When social media companies are processing the personal data of UK residents they must adhere to the UK GDPR. There are two pieces of legislation designed to outline the responsibilities of certain parties called data controllers and processors. These are the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR).
Controllers (those responsible for setting the means and purpose for processing personal data) and processors (those responsible for acting on the controller’s instructions) must adhere to these data protection laws. In this guide, we explore how a breach of these laws could pose a risk to the personal data stored and processed by social media companies.
Additionally, we provide an overview of the eligibility requirements for starting a data breach claim, the evidence you could gather, and the ways a solicitor could assist you in seeking compensation.
To learn more, you can:
How Can Personal Data Be Shared On Social Media Platforms?
When a new user signs up to a social media platform, they often do so using their personal data. Personal data is any data that can be used to identify a person as the data subject, such as their name, email address, and phone number.
Signing up to a social media platform adds to a data subject’s digital footprint. This is data that is left behind when using a digital service. It can also include information that is posted about someone on a digital forum, such as a social network. This is one of the ways personal data can be shared on social media.
What are the possible threats and risks to privacy on social media?
In addition to personal data about the data subject shared by others, social media websites may collect personal data and sell this to a third party.
Any of this personal data is at risk from cybercriminals, such as hackers, even if you have the tightest privacy settings on your accounts. You could also be deceived into handing over your personal data, such as through phishing. In doing so, it could cause you financial loss or emotional distress.
How can you protect your data on social media?
Steps you can take to protect your personal data include regularly checking security settings to ensure that you are using the tightest possible. For example, having your social media accounts set to friends and family only, or ensuring two-factor authentication for when you log in to your online accounts.
Additionally, only share necessary personal data with social media companies. For example, you may not be required to enter your phone number to access the network.
What Impact Could Social Media Data Breaches Have?
With the amount of personal data that social media companies process about individual data subjects, a breach could result in stress as well as financial hardships. For example, some social media companies hold users’ banking details, which could be compromised due to a data breach.
Can You Claim Compensation For A Data Breach Over Social Media?
If your personal data was breached by a social media company, you must meet the criteria set under Article 82 of the UK GDPR in order to claim compensation. You must be able to prove that:
- The data controller or processor failed to adhere to the data protection legislation.
- Your personal data was compromised in the breach.
- You experienced either financial or mental harm, or both, due to your personal data’s compromise.
What Evidence Can Help Data Breach Claims?
In order to make a claim under the UK GDPR, you must have supporting evidence that shows the harm you suffered as well as liability. Examples of evidence that could be helpful in a data breach claim include:
- Your medical records if you are claiming for psychological suffering.
- Copies of your bank statements or credit reports to prove financial harm.
- A letter of notification. This will be sent to you by the social media company without undue delay if the breach could impact your rights and freedoms.
- Confirmation from the Information Commissioner’s Office (ICO) of the breach. The company needs to report any notifiable breaches to the ICO within 72 hours. The ICO upholds data protection rights for UK residents.
Make A No Win No Fee Claim Today
If you are entitled to seek compensation because a social media company breached your personal data, you could seek the support of a legal representative. One of our solicitors, who has experience handling data breach claims, could help.
Their services are typically provided in a No Win No Fee capacity by offering you a contract called a Conditional Fee Agreement (CFA). As per the terms of this contract, you usually won’t face a charge upfront or be expected to pay ongoing fees towards your solicitor’s services or their work on your case. Your solicitor will take a success fee from your award if your claim has a successful outcome. The success fee is taken as a legally capped percentage. If your claim outcome isn’t positive, you won’t be expected to pay this fee.
To find out more, you can: