Lost And Stolen Devices Data Breach Claims
By Cat Soong. Updated 19th April 2022. This guide is focused on making lost and stolen devices data breach claims.
Sometimes it’s essential for organisations to store or access personal data on devices such as laptops. For example, many administrators are able to work from home and access company systems online by using a laptop.
If this device is lost or stolen, there should be security measures in place so that anyone unlawfully accessing the laptop won’t be able to see the personal data on the company’s online systems. What’s more, employees should be trained so they’re aware of data protection security.
This guide will explain why you might have a valid claim if an organisation fails to take appropriate measures and, consequently, your personal data is involved in a data breach. We also look at how you’d need to show you suffered financial loss or psychological harm (or both) as a result.
One consideration to keep in mind is that every claim is at least somewhat unique. Although yours might be similar in some ways to other data breach claims, they won’t be identical. Because of this, we may not have covered every answer you have in this guide. However, we do have our advisors available 7 days a week, 24 hours a day.
They give free legal advice with no obligation for you to proceed with the services of our solicitors.
You can call 0800 073 8804 and speak to an advisor whenever you’re ready. You could also use our live chat for instant answers online.
Select A Section
- A Guide On Lost And Stolen Devices Data Breach Claims
- UK GDPR Breach Statistics
- What Is A Lost And Stolen Devices Data Breach Claim?
- What Devices Could Be Lost Or Stolen?
- How Could Human Error Cause A Device To Be Lost Or Stolen?
- What Kind Of Information Can Be Stolen From Data Breaches?
- Preventing The Loss And Theft Of Devices
- How To Sue For A Breach Of My Information Security
- Types Of Damages Awarded Following A Data Protection Breach
- Calculating Lost And Stolen Devices Data Breach Claims
- No Win No Fee Lost And Stolen Devices Data Breach Claims
- Get In Touch
- Learn More
- FAQs On Lost And Stolen Devices Data Breach Claims
A Guide On Lost And Stolen Devices Data Breach Claims
This guide covers making claims for lost or stolen devices that result in you suffering financial loss or psychological harm.
Devices that could be used to store or access personal information include:
- Mobile phones
We begin this guide by using a graph to show how common device-related data breaches are. Additionally, in the first part of the guide, we give an overview of what a lost or stolen device data breach claim is. You will learn about how personal data can be protected, and the laws that help to safeguard this data in the UK.
We also discuss how these claims can come about. The type of data and information that could be stored on a device is covered. Additionally, we offer some advice on how organisations could prevent a device from being lost or stolen.
We also explain the claims process. We offer some basic advice on how to get your claim started, and what you could do following a device data breach. Additionally, we explore the two different heads of claim in data breach claims and consider how a No Win No Fee lawyer could help you.
To learn more about lost laptop data breach claims, or to find out your rights following a data breach caused by a stolen laptop, contact our advisors today. They offer free legal advice and may be able to forward you on to one of our expert data breach solicitors.
Time Limits To Start A Claim
You have to start stolen devices data breach claims within the timeframe that can vary depending on the circumstances of the data breach. Once the claim has begun, there isn’t a deadline for its conclusion, but it should be started within the claims time limit.
In the UK, the general time limit for making a data breach claim is six years. However, if you find yourself needing to claim against a public body, this time limit may only be one year. For example, if you are making a lost laptop data breach claim against the local council, you may only have one year to start your claim.
To ensure you have the correct timeframe in mind, we recommend that you call and talk to one of our advisors. Once they understand enough about your claim, they can tell you exactly which deadline could be applicable.
UK GDPR Breach Statistics
There is an organisation in the UK known as the Information Commissioner’s Office (ICO). Alongside its responsibility for enforcing personal data security and privacy legislation, it also collects information related to known data breaches.
Some of this information is made available to the public, in their data security incident trends document, for example. We used this data to create the graph you see below. It pertains to lost and stolen device data breaches reported to the ICO in Q3 2021/2022.
It is not just a stolen mobile phone or a lost laptop that could become the basis of a data breach claim. Any portable device or gadget capable of storing personal data could be the cause of lost or stolen devices data breach claims.
A personal data breach is caused by a security issue that leads to the unlawful or unauthorised access, disclosure, destruction, alteration or loss of personal information.
Types Of Data Protected
Personal data/information is any information that can be used to identify you, whether on its own or with other information. For example, your name, address and email address are examples of personal data. However, other data, such as credit card numbers and bank account numbers are personal data.
Special category data is a type of personal data. However, it is deemed more sensitive. It is personal data about:
- racial/ethnic origin;
- political beliefs;
- religious or philosophical beliefs;
- trade union membership;
- genetic data;
- biometric data (if used for the purposes of identification);
- sex life; and
- sexual orientation.
To find out if you could be eligible to make a lost laptop data breach claim, call our team of advisors by following the information at the bottom of the screen.
The Laws That Apply
Before the UK left the European Union (EU), we followed the EU General Data Protection Regulations (GDPR). However, the EU GDPR was enacted into UK law through the Data Protection Act 2018. It sits alongside an amended version of the UK GDPR.
Essentially, organisations that collect, hold or process personal information should abide by data protection legislation. If they fail to take appropriate steps to protect your personal data and it is involved in a data breach as a consequence, you could claim. You could be able to recover compensation for financial losses and psychological harm.
What Devices Could Be Lost Or Stolen?
There is a range of different gadgets and portable devices that could become the basis of lost or stolen devices data breach claims. They include:
- Mobile phones
- USB memory sticks
- Personal Digital Assistants (PDA)
- Portable hard drives
For example, in a lost laptop data breach claim, your personal information may have been exposed to thieves or passers-by who may have come across a laptop on public transport or in a public area. If this laptop is not secured, your data may become accessible to people who are not authorised to see it.
If your personal data has been exposed in a data breach caused by a stolen laptop, contact our advisors today. If your claim is valid, they may be able to put you in touch with one of our expert data breach solicitors.
How Could Human Error Cause A Device To Be Lost Or Stolen?
Lost or stolen devices data breach claims that are the result of human error can occur. For example, an organisation may not have trained their employees properly in personal data protection. This could have led to the accidental loss of personal information.
Physical Security Errors
The loss or theft of a device involves handling the device physically. Though many employees are trained in online personal data security (such as avoiding falling for phishing emails), they may not be aware of potential physical security errors.
Examples of security errors that could lead to data breaches are:
- Leaving a phone that has access to personal information in a place where it could be accessed unlawfully.
- Data breach caused by a stolen laptop
- A smartwatch that has access to personal information being stolen.
- A USB memory stick containing personal data falling out of a pocket.
- An external hard drive doesn’t have personal data securely removed before it is thrown away.
- A tablet with access to personal information is stolen out of a bag while it is left unattended.
- A USB memory stick containing personal data is leant to a third party, and they access and steal the data.
If your personal data was lost or exposed due to a physical security error, such as a data breach caused by a stolen laptop, get in touch today. Our team of expert advisors can provide free legal advice and help starting your claim.
What Kind Of Information Can Be Stolen From Data Breaches?
We have looked at some of the ways that human error or lax physical security can lead to lost or stolen devices data breach claims. Now, we look at the kinds of personal data that organisations might store about you. Examples are given below.
- Email Addresses
- Bank account and credit/debit card information.
- National Insurance Number
- Passport copies
- Driving licence copies
- Logins and passwords
All of this data could potentially be exploited in some way which, in turn, could cause you financial loss and stress, trauma or mental hardship.
Preventing The Loss And Theft Of Devices
A valid claim involves proving that you suffered financial loss or mental harm because of the data breach.
However, in order to avoid claims, organisations can take steps to protect a device from loss or theft. For example, they might:
- Restrict the use of devices such as USBs and keep their use strictly monitored.
- Train employees in data protection.
- Ensure appropriate security measures are put in place.
- Enable location tracking on phones, tablets and laptops that have this feature.
- Install quality security patches and hotfixes, as well as antivirus updates too.
Many organisations that handle personal information will even prohibit the use of portable devices such as USBs altogether.
If the device has been lost or stolen then, whether or not preventative measures have been taken, an employee should report a lost device, or report a stolen device.
How To Sue For A Breach Of My Information Security
One of the keys to lost and stolen devices data breach claims is proving that a party that was supposed to protect your personal data failed to do so through positive wrongful conduct.
For example, an organisation may not have trained staff properly in personal data protection. Alternatively, it may not have had appropriate data security. Either of these examples could lead to personal data being lost or stolen.
If you suffered financial loss or psychological harm as a result of the data breach, you could claim. To begin with, you’d need to collect evidence such as:
- Emails from the organisation confirming that your personal data was involved in a data breach.
- Financial documents (such as credit scores) that show your losses caused by the data breach.
- Medical records that show how your mental health was impacted.
Our expert data breach solicitors can help if your information has been exposed in a data breach caused by a stolen laptop or other stolen or lost device. They have helped many claimants get the compensation they were entitled to. Call today to learn how to get your claim started.
Should The ICO Be Informed Of Lost And Stolen Devices?
You do have the option of reporting a data breach to the ICO. This is not mandatory: it is entirely up to you whether you take this step before starting a claim.
However, it is worth keeping in mind that if the ICO upholds your report and complaint, it could add weight to your claim. Keep in mind, though, that the ICO may only follow up on a report of a data breach if you’ve already tried to resolve the issue with the organisation that was supposed to protect your personal information.
Essentially, if you’ve contacted the organisation and haven’t received a satisfactory response, you’d need to get in touch with the ICO about the breach within three months of the organisation’s final response to you. Waiting longer than this can affect how they deal with the complaint.
Types Of Damages Awarded Following A Data Protection Breach
There are two potential sources of damages if lost or stolen devices data breach claims are successful. These are material damages (monetary loss), and non-material damages (trauma, stress, mental harm, etc.).
Firstly, let’s cover material damages. If your personal data is used for theft, it could cost you financially. For example, after a case of identity theft you may find your bank account empty and your credit cards to the limit.
Additionally, you may have had to pay for therapy sessions that the NHS couldn’t cover. If the financial loss was caused by the data breach, you can potentially claim it back.
Non-material damages are paid for the psychological injuries you suffer due to the data breach. Dealing with a personal data breach could be stressful and traumatic. However, you could be able to claim for this.
In the case, Vidal-Hall and others v Google Inc , the Court of Appeal held that claimants who had not suffered a monetary loss due to a data breach could claim for psychological harm if they’d suffered it.
Before this case, you had to have suffered financial loss in order to claim for psychological harm too. Now you could claim for both or either.
Calculating Lost And Stolen Devices Data Breach Claims
You may be wondering ‘how much compensation can I get for a breach of data protection?’ If you want to find out roughly how much lost or stolen devices data breach claims could be worth, you can try our compensation calculator.
Alternatively, you can use the compensation table below to work this out. We referred to the guidelines that are produced by the Judicial College to make this table. These guidelines contain brackets of potential compensation for various injuries and their severities. Legal professionals use the guidelines to help them when valuing injuries.
|Level of Damage
|£51,460 – £108,620
|The injured party has a very poor prognosis and struggles to cope with life, work and education.
|£17,900 – £51,460
|Though the injured party suffers similarly to the above, their prognosis will be better.
|£5,500 – £17,900
|The injured party will have clearly improved and the prognosis will be good.
|Up to £5,500
|How much everyday activities and sleep were affected will be taken into account.
Our advisors give free estimates of what you could claim by taking into account different factors regarding your case.
In order to prove your injuries were caused or exacerbated by the accident, you’d need to attend a medical assessment. An independent medical professional would assess the psychological harm you’ve suffered and create a report that establishes the severity of the injury.
No Win No Fee Lost And Stolen Devices Data Breach Claims
It could be possible to make lost and stolen devices data breach claims using a No Win No Fee lawyer. This means you wouldn’t need to pay upfront fees to the lawyer at the beginning of the claim. Also, you’d have no lawyer fees during the time it takes to process the claim. Furthermore, if the claim fails, you won’t need to pay a penny in lawyer fees.
If the claim is won, then a success fee would be due to the solicitor. However, this is capped by law and is collected out of the compensation payment after it comes through.
Get In Touch
Do you need more information about making lost or stolen devices data breach claims? Or perhaps you have evidence of a valid lost laptop data breach claim? No matter what legal advice you need, call and speak to one of our advisors using the contact information below. They are available 7 days a week, 24 hours a day to help you.
- Call 0800 073 8804
- Use our webchat on this page for instant online answers
- Use our claim online form and we’ll get back to you
The following links will take you to more of our data breach guides.
- Post-Traumatic Stress Disorder Claims
- Data Breach Claims Against Employers
- Social Services Data Breach Claims
- University of Northampton Data Breach
- University of Portsmouth Data Breach
- University of Salford Data Breach
- University of Sheffield Data Breach
- University of Southampton Data Breach
- University of Suffolk Data Breach
- University of Surrey Data Breach
- University of Sussex Data Breach
- University of the Highlands And Islands Data Breach
- University of the West of England Data Breach
- University of Warwick Data Breach
- University of Westminster Data Breach
- University of Winchester Data Breach
- University of Wolverhampton Data Breach
- University of Worcester Data Breach
- Watford Community Housing Data Breach
- Whitbread Data Breach Compensation Claims
- Wiltshire Council Data Breach
- Wolverhampton Council Data Breach
- Wrexham County Borough Council Data Breach
- I Suffered Stress Due To A Data Breach, Am I Eligible To Claim Compensation?
- Virgin Media Data Breach Compensation Claims
- GP Data Breach Compensation Claims
- Anglia Ruskin University Data Breach Claims
- Employer Personal Data Breach Claims
- Can I Get Compensation For Loss Of Medical Records?
- My Personal Data Has Been Lost After A Breach, What Are My Rights?
- Learn how to make a school data breach claim with our helpful guide and find out more about the data breach claims process.
The following external links may be of use to you.
Sending Personal Data By Email
FAQs On Lost And Stolen Devices Data Breach Claims
Here are some short answers to questions often asked about device data breach claims.
Can I get compensation for a data breach?
If you have suffered financial loss or mental hardship due to a data breach, you may be able to claim data breach compensation.
How much compensation can I get for a breach of data protection?
This is difficult to say, as it is based on the specifics of your claim. Call our advisors to have your claim valued for free.
What kind of information can be stolen from data breaches?
Your personal data could be accessed and used if you lose a device or have one stolen and it held your unsecured personal information. For example, in a lost laptop data breach, the thief may have access to personal records stored on an office network. This, in turn, could lead to a data breach claim.
Is A Lost Phone A Data Breach?
If a phone contains personal or special category data, it could be classed as a data breach.
What constitutes a breach of data protection?
In reference to lost or stolen devices data breach claims, a data breach could be defined as a security breach that leads to the unlawful or unauthorised loss or access of personal data. Generally, a data breach also includes the unlawful or unauthorised destruction, alteration or disclosure of personal information.
Written by Wheeler
Edited by Victorine