The data breach forest: Identifying all the trees
Robert Waixel reports on a panel discussion on issues and remedies following a data breach.
A session at the Privacy Laws & Business 32nd Annual Conference, at St. John’s College, Cambridge, July 2019 focused on practical insights into data breach workstreams – other than notification – and how they all interacted with each other. The panel consisted of Carl Blake, Legal Director at BUPA Global, Ioan Peters, Associate MD for Incident Response, Kroll, and Richard Jeens, Partner at Slaughter and May.
Jeens advised that injunctions were a useful part of a data breach toolkit. They could be used at a very early stage of a data breach incident, if appropriate. A Court Order or injunction can be very powerful and deployed very rapidly (24/7 in the UK). An Order can be obtained, at the Court’s discretion, for example, to stop people taking or distributing your data, or to stop someone who is receiving your data (such as a newspaper, other media or a competitor) using or exploiting it.