When it comes to the security of our online accounts, we are often at the mercy of big corporations and complex technological infrastructures.
When things go wrong, or companies are less than transparent about what they are doing with their users’ data, everyday people can be left facing serious threats to their finances and mental wellbeing.
There is, however, a movement for more accountability and making companies provide financial redress for those who are left having to deal with the fallout from cybersecurity incidents and the mishandling of their data.
Here we break down the difference between the two main claims you can make when it comes to the improper handling of your sensitive personal data.
Data breach versus data misuse
A data breach involves unauthorised access, acquisition, or exposure of sensitive data. Data breaches are becoming more and more common as cybercriminals increase their sophistication.
Over the last few years, criminal gangs have launched major attacks on all kinds of companies, organisations and state institutions, attempting to steal or hold for ransom the personal data of UK citizens.
As well as cybercriminals, data breaches also apply to companies who are themselves participating in the illegal trade of personal data. There have been suggestions that gambling companies have harvested data illegally in order to turn a profit.
Data misuse refers specifically to when data is used for purposes beyond its intended or authorised use. This includes unauthorised data sharing, when your sensitive or confidential information is accessed or disclosed without your consent. (This can include everything from photos of you and your loved ones to copies of your passport, messages on your LinkedIn, job applications and more.)
The issue of data misuse is becoming particularly hot in the context of AI. With a frenzy of development around large language models like ChatGPT and a serious lag when it comes to robust regulation, people are beginning to voice their objections to having their data used to train AI without their explicit consent.
In a nutshell, data breaches are security incidents, whereas data misuse can occur even with legitimate access to data. While these are different issues, with both data breaches and data misuse you can make a claim for redress.
Even if you haven’t incurred a financial loss, the time and inconvenience of having to reset your login details and keep a close eye on your bank statements and accounts is considered to qualify for some amount of redress.
Can I make a data misuse claim?
Microsoft and Google are the two biggest culprits when it comes to the misuse of the vast amounts of user data they hold. If you used any of these popular products, applications and services, your personal data may well have been used to train AI without your permission:
- Microsoft 365 (Outlook, Word, Excel, PowerPoint, OneDrive)
- Outlook.com (Personal and business email)
- OneDrive (Cloud storage for files and photos)
- Microsoft Teams (Chat and collaboration for work)
- Xbox Live (Gaming profiles and Game Pass account info)
- LinkedIn (Professional network)
- Skype (Messaging and calls)
- Microsoft Edge (Browser history and saved passwords)
- Google Chrome (Browser history and passwords)
- Google services (Drive, Maps, Ads, Gmail, Meet, Analytics and more)
- reCAPTCHA (Bot and spam detection system for websites)
- YouTube (Video sharing platform)
- Android Enterprise (Mobile device management and security)
Dataclaims (operated by Barings Law) offers a no-win, no-fee service for those affected by data misuse in the UK. All you need is evidence of the misuse, like an official notice or suspicious account activity.
We know that more admin is the last thing anyone needs. Dataclaims will manage the entire claim process, from document gathering and communications to court filings, and in return deduct reasonable fees only on successful cases.
Check out their website for the full list of products affected and see whether you may have been affected.
Make a data mis-use claim against Google or Microsoft
Can I make a data breach claim?
When your personal data is stolen, and then bought and sold by criminal gangs, you’re exposed to all kinds of problems, such as identity theft or fraud.
As well as the obvious financial losses, there are also all kinds of hidden costs – including sleepless nights worrying about your financial security, being targeted by aggressive marketing campaigns, and the time, energy and inconvenience of closing compromised accounts, reporting or remaining vigilant for suspicious activity.
Our recommended provider, Barings Law, is helping anyone caught up in the following data breaches:
- Gambling companies
Claiming damages with Barings Law, will save you time and energy and protect you from legal costs later on – you’ll only pay a fee if you are awarded compensation.
Make a data breach claim
There is no time like the present: while UK GDPR gives you up to 6 years to make a claim, claiming now will get your payout faster, especially while misuse of data notifications and evidence are fresh.
If you have any thoughts on this topic, or any other consumer issues you would like us to cover, feel free to get in touch with us at support@resolver.co.uk.