GDPR and data breaches—staying compliant

GDPR and data breaches—staying compliant

Last year saw the Information Commissioner’s Office hand out more than just a ‘slap on the wrist’ with companies such as Facebook and Equifax receiving fines of up to £500,000 for data breaches. However, earlier this week, both British Airways and Marriott International received proposed fines of £184m ($230m) and £99m ($125m) respectively, following the introduction of the EU’s General Data Protection Regulation (GDPR) in May 2018.

Prior to May 2018, the UK followed the Data Protection Act 1998, in which the maximum fine equalled £500,000. But with the introduction of the GDPR companies can now be liable to pay penalties of up to 4% of their turnover.

The data protection breaches

The large fines have been proposed for the following:

  • British Airways experienced breaches in September/October 2018 which enabled attackers to re-route customers into a fraudulent website, subsequently exposing the personal details of 500,000 customers
  • Marriott International’s failed to stop a breach which spanned over four years, exposing approximately million customer records from across the globe

Although the announced fines are only proposed and not final, they act as a stark reminder and lesson to companies to not only ensure they are data com

Subscription Form

Related Articles:
Latest Articles:

Already a subscriber? Login
RELX (UK) Limited, trading as LexisNexis, and our LexisNexis Legal & Professional group companies will contact you to confirm your email address. You can manage your communication preferences via our Preference Centre. You can learn more about how we handle your personal data and your rights by reviewing our  Privacy Policy.

Access this article and thousands of others like it free by subscribing to our blog.

Read full article

Already a subscriber? Login

About the author:

Hannah is one of the Future of Law blog’s digital and technical editors. She graduated from Northumbria University with a degree in History and Politics and previously freelanced for News UK, before working as a senior news editor for LexisNexis.