Editorial: Ecclesiastical abuse survivor data breach raises quantum questions

Why data breach settlement should give the market pause for thought

Editorial: Ecclesiastical abuse survivor data breach raises quantum questions

Columns

By Jen Frost

Campaigners will tell you that Ecclesiastical has a difficult past where it comes to dealing with child sexual abuse (CSA) claimants – and it’s not alone among insurers, if the ream of recommendations made by a government sanctioned inquiry in 2019 is anything to go by.

Insurance Business revealed two weeks ago that the insurer is set to pay out £30,000 to a former church abuse claimant. The uncomfortable sting in the tail, though, is that the settlement is not for the abuse he experienced, but for a data breach that saw it share the survivor’s full name on its website 14 times.

In what must feel like an incredibly topsy turvy situation, the man known as Gilo will take home thousands more pounds for the data breach than he did for his abuse claim (for which Ecclesiastical was the insurer) – and, as part of his compensatory package, has also secured mediation with the insurer on how it responded to a review of his abuse by a senior church figure in the 1970s.

Something about this does not sit right with Gilo, a co-creator of safeguarding campaign platform House of Survivors, who labelled abuse settlements “derisory” – and surely he’s not the only one.

So just how does a claimant end up receiving more for a data breach claim than for being sexually abused as a minor?

Abuse damages can vary widely and where a settlement is made this will often be a private matter. There is growing sentiment that it is best to settle CSA claims early – not just to save on legal costs, but (vitally) to attempt to limit the amount of distress caused to an abuse victim or survivor. Of course, not everyone wants to settle and cases do hit the courts with mixed results.

In recent years we’ve seen some UK court payouts top £1 million – in other cases damages may be in the thousands or tens of thousands. In some cases, where liability is not proven or the judge is not satisfied there is enough evidence, claimants do go home with nothing.

Often the big payouts in non-recent CSA cases are not necessarily for the direct impact of psychological or psychiatric damages. Instead, these stem from additional moneys sought for loss of earnings and the cost of ongoing treatment, particularly where a survivor may have held down a well-paying job before the trauma re-reared its head.

This year, for the first time, the Judicial College Guidelines for the Assessment of Damages in Personal Injury Cases (the go-to guide for injury awards in England and Wales) were updated to give sexual abuse its own sub-category, with awards for psychological damages now higher than for non-sexual abuse cases.

“There were strong arguments for creating such a sub-​category given the particular features which often arise in such cases: breach of trust; the inability to form or maintain emotional and sexual relationships; the impact of the abuse upon education; and the effect on the victim of the, often, long interval before the fact of the abuse being reported,” Christina Lambert wrote in her foreword to the latest edition.

As per the guidelines, a survivor that has experienced “severe” abuse with long lasting consequences might expect to receive up to £120,000 while for someone who has experienced short-lived abuse with few “aggravating features” where the prognosis for recovery is very good then this could be as low as £9,730 – less than a third of what Gilo secured in his data breach claim.

This is an emotive topic – and survivors and victims may well feel recourse to argue that all abuse has a severe impact. Can you blame them?

However, it must be noted that the data breach incident in Gilo’s case is very unusual. The insurance industry reports a catalogue of potential data breaches to the Information Commissioner’s Office every year – and many require no action or further investigation.

But in revealing Gilo’s identity, Ecclesiastical breached his right to anonymity and publicly tied him to the abuse with the knowledge that the media was watching. The act seems unlikely to be deliberate, as the insurer had made a botched attempt to redact the document published on its website, but nevertheless the harmful impact of it cannot be understated.

This sheds some light on why Ecclesiastical agreed to pay such a hefty price – the error had the potential to cause a vast amount of emotional distress, and £30,000 is towards the upper end of the scale that you might expect to see from a data breach pay out.

Still – is it fair and just that Gilo took home more for Ecclesiastical’s error than the original alleged “sadistic” assault on him as a teenager at the hands of a senior church figure?

I’ll leave that question to you, and the legal experts, to chew over.

Support is available if you have been affected by this article:
https://www.thesurvivorstrust.org/find-support

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!