Sign-up to one of our many Group Actions today - use our quick and easy form to start your claim for compensation.
This year’s anniversary of the GDPR marks the fourth year since the inception of this important piece of legislation that came into being in May 2018.
In that time, have we seen enough in the way of change? Are we now better protected, and are we now afforded greater rights? In theory, we should be – yet there have still been a number of high-profile incidents that we represent people for.
We would have expected that the fourth anniversary of the GDPR would see us in a position whereby we now experience much stronger information protection, and far fewer cyberattacks succeeding. It is important for us to talk about milestones like the anniversary of the GDPR in this context so we can try to measure how things have changed and what more needs to be done.
There can be no argument as to the importance of the GDPR. We live in a world that continues to be more and more digitised as time goes on, which is entirely expected given the way technology evolves. We live in an age where it has never been faster to be able to share information, and huge amounts of it. This will continue, so with that in mind, it must be protected at all times.
Despite this being the fourth anniversary of the GDPR, a number of large data breach incidents have taken place since its inception. This time of the year actually marks a few anniversaries of events, with one of the biggest ones being the easyJet cyberattack of May 2020. This took place two years after the inception of the GDPR and affected some 9 million people, which is incredibly concerning.
Slightly earlier was the Chums cyberattack and the PageUp data breach incident as well. There was also the major Equifax cyberattack of 2017, but this was covered under the previous data protection laws as it took place prior to the GDPR. Had it have happened just 12 months later, we could have seen a whole new level of fine issued to the credit agency.
Two substantial cyberattacks actually took place around the time the GDPR came into being as well – the British Airways data event and the Ticketmaster data breach. Both involved sustained breaches that actually crossed over the period of the start of the GDPR, which is quite alarming when you consider that 2018 was a year of big data change as everyone was preparing for the GDPR. How did such big events still take place despite the changes going on?
We represent thousands of clients engaged in actions for those breaches referenced above. One of the other major ones was the Virgin Media data leak where a database was left exposed from April 2019 – less than a year after the GDPR inception – right up until February 2020. It took a third-party security researcher to identify the issue; in the age of the GDPR, how could such a simple but catastrophic error have occurred?
As we observe the passing of the four-year anniversary of the GDPR, it is worth remembering that you have rights if your information has been misused or exposed.
The Group Action Lawyers specialise in group and multi-party cases, and a lot of the actions we represent people for are for data events. You can speak to our team here now for free, no-obligation advice about joining an action of working with us to start a new one.
The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.