British Airways to be fined a record £183 million for data breach
The Information Commissioner’s Office (ICO) has published its intention to fine British Airways £183.39 million under the General Data Protection Regulation (GDPR) for serious breach of data protection.
This fine is significant as this is the largest fine the ICO has ever issued; under the preceding Data Protection Act 1998, the maximum fine the ICO was able to issue was £500,000. This is also the first major monetary penalty to be issued under GDPR.
Under the new rules introduced last year by GDPR, the ICO can now issue fines up to a maximum of 4% of the annual worldwide turnover. This fine is a significant amount and represents 1.5% of British Airways worldwide turnover in 2017.
The fine relates to a cyber attack of British Airways’ website whereby attackers were able to direct visitors to a fraudulent website and obtain personal data. The incident reportedly began in June 2018 and affected around 500,000 individuals. Attackers were able to access personal data relating to names, email addresses, log-in details and card payment details.
It is important to note that the ICO has not yet fined British Airways; it has only made public that it intends to fine this amount. British Airways will have around a month to submit its representations, however it will be interesting to see what factors the ICO takes into consideration when arriving at the final penalty for the first major monetary fine to be issued so far under GDPR. This announcement also acts as a reminder to organisations to ensure they have adequate security measures in place when handling personal data.
Google hit with largest GDPR fine of £44 million
Earlier this year, Google was fined £44 million (50 million euros) by the French data regulator for breaching the data protection rules under GDPR. To date, this is the largest fine issued since GDPR came into force.
Facebook and others lose $500 million virtual reality headset case
A US Court has recently ordered social media site Facebook, virtual reality headset developer Oculus, the co-founder of Oculus and the former CEO of Oculus to pay Zenimax Media Inc $500 million after finding the defendants unlawfully used virtual reality technology belonging to Zenimax and the co-founder of Oculus broke a confidentiality agreement with Zenimax.
Changes to Anti-Money Laundering Regulations may soon affect online lettings businesses
There are an increasing number of businesses solely providing lettings services via online platforms and apps. Businesses purely providing lettings services should be aware the Government recently underwent a consultation in relation to the proposed Fourth Money Laundering Directive which when introduced as legislation will change how lettings agents currently carry out and assess anti-money laundering checks on landlords and tenants.