Under the GDPR, a data subject can sue a data controller purely for distress caused by a breach of the GDPR.

In other words, in order to bring a claim, there is no longer a requirement for the data subject also to show they have suffered financial loss – although, if they have, this could increase the amount of damages to which they may be entitled.

There is a concern this opens up the potential for another opportunist ‘no-win, no-fee’ legal claims industry to spring up to exploit such claims.

To read the full article click here >

To check out our extensive free resources on GDPR click here >