Data Protection Breach Cases Set To Soar With GDPR Introduction

Litigation related to IT security breaches and data protection issues are expected to see major increases over the next five years due to technical changes and the introduction of new privacy rules.

A survey of 340 legal specialists carried out by law firm Pinsent Masons and the School of International Arbitration at Queen Mary University of London found that respondents expected data or system security breaches to represent the biggest increase in TMT (telecoms, media and technology) disputes during the period, rising 191 percent, while disputes related to data protection and privacy were expected to rise 104 percent.

Data issues

TMT disputes include conflicts experienced by a company in any sector that arise from communications or technology issues, and are increasingly widespread as a broader array of organisations employ technology to carry out their affairs, the study found.

The most common TMT disputes over the past five years have related to intellectual property issues, with 50 percent of respondents saying they had encountered them, while only 13 percent said they had encountered data protection disputes, falling to nine percent for data or system security breach cases.

But respondents expected both issues to become much more prevalent in the future, with 80 percent saying they were either “very likely” or “somewhat likely” to encounter data protection disputes in the next five years, and 79 percent saying they expect to be involved in security breach cases.

“Clearly, these issues are troubling both suppliers and users of technology,” the report’s authors wrote. “They are a significant risk area, which will need to be managed and mitigated in the future.”

Internal threat

The figures suggest that focusing on repelling external attacks might not be enough to deal with data breaches, since they were most often caused by employee action; 37 percent said this was a “very common” cause, compared to only 22 percent for malicious third parties.

“These results indicate that human risk represents the most common cause of data breaches, significantly more than system failures,” the report said. “While malicious third party attacks and disputes related to regulatory investigations are less common, the potential reputational and financial damage may be very significant for a business.”

The EU’s General Data Protection Regulation (GDPR), set to apply beginning in May 2018, means the expectation of significantly more data-protection cases is justified, according to David McIlwaine, dispute resolution partner at Pinsent Masons.

He said such issues can affect organisations financially as well as causing reputation damage, as was seen in the breach of telecoms provider TalkTalk last year.

“In an increasingly connected world, information and data is a highly valuable commodity,” said the report. “With this comes risk: data is an increasingly common cause of TMT disputes.”

Why not test your knowledge of European tech pioneers and the EU’s contribution to the industry?Try our quiz!