GDPR bites, and BA is the first victim

Author: Jimmie Franklin | Published: 11 Jul 2019

With GDPR recently celebrating its first birthday, it seems that it has begun to offer grit to regulators.

Subsequent to an investigation, the Information Commissioner’s Officer (ICO) has issued a notice of its intention to fine British Airways (BA) £183.39 million for infringements of the General Data Protection Regulation (GDPR). A day later news surfaced that a fine of £99 million was being issued to Marriott International.

Information commissioner, Elizabeth Denham, said in a statement, "People’s personal data is just that – personal".

She continued: "When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience. That’s why the law is clear – when you are entrusted with personal data you must look after it. Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights."

Eduardo Ustaran, global co-head...