Thank you. The Data Protection Act 1998 (DPA) outlines certain principles for data controllers to adhere to when they process an individual’s personal data. If a party has acted in contravention of the DPA, the person whose rights have been breached could potentially make a claim for damages.
The first step is to consider reporting the alleged breach to the Information Commissioner’s Office. They are the regulatory body that deals with data protection breaches and have certain powers at their disposal to deal with them. However they will not award compensation to the victim so the only way to try and do this is by going through court.
To be able to claim compensation the victim must usually show that they have suffered financial damage as a result of the breach. However, a recent ruling said that damages for distress can also be made even if no financial losses have been suffered. As this is quite a recent development the practicalities of doing so are yet to be considered.
So if there have been financial losses or just distress suffered, the case can potentially be taken to court. I would not recommend that this is done straight away and suggest trying to reach some kind of compromise with the violating party - often they may issue their own compensation to keep the person happy and avoid it being taken further. However, if that is not possible and court appears to be the only recourse then this page contains useful information on how take a claim for data protection breaches to court:
Remember that court should only be used as a last resort and assuming all other attempts to try and resolve the matter have failed.
I trust this has answered your query. Please take a second to leave a positive rating by selecting 3, 4 or 5 stars above - this is an important part of our process and recognises the time I have spent assisting you. If you still need me to clarify anything else, please reply on here and I will assist as best as I can. Thank you