Uber Data Breach Compensation Claims Guide
Tech companies have the same duty of care as other organisations when it comes to keeping customer information from prying eyes. If our personal data ends up in the wrong hands, it can cause serious issues which can last for a very long time. That’s why in this guide we’re going to look at claiming compensation for an Uber data breach. While our guide is in relation to Uber (and we’ll provide an example of a real data breach involving Uber data later), it could just as well apply to any other service provided via an app on your phone.
The fact that you could make a claim for a data breach is helped by the introduction of The Data Protection Act 2018 and the General Data Protection Regulation (GDPR). The idea behind these pieces of legislation is that you now have greater control over how your personal information is used by companies. Additionally, there are stricter rules which mean data needs to be stored securely at all times. Failure to do so could result in a financial fine being issued by the Information Commissioner’s Office (ICO).
If you decide that you would like to start a claim, Legal Expert can help you. Our team of specialists provide free claims advice in addition to a no-obligation review of any case. If the claim appears to be strong enough, you could be referred to a specialist solicitor who’ll act on a No Win No Fee basis if they accept it.
To find out more about how we could help you, call 0800 073 8804 today. To find out more about making a data breach claim against Uber before calling, please continue reading.
Select A Section
- A Guide To Data Protection Breach Claims Against Uber
- What Is A Data Breach Claim Against Uber?
- How Ride Share Companies Should Comply With the GDPR
- Examples Of Penalties And Fines Issued By The ICO In Regard To Uber
- Could I Report A Breach To The Information Commissioners’ Office?
- Why Victims Could Be Eligible To Seek Damages
- Calculating How Much Compensation You May Be Eligible To
- How To Claim Compensation From A Company Who Breached Your Data Privacy
- How To Find A Data Breach Solicitor For Your Case
- No Win No Fee Data Protection Breach Claims Against Uber
- Contacting A Solicitor
- Where To Learn More
A Guide To Data Protection Breach Claims Against Uber
When you download an app to your phone or visit a website online, you’re likely to be asked to grant it permission to use your personal information in various ways. While many people just click on the OK button, the authorisation is important because it means the app or website owner has met their GDPR obligations.
Essentially, the GDPR requires organisations to ask your permission before they process any personal information about you, store it or share it with others. For instance, you might need to grant Uber permission to store your email address so it can be used as a login to their services, but that doesn’t automatically grant them permission to use it for marketing purposes unless you’ve expressly agreed to that. The most important part of this is that what you say goes. If a company fails to comply with your preferences, then you could be entitled to start a claim against them.
To make an Uber data breach claim, you will need to comply with the relevant time limits. In general, there’s a 6-year limitation period. However, this might be as low as 1-year if the claim relates to your human rights. We advise you to start as early as you can because it’s much easier to remember what happened earlier on. In the same way, your solicitor will likely find it useful to start early as it will make gathering evidence easier.
What Is A Data Breach Claim Against Uber?
Data breaches can involve physical pieces of documentation as well as data held on computer systems, but the latter is more likely for tech firms. The GDPR defines a personal data breach as a lapse in security which means your personal information is accessed, destroyed, lost, altered or disclosed by means that you’ve not previously agreed to.
The reason for the breach can range from accidents to permanent or illegal acts. However, what causes them doesn’t necessarily matter – the ICO could still issue fines running to millions of pounds in cases that have the potential to cause serious harm.
If data about you is leaked, the company responsible has to tell you when the breach happened. They also need to inform you about how it happened and what data was accessed.
How Ride Share Companies Should Comply With the GDPR
Companies like Uber are usually defined as data controllers in the eyes of the GDPR and you are the data subject. The data controller is the organisation who needs to explain why your data is required and how it will be processed. In line with the GDPR, controllers need to show compliance with the following data processing principles:
- All data processing should be in line with the law, fair and transparent.
- The data subject i.e. you, must be told why their data needs to be legitimately processed.
- Only a minimum amount of data should be collected.
- Personal data which is stored should be kept up to date.
- Any processing of personal information needs to be confidential and secure.
- Data should only be retained for as long as is necessary.
Examples Of Penalties And Fines Issued By The ICO In Regard To Uber
Now we’re going to look at a real scenario where an Uber data breach led to a £385,000 fine. The financial penalty was issued because Uber failed to secure the personal information of its customers during a cyber attack.
The ICO investigation found that there was a series of security flaws which meant the records of around 2.7 million UK customers could be downloaded by criminals via a cloud-based storage system. Also, a further 82,000 records of Uber drivers were downloaded in the attack.
The information included names, email addresses, phone numbers, journey dates and driver pay details. However, and importantly, Uber failed to highlight the breach to its customers and drivers. Instead, they went on to pay the hackers $100,000 to destroy all of the records they’d obtained.
The ICO found that the breach had the potential to put customers and drivers at increased risk of fraud.
How A Ride Share Company Should Protect Your Personal Data
There are many different scenarios where a data breach containing your personal information could occur. We can’t include them all here, but the list below contains a few examples:
- If computer systems are hacked and personally identifiable information is leaked such as payment details or travel times and destinations.
- Where a text message intended for you (which contains content that could identify you) is sent to the wrong customer.
- Where a driver writes down times, dates and names on a piece of paper and leaves them on display for other passengers to see.
As we say, there are many different scenarios that could cause a data breach to happen. We could help in any scenario where an Uber data security breach has caused you to suffer. Please let us know what happened and one of our advisors will review your claim options with you.
Could I Report A Breach To The Information Commissioners’ Office?
In the very first section of this article, we explained that the ICO can step in to investigate data protection issues and issue substantial fines to companies who have been found to have broken the law. Before you can ask them to investigate an Uber data breach though, you will need to complain to the taxi firm directly first.
Once you’ve received a formal reply and escalated the complaint, where necessary, if you are not happy with the outcome you have two choices: ask the ICO to investigate or start legal proceedings for compensation against Uber.
These are two different scenarios entirely. An ICO investigation will only lead to a fine for the company you’re complaining about, and legal proceedings will mean you could be compensated and Uber won’t necessarily be fined by the ICO.
Therefore, our advice would be that if it’s been 3-months since you last heard from Uber, contact one of our advisors for a free assessment of your case. If they believe it’s viable, a solicitor could look into matters to see if a data breach claim against Uber could be established.
Why Victims Could Be Eligible To Seek Damages
Data breach claims are slightly different from other types of compensation claims. In general, settlements will be made up of two parts:
- Material damages – the part of the claim that tries to rectify any financial losses caused as a result of the data breach.
- Non-material damages aim to compensate you for any psychological harm the breach has resulted in.
A thorough assessment of your claim is required because there may be some future impact on top of the suffering you’ve already incurred. As you can only make one claim, your solicitor will therefore need to assess potential future losses before submitting your claim.
As an example, if you’ve lost money already because of the data breach, your solicitor will claim the value of that loss. However, in cases of identity theft, for instance, they’ll look at whether there will be any long-term effect on your credit file which could mean you struggle with a credit card, loan or mortgage applications for years to come.
Similarly, when claiming psychological damages, your solicitor will consider, with the help of medical specialists, whether you’ll continue to suffer in the future. They’ll look at whether conditions like anxiety or Post-Traumatic Stress Disorder (PTSD) might affect your ability to cope with life moving forward and if they will cause relationship problems with your friends, family or colleagues.
The complexity of this type of claim is one of the main reasons we’d suggest you hire a specialist to help you prepare your case. If you approach Legal Expert and your case is accepted, one of our solicitors will work through your claim step by step with you try and ensure you don’t miss out on any compensation you might be entitled to. Please call today if you require further information.
Calculating How Much Compensation You May Be Eligible To
Obviously, if you are considering making a data breach claim, you’ll probably want to know how much compensation you might be entitled to. Well, we can’t tell you exactly what your case might be worth as each claim is unique. However, we have provided a detailed compensation table below with figures taken from the Judicial College Guidelines (JCG). The JCG is referred to by courts and lawyers when assessing personal injury compensation settlements.
The table is relevant because judges at a Court of Appeal hearing, Vidal-Hall and others v Google Inc , decided that any compensation for the psychological harm caused by data breaches should be made in line with personal injury law. Furthermore, they decided that you are able to claim psychological damages even if you’ve not suffered any financial losses, which was a big change in the world of data breach claims.
|Claim Type||Severity||Compensation||Additional Details|
|Psychiatric Damage||Severe||£51,460 to £108,620||When considering psychiatric damage, the following are considered: the claimant's ability to cope with work, life or education; the effect on their relationships; whether treatment will help; the prognosis. In this category, serious problems will exist will all factors leading to a very poor prognosis.|
|Psychiatric Damage||Less Severe||Up to £5,500||This category will consider the length of time the victim suffered and how long daily activities or sleep were affected.|
|PTSD||Severe||£56,180 to £94,570||This category is for where the PTSD symptoms are permanent and so severe that the victim won't be able to function anywhere near previous levels or return to work. All aspects of life will be affected.|
|Post-Traumatic Stress Disorder||Less Severe||£3,710 to £7,680||This category is for where PTSD symptoms have all but gone over a period of 1 to 2-years. Any ongoing problems will be minor|
What’s important here is the severity of any injuries you’re claiming for as that’s what settlements are based on. Therefore, your solicitor will arrange for you to visit a local medical expert as part of your claim. A specialist will review your symptoms, ask several questions and refer to your medical records. Once the assessment is over, they will produce a report with all of their findings and send it to your solicitor.
How To Claim Compensation From A Company Who Breached Your Data Privacy
OK, as mentioned earlier, if you want to begin your own legal action against Uber following a data breach, you’ll need to start by raising a complaint with them first because the ICO won’t investigate otherwise. Once you receive a formal answer from Uber you can decide whether to accept their findings or take things further.
When 3-months have passed since your last meaningful communication with the company, you might want to seek legal representation to help you begin a compensation claim. If the solicitor agrees your claim is strong enough, they’ll review everything with you and decide whether they can try and reach a settlement on your behalf directly with Uber’s legal team or whether they’ll need you to request an ICO investigation prior to lodging a claim.
You can ask one of our advisors to review your claim for free and, if it appears to have a reasonable chance of success, they could refer you to one of our solicitors who’ll conduct a more in-depth analysis of what’s happened for free. If they decide to help you with your claim, all of the work they carry out for you will be on a No Win No Fee basis.
How To Find A Data Breach Solicitor For Your Case
When you decide you want to make a claim for an Uber data breach, the first thing you might want to do is find a suitable solicitor. You might think all you have to do is find the most local law firm, read solicitor reviews or ask a friend for a recommendation. The only problem with those steps, which might work out alright, is that they could be time-consuming.
We think you’ll find it much easier to call one of our advisors for a free assessment of your case. If it’s strong enough, you could be connected with one of our data breach solicitors. Our team have been representing our clients for decades in all sorts of cases. If you do work with us, your solicitor will provide you with regular updates and be a point of contact if you have any questions or need any legal jargon explaining. They will also work tirelessly to try and make sure that you receive the correct amount of compensation for your case.
If you’re still unsure, why not check out some of our reviews by clicking here?
No Win No Fee Data Protection Breach Claims Against Uber
Whenever we discuss data breach claims with potential claimants, one of the main reasons for concern is how much it will cost to hire proper legal representation. To remove that worry and alleviate as much financial risk as possible, our team of specialist solicitors work on a No Win No Fee basis for any claim they agree to work on.
In the first instance, the solicitor will look at your claim to ensure it is strong enough. If they decide to take the claim on, and you’re happy to proceed, you’ll receive a Conditional Fee Agreement (CFA) to review and sign. This contract will tell you what work the solicitor will carry out for you and it will also tell you that:
- No upfront fees are required for the claim to begin.
- You won’t be asked for solicitor’s fees (or hidden charges) to be paid while the case continues.
- You’ll not have to pay any of your solicitor’s fees if the case is lost.
If your claim is won and compensation is received, your solicitor will keep a small percentage to cover their costs. This is called a success fee which is legally capped for your peace of mind. So that you know what percentage you’ll pay from the start of your claim, your success fee is clearly indicated in your CFA.
Contacting A Solicitor
You’ve now completed this guide about seeking compensation for an Uber data breach. If you’d like Legal Expert to help you with your claim, you can get in touch using any of the following methods:
- Call an experienced advisor for free support on 0800 073 8804.
- Email details of your claim to email@example.com.
- Ask an advisor for free advice on our live chat function.
- Request a call back by starting an online claim.
Where To Learn More
Thanks for reading our guide about making an Uber data breach claim. Legal Expert is here to help you with all sorts of compensation claims so we’ve linked to some more of our guides below as well as some useful external resources relating to data breaches.
Report A Data Breach – Information from the ICO on the process you should follow to report a data breach to them.
Help With Stress – Guidance from the NHS on where you can turn to for help managing stress.
The National Cyber Security Centre – The government department responsible for making the UK safe online.
Taxi Accident Claims – Information on how to claim compensation for accidents involving Taxis.
Local Council Data Breaches – This guide looks at when you might be able to claim for the harm caused by a local authority data breach.
Supermarket Accident Compensation – Advice on claiming for injuries sustained during an accident in a supermarket.
Other Useful Compensation Guides
- Marriott International Hotels Data Breach Compensation Claims
- BUPA Healthcare Data Breach Compensation Claims
- Can I Get Compensation for Loss of Medical Records?
- Equifax Data Breach Compensation Claims
- Three Data Breach Compensation Claims
- QuickQuid Data Breach Compensation Claims
- Superdrug Pharmacy Data Breach Compensation Claims
- Derby City Council Data Breach Compensation Claims
- University Of Derby Data Breach Compensation Claims
- Bolton Council Data Breach Claims
- Data Breach By Stoke-On-Trent City Council Compensation Claims
- Data Breaches At Sefton Council Compensation Claims
- Leicester City Council Data Breach Compensation Claims
- Nottingham City Council Data Breach Compensation Claims
- Nottingham Trent University Data Breach Compensation Claims
- Doncaster Council Data Breach Compensation Claims
- Swansea University Data Breach Compensation Claims
- University of Bolton Data Breach Compensation Claims
- University Of Leicester Data Breach Compensation Claims
- Bristol County Council Data Breach Compensation Claims
- Ticketmaster Data Breach Compensation Claims
Guide by Hambridge
Edited by Billing