The Times - 8 July 2019
The record £183.4 million fine faces by British Airways will come as a huge shock to businesses and force them to put date protection at the top of their agendas, lawyers say.
The Information Commissioner's Office (ICO) announced its intention to fine the airline over the theft of the personal data of 500,000 of its customers after a computer hack last year.
The fine is the biggest handed out by the ICO after the General Data Protection Regulation (GDPR) came into force last year, allowing for fines of up to 4 per cent of annual turnover.
It represents 1.5 per cent of BA's turnover in 2017 and far surpasses the previous record of £500,000, which facebook was ordered to pay as a result of the Cambridge Analytica data scandal, which covered events that happened before GDPR came into force.
Raoul Parekh, a partner at GQ Littler, said: "The first GDPR fine is the display of shock and awe that many feared. Politicians and pressure groups have been lobbying for heavy penalities and it seems [the ICO has] listened."
He added that the fine would force businesses to take GDPR seriously.
"British Airways has acted very responsibily since the breach was discovered, notifying the ICO and co-operating with the regulator to fix the issues and repair the damage. For the ICO, though, businesses need prevention and not just cure if they are to avoid fines," he said.
You can read the full article here. (Please note this publication requires a paid subscription)