On 16 October 2020, the Information Commissioner’s Office (ICO) released a Penalty Notice against British Airways plc.
BA failed to admit liability for breach of the General Data Protection Regulation (GDPR). However, the Penalty Notice states, ‘the Commissioner has found that BA failed to process the personal data of its customers in a manner that ensured appropriate security of the data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical and organisational measures, as required by Article 5 (1)(f) and by Article 32 GDPR.’
The amount the ICO ‘decided to impose, having taken into account a range of mitigating factors’ ‘and the impact of the Covid-19 pandemic is £20 million.’
It has recently been reported (13 January 2021) that British Airways is now facing a possible £800 million lawsuit over its data breach in 2018. The breach revealed personal details of more than 400,000 of its customers. More than 16,000 people have so far joined the group action represented by London based law firm, PGMBM. PGMBM are currently litigating against other corporations in group actions which includes, Mercedes, Volkswagen, and EasyJet. A website set up to join the group action states that other affected customers and staff of the 2018 breach have until 19 March 2021 to join the claim. It has been estimated that each of the 420,000 affected customers and staff who had their personal information leaked could get £2,000 each in compensation.
The 2018 British Airways data breach highlights how important it is that you comply with the data protection principles of the GDPR, especially the integrity and confidentiality principle: You need to make sure you have appropriate and adequate security measures to protect the data you hold. Failure to comply with this principle can result in substantial financial penalties like the above.
A Lawdit Stay Legal package will ensure that your website is legally complaint, giving you peace of mind. We will conduct a complete audit of your website to see if it needs anything to ensure compliance. We shall provide you with all the documents your website needs tailored to its needs. With a free initial consultation there is no need to delay, so book today!