Huq, a location data company has experienced a data protection failure. The firm which uses location data from an individual’s phone before selling it on, has admitted that some people’s location information was gained without seeking user consent. This is a breach of the General Data Protection Regulations (GDPR).
Huq provides a range of services using “real-time footfall metrics to discover where people go and why”. In a statement, the company said it had experienced two “technical breaches” of data privacy requirements. These breaches relate to two different apps. It asserts that these issues have now been rectified. However the company – which uses third parties to create its location apps – has not ruled out other apps failing to ask for proper consent stating: “It is possible that we or our partners may uncover future technical issues, but what’s important is how quickly we act and how seriously we take the issue”.
At Keller Postman UK we would dispute this statement. When it comes to data protection regulations, all companies should be striving for prevention rather than cure. It does a disservice to those affected by GDPR breaches to make light of the failure to uphold their data protection rights.
Not just data breaches
When it comes to GDPR failures and abuses, it is not just about data breaches. Today, too many companies are failing to uphold our individual data rights in other ways.
A data breach refers to any situation where data has been put at risk. For example, when criminals break into an organisation’s systems to steal information, or more commonly, because of simple human error and poor data protection processes. A breach of the GDPR is where an organisation fails to follow the rules and regulations set out in the GDPR legislation and our Data Protection Act 2018. As well as data privacy violations, other forms of GDPR breaches happen when the rules set out in the GDPR are not adhered to.
In addition to our various data breach group actions, Keller Postman UK supports clients who have experienced a whole range of GDPR violations. For example, because of facial recognition software and algorithmic and automated decision-making processes. If you have suffered financial loss, distress or a loss of privacy caused by an organisation breaching any part of the GDPR/Data Protection Act, you have the right to claim compensation and you can contact us in confidence to discuss a claim.