Insights

Articles

Home / Insights / Articles / Debunking Data Protection: What Personal Data Needs Protecting?

Debunking Data Protection: What Personal Data Needs Protecting?

Posted on 1 August 2024 in Data Protection

In this new series of insights, we debunk common>the ICO reprimanded the Electoral Commission after hackers gained access to servers containing 4 million records, including names and home addresses.

· Using "CC" rather than "BCC", revealing the email addresses of recipients of emails. In April 2024 the ICO reprimanded the Central YMCA for identifying/potentially identifying individuals who were likely to be living with HIV from their email address. They were fine £7,500.

· Names and addresses of other residents made available. In April 2024 the ICO reprimanded Clyde Valley Housing Association for releasing a new customer portal where users could view the names and addresses of other residents for six days until they suspended the portal.

· Unsolicited marketing messages. In December 2023 the ICO reprimanded Daniel George Bentley, the sole trader and director of Taipan Trading Ltd as a result of him and his company sending over 2.5 million unsolicited text messages to individuals.

What are the special categories of personal>Data Protection Team can help you comply with the regulatory framework by:
· Providing advice and guidance.
· Discussing>Contact our legal experts

Jessica Whittick

Posted by
Jessica Whittick
Solicitor

Debunking Data Protection: What Personal Data Needs Protecting?

Talk to us

Name

Telephone

Nature of Enquiry

Please provide an outline of your enquiry

How did you hear about us?

By ticking this box, you agree to your information being stored and processed, to enable us to contact you in future regarding relevant services and events

I agree

By clicking ‘send enquiry’ you are giving permission for our team to get in touch with you via phone or email. For more information on how we use and store data, please refer to our privacy policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Recent cases

ICO Fine Waived After Serious Data Breach Following Cyberattack
Following an extensive data breach, our client faced a £180,000 fine by the ICO and reputational harm. Following a detailed analysis of the circumstances, Jessica swiftly challenged the penalty notice, highlighting factual errors and mitigating factors. The ICO responded by waiving the fine in its entirety.
Swift Response to Data Breach Claim
Jessica responded to an urgent claim for £40,000 for six allegations of infringement of data rights against a client in the affordable housing sector. After reviewing extensive documentation she was able, in a robust response, to clearly set out why she considered there was no legal basis for the allegations. The Claimant chose not to pursue the matter further.
ICO Complaint Resolved Without Enforcement Action
Jessica responded to an urgent ICO complaint involving a client’s delayed Subject Access request (SAR) response. After reviewing extensive documents, she submitted detailed representations which cited significant mitigating factors and improvement steps. The ICO accepted our explanation and closed the case with no further action.
Successful Result for Data Breach Client
Acted on behalf of a client who was issued with a notice of intent for over £180,000 as a result of a data breach. We sent written representations that were successful, resulting in the investigation being dropped and the fine waived in its entirety.

Latest insights

Articles

Why Organisations Must Act Now on Data Protection Compliance: Lessons from Farley v Paymaster

2 October 2025

Articles

Data Protection Complaints: Are You Ready for the New Rules?

16 September 2025

Articles

Charity Fined After Irreplaceable Records Destroyed: Lessons for Your Organisation

9 September 2025

Read All Insights

Keep up to date with our latest insights

Search site
Site search
Contact our offices
Make an enquiry
Your Name
Telephone
Email
Nature of Enquiry

Please provide an outline of your enquiry
How did you hear about us?
By ticking this box, you agree to your information being stored and processed, to enable us to contact you in future regarding relevant services and events
I agree
By clicking ‘send enquiry’ you are giving permission for our team to get in touch with you via phone or email. For more information on how we use and store data, please refer to our privacy policy
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Debunking Data Protection: What Personal Data Needs Protecting?

What are the special categories of personal>Data Protection Team can help you comply with the regulatory framework by:· Providing advice and guidance.· Discussing>Contact our legal experts Jessica Whittick Posted by Jessica Whittick Solicitor

Recent cases

ICO Fine Waived After Serious Data Breach Following Cyberattack

Swift Response to Data Breach Claim

ICO Complaint Resolved Without Enforcement Action

Successful Result for Data Breach Client

Latest insights

What are the special categories of personal>Data Protection Team can help you comply with the regulatory framework by:
· Providing advice and guidance.
· Discussing>Contact our legal experts

Jessica Whittick

Posted by
Jessica Whittick
Solicitor