As Victoria Leigh and Katherine Wakeham explain in a post covering recent developments in the UK concerning data incidents, “[o]ver the past few years, there has been an increasing number of claims against businesses and public bodies for distress caused by data breaches. The pattern is, by now, a familiar one. A claimant will make a claim for breach of data protection legislation, seeking damages at a relatively low value for the distress and anxiety they say has been caused by the data breach. This claim will be accompanied by claims for one or more of: misuse of private information, breach of confidence and negligence. Added on to the damages claimed will be the legal costs of the claimant’s lawyers, together with the after-the-event (“ATE”) insurance premium for the policy the claimant will have procured to bring a privacy claim. As a result, the defendant is faced with a difficult decision – pay over the odds for a claim where the claimant has suffered no financial loss, or fight litigation with the risk of mounting costs on both sides if the decision goes against them.”