header-logo header-logo

Home Login E-newsletter About us

GDPR ‘wave of litigation’

© Copyright LexisNexis 2025. All Rights Reserved.
17 November 2017
Issue: 7770 / Categories: Legal News , Data protection
printer mail-detail

Research highlights the toxic legacy of personal data

More than 80% of jurisdictions predict an increase in compensation claims for data protection breaches when the General Data Protection Regulation (GDPR) takes effect next year, research shows.

The GDPR aims to harmonise EU data protection law, and is due to come into force across all 28 EU member states on 25 May 2018. It will bring higher financial sanctions, rights to compensation and group litigation mechanisms. It will apply to EU organisations and to any organisation based outside the EU offering goods or services to EU residents.

An 18-month study by DAC Beachcroft, Personal Data: the new oil and its toxic legacy under the General Data ProtectionRegulation, looks at the potential impact. Data protection experts across all 28 EU member states were asked whether they expected data protection litigation to rise, and most respondents agreed that compensation claims would increase. Claims will be spurred on because of mandatory reporting requirements, making data breaches more public than ever before, and rights to nominate not-for-profit organisations to make claims on individuals’ behalf.

‘While the fines and penalties under the GDPR have quite rightly grabbed the headlines, what might not be appreciated is the incoming wave of litigation that organisations face if they are found to contravene the GDPR’s new rules,’ said Hans Allnutt, partner at DAC Beachcroft.

‘The GDPR looks set to bring in a whole new phase of privacy litigation. We are living in a Big Data age where personal data is often described as the “new oil” because of the ease with which it can be collected and monitised. The GDPR places control back into the hands of the individual. Those organisations that have ridden the boom and aren’t ready may be hit hard from its toxic legacy under the GDPR.’

The report states that at least half of EU member states will, for the first time, be entitled to claim compensation for personal data breaches. Moreover, fines and compensation levels vary widely between EU countries, for example, Spain fined Facebook €1,200,000 in 2017, yet some data protection authorities do not have fine-issuing authority at all.

Issue: 7770 / Categories: Legal News , Data protection
printer mail-details

MOVERS & SHAKERS

Read All
Sponsored by
Hugh James—Phil Edwards

Hugh James—Phil Edwards

Serious injury teambolstered by high-profile partner hire

Freeths—Melanie Stancliffe

Freeths—Melanie Stancliffe

Firm strengthens employment team with partner hire

DAC Beachcroft—Tim Barr

DAC Beachcroft—Tim Barr

Lawyers’ liability practice strengthened with partner appointment in London

NEWS
Read All
NLJ this week: Redrawing boundaries for fiduciary duties and motor finance claims
Ceri Morgan, knowledge counsel at Herbert Smith Freehills Kramer LLP, analyses the Supreme Court’s landmark decision in Johnson v FirstRand Bank Ltd, which reshapes the law of fiduciary relationships and common law bribery
NLJ this week: BBC’s open justice bid fails in care proceedings
The boundaries of media access in family law are scrutinised by Nicholas Dobson in NLJ this week
NLJ this week: Parliamentary privilege—shield or sword?
Reflecting on personal experience, Professor Graham Zellick KC, Senior Master of the Bench and former Reader of the Middle Temple, questions the unchecked power of parliamentary privilege
NLJ this week: Litigation funding must serve justice, not failure
Geoff Dover, managing director at Heirloom Fair Legal, sets out a blueprint for ethical litigation funding in the wake of high-profile law firm collapses
NLJ this week: AI’s digital associates reshape legal practice
James Grice, head of innovation and AI at Lawfront, explores how artificial intelligence is transforming the legal sector
Copyright © 2025 LexisNexis
back-to-top-scroll