Marriott International Hotels Data Breach Compensation Claims Guide – How Much Compensation Can I Claim? – Amounts For Marriott International Inc Data Breach
Could I Claim Compensation For A Marriott Hotels Data Breach?
There have been a lot of changes in the way that organisations are allowed to use your data these days. Since the introduction of the General Data Protection Regulation (GDPR) and The Data Protection Act 2018, organisations have a duty to keep any data they hold on you safe and secure. If they fail to do so, and a data breach occurs, you could be entitled to claim compensation for any harm caused. In this guide, we’re going to discuss when a Marriott Hotels data breach claim might be required.
Since the GDPR was launched, you have much more say in who can hold personal information about you, how it is used and who else it can be shared with. It also means that companies like Marriott Hotels need to put procedures and systems in place so that any information remains confidential and doesn’t end up in the wrong hands.
While some data breaches might not cause any problems at all, there is the possibility that they can cause a lot of harm and, if they do, the Information Commissioner’s Office (ICO) could step in and issue a large fine to the firm responsible.
If you are considering making a data breach claim, Legal Expert is here to help you. We provide free legal advice in conjunction with a no-obligation telephone assessment. After an advisor has reviewed what happened, they could refer you to one of our specialist No Win No Fee solicitors.
To find out more about starting a claim right away, please contact us on 0800 073 8804 today. Alternatively, to read more about the GDPR and data breaches, please continue reading.
Select A Section
- A Guide To Data Protection Breach Claims Against Marriott International Inc
- What Is A Data Privacy Breach Claim Against Marriott Hotels?
- The GDPR And Marriott Hotels
- The ICO Data Breach Fine Issued Against Marriott Hotels
- Could The Information Commissioner’s Office Help With My Privacy Breach?
- How Victims Of The Marriott Hotel Cyber Attack Could Be Compensated
- How Much Could You Be Awarded For A Data Breach By Marriott International Inc?
- How To Claim If A Private Company Breached Your Data Privacy
- How A Data Protection Or Privacy Breach Lawyer Could Help You
- No Win No Fee Data Protection Breach Claims Against Marriott International Inc
- Sue For Data Breach Compensation
- Additional Claim Resources
A Guide To Data Protection Breach Claims Against Marriott International Inc
In this guide, we’re going to look at a Marriott Hotels data breach that led to them receiving a multi-million pound fine from the ICO. Since the GDPR came into effect, organisations have to ask your permission to make use of any personal information they hold on you and take steps to try and ensure that their databases and files aren’t accessible by unauthorised parties.
The GDPR makes it clear that once a company has gathered your data sharing preferences, they have to stick to them. That means they can’t use them for purposes you’ve not approved when registering with them.
As this guide progresses, we’ll look at what can cause a data breach to happen, what harm they can lead to and when it could be possible to ask for compensation. We’ll also look at the complaints procedure you could use to find out more about how your data was leaked and when you might need to escalate the complaint to the ICO.
There is a 6-year time limit for making data breach claims which is reduced down to a single year if the complaint is about a breach of your human rights.
While that might seem like a long time, our advice is always that you should start the claim as soon as you can. That’s because you’ll find it easier to recall what happened and the effects of the data breach in the months following the incident than you will years down the road. Furthermore, an early start could make it easier for your solicitor to gather supporting evidence.
If you’d like a free assessment of your claim, please contact an advisor. If they believe there’s a reasonable chance of making a successful claim, your call could be referred to a No Win No Fee solicitor today.
What Is A Data Privacy Breach Claim Against Marriott Hotels?
While the Marriott Hotels data breach we’ll look at later involves a hacked computer system, there are a lot more ways in which a breach could happen. The definition listed in the GDPR is a security breach which results in personal information being accessed, lost, altered, destroyed or disclosed by means that you’ve not authorised. The reason for the breach might be illegal, a deliberate act or a complete accident and could involve physical documentation as well as electronically stored information.
As well as the more extreme cases where a hotels computer network is hacked, a data breach can be caused by simple human errors. For instance, if your hotel booking confirmation containing personally identifiable information is emailed or posted to the wrong customer. In another example, if documents containing your personal details are placed into a rubbish bin rather than being shredded, then your information could become available in the public domain.
When a hotel finds out about a breach of its data, they will need to assess whether it puts anybody at risk. If it does, then they are obliged to inform the ICO and the customer about the data that was exposed, when it happened and how it happened.
The GDPR And Marriott Hotels
The contents of the GDPR contain some really useful definitions which help clarify who is responsible for your personal data. They include:
- The data controller is a company or organisation who is responsible for outlining why your data needs to be processed and how it will be collected.
- A data processor is any organisation or individual hired by the data controller to process data on their behalf.
- The data subject is the individual (the hotel guest in this case) whose personal information is going to be processed.
A number of data processing principles are also defined within the GDPR, including:
- A data subject has to be informed of the reason behind the fact that their personal information needs to be processed.
- Data is only allowed to be retained for as long as was specified at the time of processing.
- Any personal information that’s stored should be kept up to date.
- The processing of personal information should be within the law, fair and transparent to the data subject.
- Any information should be processed securely and confidentially.
- Only the minimum amount of data possible should be processed.
- The data controller must be able to demonstrate adherence to these principles.
The ICO Data Breach Fine Issued Against Marriott Hotels
As we’ve briefly mentioned earlier in this guide, the Information Commissioner’s Office has the legal power to fine any company which it decides has broken data protection laws. In this section, we’re going to look at a Marriot Hotels data breach which caused the company to be fined a massive £18.4 million.
The data breach meant that a hacker had the potential to access the personal details of up to 339 million hotel guests. Around 7 million of those personal records were related to British people.
The ICO investigation found that the hacker had access to names, phone numbers, passport numbers, email addresses, arrival and departure details, loyalty programme statuses and the customer’s VIP status.
The cybersecurity breach occurred in 2014 at the Starwood Hotels group which was later acquired by Marriot Hotels group 2-years later. However, it took another 2-years for the problem to be spotted and meant the hacker still had access to customer information well after the takeover had been completed. For that reason, the ICO issued a fine because Marriott had failed to protect their customer’s persona data as required by the GDPR.
While the ICO issued the large fine, they also acknowledged that Marriott Hotels acted quickly and improved the IT systems once the problem had been spotted.
How An International Company Could Breach Your Data Privacy
In this part of our guide, we’re going to look at different ways in which a hotel could cause a data breach. As you’ll see, not all are caused by computer or network security issues. Here are some examples:
- When a letter or email with your personally identifiable information is received by another customer.
- Where your personal details are viewed by a member of staff with no business reason to do so.
- If a computer screen is left unlocked and your details are seen by contractors or non-hotel staff.
- When the hotel’s network security is breached and computers become infected with viruses, malware or ransomware.
- If documentation containing personal information is disposed of rather than being destroyed and ends up in the wrong hands.
If you’re aware of a Marriott Hotels data breach which has affected you and would like to talk to us about starting a claim, please contact an advisor today. Provided you can prove the harm suffered, you could have reasonable grounds for success.
Could The Information Commissioner’s Office Help With My Privacy Breach?
Should you decide that it’s time to think about claiming compensation following a hotel data breach, you’ll need some form of evidence to back up your allegations. In some cases, this might be obtained by complaining to the hotel or by asking the ICO to investigate what’s happened.
In the first instance, you’ll need to speak with hotel management and explain why you’re complaining. After they’ve investigated, you should receive a formal response to your complaint. If you’re not happy with their findings, you should be provided with a way of escalating the complaint such as writing to the head office or a data protection officer within the group.
After you’ve run out of complaint options within the company, and you’re still unhappy with the outcome, you could begin discussions with the ICO. They recommend getting in contact after it’s been 3-months since your last conversation with the company you’re complaining about, but don’t leave it too long otherwise, they can refuse to investigate your concerns.
It’s quite important that we tell you that while a complaint can provide you with answers about what caused a data breach, it won’t mean you’ll receive any compensation. The only way that will happen is if you raise a compensation claim against the firm yourself. Therefore, if you’re at the point where you’d like to start a claim for a hotel data breach, why not contact Legal Expert for free advice on how to proceed?
If your claim is taken on, your solicitor will work with you to decide whether you need to complain to the ICO or whether they could negotiate a compensation settlement with the hotel directly. Please call one of our specialists today for a no-obligation assessment of your claim.
How Victims Of The Marriott Hotel Cyber Attack Could Be Compensated
As we’ve already covered why a data breach claim might be needed, we’re going to use the next few sections to look at what you could claim compensation for, how much might be paid and when using a No Win No Fee agreement could reduce the stress involved with claiming.
When your solicitor sits down to work out what compensation to ask for, they’ll usually look at two different elements:
- Material damages which aim to compensate you for all of the financial losses you’ve incurred.
- Non-material damages which could compensate you for psychological damages caused by the data breach.
We’d really love to tell you exactly what you could include in your claim, but the truth is that every claim is unique. However, once your claim has been properly investigated by a solicitor, we’ll be able to tell you what you could include in your claim.
For instance, when making a claim for your financial losses, the solicitor will also consider whether there will be any long-term impact. One example of this could be where your personal details have been sold to criminals who use them to take out the likes of mobile phone contracts which could affect your credit file for years to come.
Similarly, if you’re claiming for psychological damages, your solicitor will need to find out whether the anxiety, stress or depression has led to problems with work, relationships, education or everyday life.
All of these considerations are really important because it’s vital that everything is included in your claim. That’s because after you’ve settled a claim, you can’t ask for further compensation that you forgot to include later on.
How Much Could You Be Awarded For A Data Breach By Marriott International Inc?
Now we’re going to move on to the potential compensation figures that could be awarded for the harmful effects of a data breach. There was an important case heard by the Court of Appeal, Vidal-Hall and others v Google Inc , in which the judges decided that, unlike some compensation claims, it’s possible to claim for psychological harm even if you’ve not suffered any financial losses. In addition, they decided that any compensation awarded for non-material damage should be to the same level as personal injury claims.
Therefore, the following table contains example compensation figures taken from the Judicial College Guidelines, a document that judges and solicitors use to help determine settlement figures.
|Type of Claim||Claim Level||Settlement Bracket||Details|
|Post-Traumatic Stress Disorder||Severe||£56,180 to £94,470||The victim will struggle to cope at all and the trauma will be largely disabling.
|Post-Traumatic Stress Disorder (||Moderate||£7,680 to £21,730||In this category, the prognosis will be good and the victim will already have largely recovered.|
|Psychiatric Damage (General)||Less Severe||Up to £5,500||Symptoms may involve minor anxiety and depression, which resolve in good time.|
|Psychiatric Damage (General)||Moderate||£5,500 to £17,900||In this category, there will have been a large number of issues but the victim will have improved well and there will be a good prognosis.|
To help prove the level of your injuries, which is important when trying to secure the right amount of compensation, you’ll need to attend a local medical assessment as part of your claim. The specialist will review your medical records and ask questions about how you’ve suffered. Once the appointment has finished, the specialist will prepare a report that contains their findings which will be sent on to your solicitor.
How To Claim If A Private Company Breached Your Data Privacy
To reiterate, if you are looking to begin a personal data breach claim, while an ICO investigation or a formal complaint might help you, they won’t lead to you receiving compensation. If you believe you’re entitled to receive a payout, you’ll need to make a claim against the company directly. While this type of claim can be quite tricky to prove, having a specialist solicitor on your side can make the process a lot easier.
How A Data Protection Or Privacy Breach Lawyer Could Help You
If you are going to make a claim but don’t know which solicitor to use, where should you turn? Well, you might ask friends for a recommendation, you could read online reviews (you can read ours here) or you could just find the most local law firm to work with.
In theory, all of those steps could work, or they could be a waste of time! Why not make things easier on yourself and speak with Legal Expert? We have a team of solicitors who’ve been supporting our clients for decades. If your claim is taken on, your solicitor will explain any complex legal jargon, provide regular updates and do all they can to try and achieve the maximum compensation possible in your case.
No Win No Fee Data Protection Breach Claims Against Marriott International Inc
To make the claims process less stressful and to reduce the financial risks, our solicitors offer a No Win No Fee service for all claims that are accepted.
In the first instance, a solicitor will need to verify that there’s a chance of making a successful claim. After they’ve done so, and when you’re happy to proceed, you’ll receive a Conditional Fee Agreement (CFA) to review. In the CFA, you’ll find details of the work your solicitor will carry out and it will clearly show that:
- You won’t need to pay any upfront charges.
- No hidden charges or solicitor’s fees will be requested while the claim proceeds.
- If the claim is unsuccessful, you won’t be expected to pay solicitor’s fees at all.
If your solicitor goes on to win your case, they’ll retain a percentage of your compensation to cover their costs. This is known as a success fee which is capped by law. So you know the percentage payable in your case, the success fee will be listed clearly in the CFA.
Sue For Data Breach Compensation
If you’d like to begin a claim for a hotel data breach with Legal Expert today, here’s how to get in touch with us:
- Call us for free advice on 0800 073 8804.
- Send an email to email@example.com with details of how you’ve been affected.
- Use our live chat feature to discuss your claim with an online advisor.
- Ask for a call back from a member of our team by starting your claim online.
Additional Claim Resources
This is the final section of our guide about Marriott Hotels data breach claims so we’ve decided to provide some links to additional links and resources which should prove useful:
Marriott Hotel Accident Claims – Information on how to make a claim for injuries sustained while in a Marriott Hotel.
Data Breach Compensation – A guide which explains how to claim for different types of data breaches.
Post-Traumatic Stress Disorder Claims – Details on when you could claim compensation for PTSD.
Your Data Matters – A series of ICO guides about personal data security.
Anxiety Information – NHS advice on dealing with anxiety.
Freedom Of Information (FOI) – Guidance from the government about Freedom of Information requests.Marriott Hotels data breach
Guide by Hambridge
Edited by Billing