A recent data breach at Volkswagen, in which data from 800,000 electric vehicles, including movement profiles and personal information, was exposed online without security, raises serious questions about the company's compliance with the General Data Protection Regulation (GDPR) and its IT security measures. A thorough investigation into the case is being called for to assert the rights of those affected.
The disclosure of location data and personal details such as email addresses and phone numbers highlights a worrying weakness in security measures. It is both legally and ethically imperative to protect such information, especially when it provides deep insights into individuals' private lives.
Support with data protection issues
We offer affected vehicle owners comprehensive support in enforcing their data protection rights. Our services include:
- Support in the deletion of personal data: We help with the claim to the “right to be forgotten” under Article 17 GDPR.
- Requests for information in accordance with Article 15 GDPR: We determine which personal data has been stored and how it has been used.
- Review of legal options: This includes examining the possibilities for a class action declaratory judgment or individual claims for damages.
- Assertion of claims for damages: In case of financial or immaterial damages caused by unprotected data publication.
Data breach at VW: Legal steps and increased security requirements
The data leak could give rise to claims against subsidiaries such as VW Financial Services and VW Bank. Volkswagen Bank GmbH is a wholly owned subsidiary of Volkswagen Financial Services AG.
The disclosure of customer data provides criminals with the opportunity to launch phishing emails or other fraudulent activities. Customers who suffer financial losses as a result may have the right to claim compensation.
The potential dangers of phishing attacks or identity theft associated with VW Financial Services and VW Bank data are serious. It is imperative that companies treat the security of customer data as a top priority.
Demand for stricter data protection standards It also calls on companies to improve data protection and IT security standards. The push toward electric vehicles and advanced connected technologies should not compromise user privacy. Manufacturers must ensure that personal data is not only collected legally but also comprehensively protected.
Need for action at the political level This incident highlights the need for strict enforcement of regulatory requirements such as the upcoming EU Data Act. Manufacturers should be expected to provide consumers with clear and secure data management. Data protection should be an integral part of modern mobility.
Free initial assessment
Those affected can contact specialist lawyers for a non-binding initial assessment of their legal options. The goal is to take the necessary steps under data protection and civil law together with the affected parties.
English 
German 
Dutch