British Airways to be fined a record £183 million for data breach
The Information Commissioner’s Office (ICO) has published its intention to fine British Airways £183.39 million under the General Data Protection Regulation (GDPR) for serious breach of data protection.
This fine is significant as this is the largest fine the ICO has ever issued; under the preceding Data Protection Act 1998, the maximum fine the ICO was able to issue was £500,000. This is also the first major monetary penalty to be issued under GDPR.
Under the new rules introduced last year by GDPR, the ICO can now issue fines up to a maximum of 4% of the annual worldwide turnover. This fine is a significant amount and represents 1.5% of British Airways worldwide turnover in 2017.
The fine relates to a cyber attack of British Airways’ website whereby attackers were able to direct visitors to a fraudulent website and obtain personal data. The incident reportedly began in June 2018 and affected around 500,000 individuals. Attackers were able to access personal data relating to names, email addresses, log-in details and card payment details.
It is important to note that the ICO has not yet fined British Airways; it has only made public that it intends to fine this amount. British Airways will have around a month to submit its representations, however it will be interesting to see what factors the ICO takes into consideration when arriving at the final penalty for the first major monetary fine to be issued so far under GDPR. This announcement also acts as a reminder to organisations to ensure they have adequate security measures in place when handling personal data.
Scaling Up for Success
Moore Blatch has recently partnered with Smith & Williamson to deliver a series of four Scaling up for Success seminars in 2019 to help founders and senior management teams in businesses that have an ambition to grow and ‘scale up’.
Ensuring distribution agreements comply with UK and EU competition law
UK and EU competition law prohibits anti-competitive agreements between businesses. There are heavy penalties for infringements. When setting up a distribution network, whatever the size, status or sector of your business, it is important to be aware of the main competition rules.
Tech update – Spring Summer 2019
Welcome to the Spring/Summer technology update, where we provide you with the latest information in the technology sector about key issues affecting you and your businesses.
Can we sue our new robot overlords? – The rise in AI and legal liability
The rapid development of artificial intelligence (AI) and machine learning applications is seeing exciting new technologies being introduced to the market across a wide variety of sectors.
Getting out of onerous contracts – The Brexit effect
Whatever your views on Brexit, the ongoing saga is recognised in many quarters as being bad for UK Plc due to great uncertainty as to whether Brexit will actually take place, and if so, on what terms the UK will leave the EU.
Google hit with largest GDPR fine of £44 million
Earlier this year, Google was fined £44 million (50 million euros) by the French data regulator for breaching the data protection rules under GDPR. To date, this is the largest fine issued since GDPR came into force.
Moore Blatch advises Crave Interactive Limited on its investment from Thailand’s True Corporation
Moore Blatch has advised Crave Interactive, the world-leading developer of cloud-based digital guest service solutions for hotels, on its major investment by True Corporation, Thailand’s leading telecommunications provider.
The deal provides a majority investment from True Digital & Media Platform Company Limited, a wholly owned subsidiary of True Corporation Public Company Limited. The investment will help to drive an innovative rental model that will accelerate the adoption of digital guest service solutions to replace antiquated paper solutions in hotels.
Crave will be making a significant investment into the Asia Pacific market, and will be leveraging synergies with True’s technology, market positioning and partnerships in the region. It will also invest further across the Americas and Europe, where it is already well-established as an industry leader.
Gareth Hughes, CEO at Crave Interactive, commented: “
We see incredible opportunities in the convergence of voice, entertainment, communication and smart controls to develop solutions that delight guests and help hotels deliver top-class services”. Hughes continues: “
We were delighted with the support provided by Jeremy, Hayleigh and the rest of the Moore Blatch team – they did a superb job by helping us overcome numerous obstacles to get the deal over the line”.
Commenting on the deal,
Jeremy Over, Partner at Moore Blatch, said: “
We are thrilled to have been involved in this deal, which sees Crave Interactive poised for a truly exciting phase of growth. We wish the team at Crave and True Corporation every success for the future.”
The team at Moore Blatch was led by
Jeremy Over (Partner) and also included
Hayleigh Sears (Solicitor),
Cherie Lawson (Paralegal, Corporate),
Samantha Grose (Trainee Solicitor, Corporate),
Charlotte Boatman (Trainee Solicitor, Corporate),
Dorothy Agnew (Partner, Commercial),
Katherine Maxwell (Partner, Employment),
Emma Edis (Associate, Employment) and
Rachael Kelly (Solicitor, Commercial Property).
True Corporation was advised by Linklaters.
Data breaches by rogue employees – employers still liable: Vicarious liability applies
The Court of Appeal recently upheld a decision of the High Court that found Morrisons Supermarkets vicariously liable for the malicious and criminal actions of a rogue employee who intentionally damaged Morrison’s reputation by misusing the personal data of almost 100,000 Morrison employees.