You are currently viewing How Does Compensation for Data Breaches in India Compare to the UK?

How Does Compensation for Data Breaches in India Compare to the UK?

In this article, we’re looking at how compensation for data breaches in India compares to that of the United Kingdom. 

Data collection and analysis can be extremely valuable for a business. Companies around the world use data as a valuable tool to learn more about their customer behaviours and their competitors.

As useful as this is, it can be catastrophic if data falls into the wrong hands and compensation for data breaches can run into the millions. In this article, we’re sharing our comparison of compensation for data breaches in India compared to the UK.

What Counts as a Data Breach?

As we’ve mentioned, businesses across the globe collect and analyse data to learn more about their customers and competitors in order to grow and develop. As such, any business which collates data has a legal duty to store and share it securely to stop it falling into the wrong hands.

A data breach occurs when data is accessed by unauthorized persons either accidentally or through a cyber attack such as phishing.

When this occurs, it can mean that sensitive company information as well as the personal details of customers and employees – such as contact details and financial information – is compromised.

Businesses found to have allowed a data breach may face legal action and hefty penalties in order to compensate their victims.

Data Breaches in the United Kingdom

Governance

Data security in the UK is governed by the GDPR (General Data Protection Regulation). Introduced in 2018, the GDPR was designed to create a standard for data security across the EU and is enforced by the Information Commissioner’s office (ICO) in order to protect data integrity.

Compensation

Under GDPR rules, data breaches are taken extremely seriously and, as such, companies can face some pretty hefty penalties. In the UK, severe violations of GDPR rules can result in a whopping 20 million Euro fine or up to 4% of the previous year’s total global turnover.

To date, the largest penalty imposed under GDPR was 1.2 billion Euros – a dubious honour held by Facebook’s owner, Meta.

Where to Get Support

In the UK, you may be able to claim compensation from a company or organisation for a data breach if you have suffered material damage (losing money) or non-material damage (you have suffered distress).

In the first instance, you should contact the company directly and request a compensation payment. If this is unsuccessful, you may want to consider hiring the services of a specialist solicitor to fight your corner.

Data Breaches in India

Governance

Data security in India is presided over by the brand spanking new Digital Personal Data Protection Act of India (DPDP) which was published in August of this year. As with the GDPR, this Act has been introduced to hold businesses accountable for the data that they collect and store and to protect the fundamental right to privacy enjoyed by Indian people.

Compensation

As with the UK, businesses and organisations (including schools and academic institutions) in India can face some pretty stiff penalties when a data breach occurs.

Penalties for violations of the DPDP in India can run to 2.5 billion rupees (27,415,900.00 Euros). It’s thought that the biggest data breach in history occurred when the Covid-19 details of 815 million Indian people were accessed by a hacker – however, there are no records of huge fines to particular companies.

Where to Get Support

Indian citizens may be entitled to financial compensation in the event of a data breach and the first step is to contact the company involved. Before doing this, you will need to make sure that you have all the evidentiary information available to help you state your case.

If your request is ignored or declined, you may need to hire a lawyer to make a legal claim for compensation on your behalf.

Differences in Data Breaches in India Compared to the UK

Making a financial like for like comparison between companies is always tricky as there are vastly different economies and legalities to take into account. In examining the facts, both India and the United Kingdom take data protection extremely seriously and have recently joined or introduced a governing body to help to regulate this.

In terms of financial penalties and compensation, both countries are fairly evenly matched. Additionally, both the UK and India are extremely proactive in investigating breaches. The one difference may be that Indian people may find it more difficult to claim for compensation than in the UK due to the cost of legal representation which, for many, is prohibitive.

Getting the right support for a data breach

Wherever you live, falling victim to a data breach can have a number of consequences including financial losses, identity theft and more. Should you feel that your personal data may have been compromised, it’s important to act quickly.

As well as contacting the company and a solicitor, you should also change your online passwords immediately. You may also need to contact your bank and other financial organisations to make them aware of the situation in order to minimize losses.