phone data breach, talk to our advisors today.
In a data breach claim, there are two heads of compensation you may be able to receive according to how the data breach affected you. For example:
- Material damages – The tangible damages of financial loss. This can include the breach of banking information, where your money and identity have been compromised and it has affected you financially.
- Non-material damages – The mental damage sustained due to the data breach. A personal data breach may cause anxiety, depression, paranoia, undue stress and other psychological harm.
The Judicial College Guidelines (JCG) outline potential brackets for the non-material damages which cover the mental harm suffered due to the data breach incident. The below table includes figures from the JCG. You can see included mental health injuries, such as post-traumatic stress disorder (PTSD), by severity:
|Severe general mental damage (a)
|£54,830 to £115,730
|Where the injured person has an inability to cope with life, education and work. The amount awarded depends on the impact on interpersonal relationships, the extent of treatment, future vulnerability, prognosis and whether the medical treatment has been undertaken.
|Moderately severe general mental damage (b)
|£19,070 to £54,830
|The injured person experiences the same factors as above, but with a better prognosis.
|Moderate general mental damage (c)
|£5,860 to £19,070
|The prognosis will be considerably better in regards to the above factors.
|Less severe general mental damage (d)
|£1,540 to £5,860
|The award changes according to disability period and how much daily life and sleep were impacted.
|Severe PTSD (a)
|£59,860 to £100,670
|The injured person is prevented from working to the same functional level or close to the pre-trauma level.
|Moderately severe PTSD (b)
|£23,150 to £59,860
|Better prognosis compared to the above bracket as the recovery has happened with some professional help, but the effects can cause future disabling effects.
|Moderate PTSD (c)
|£8,180 to £23,150
|A large recovery has taken place and any lasting effects will only be minor disabilities.
|Less severe PTSD (d)
|£3,950 to £8,180
|Where a near full recovery has taken place within one to two years and lesser symptoms last over a longer period.
The Court of Appeal held via the Vidal-Hall v Google case, that a data breach claim can be made just for non-material damages. This means that you do not need proof that you have financially suffered in order to make a claim for psychological harm too. Before this case, you had to prove financial loss in order to seek damages for psychological harm.
Contact our advisors for more data breach compensation examples.
Our advisors are available around the clock to help you understand whether you can pursue your data breach claim. They may even connect you to our panel of No Win No Fee lawyers.
A Conditional Fee Agreement (CFA), commonly referred to as a No Win No Fee agreement, is a type of legal arrangement whereby you avoid paying a hiring cost for your lawyer. If your claim is unsuccessful you do not pay any of your lawyers’ success fee.
A CFA lawyer takes a success fee, a minor capped percentage of your compensation, that covers the accumulated legal costs during proceedings.
If you would like legal help, get in touch with our advisors today to help understand if you have grounds for a claim. Contact us by:
Further Reading On Data Breach Claims
Please read the other useful articles:
Or read the informative links provided:
Contact our advisors today for more information on your potential stolen phone data breach claim.
Article by AA