The British Airways ICO fine has been reduced from the proposed £183m initial intention to fine amount to just £20m; representing a significant reduction from the Information Commissioner’s Office (ICO) of around 90%.
The British Airways data breach affected almost half a million customers across two periods in 2018. Highly sensitive data that included names, addresses, payment card numbers – including CCV numbers in some cases – were accessed by hackers in the attack.
Customers who made or changed a booking between 10.58pm on 21 August 2018 and 9:45pm on 5 September 2018, or customers who made a reward booking between 21st April 2018 and 28th July 2018, could be affected by the data breach. If this applies to you, you could be eligible to claim compensation now.
British Airways ICO fine significantly reduced
The ICO’s investigation found BA in breach of Data Protection laws after a significant amount of personal data was exposed. They said that the airline should have identified the weaknesses in security and put measures in place to prevent the breach.
This is why the fact that the British Airways ICO fine has been reduced by so much is still a cause for concern.
The economic impact from the Coronavirus pandemic is likely to have been a factor in the drastically reduced fine, which was expected. The aviation industry has taken a huge hit due to the pandemic and it is understood to be the case that this has been taken into consideration.
The fines that the ICO set should have a ‘dissuasive effect’ on any company from allowing a breach to take place. Last year’s provisional £183 million intention to fine could have had a dissuasive effect on BA in our view but, due to the Coronavirus Pandemic, the ICO has now deemed that £20 million enough to dissuade BA ad others from inadequate security systems.
The negative impact of the reduced fine
Aman Johal, director of Your Lawyers, explains the negative impact of the reduced British Airways ICO fine, and what it could mean for data security;
‘The ICO’s earlier record intention to fine was a landmark moment. It set the standard as a candid warning that is so desperately needed at a time when large scale data breaches are rampant.
I am concerned that such a significant climb down undermines the GDPR and its ability to act as a credible deterrent to big business by sending the message that they can orchestrate their way out of paying substantial financial penalties.
If this is to be a trend, the only real deterrent against large corporations breaching the GDPR will be the pursuit of large group action claims for compensation, like the one against British Airways.’
Mr Johal’s comments have featured in recent media coverage of the fine.
Have you been affected by the BA data breach?
Regardless of the massively reduced British Airways ICO fine, if you have been affected by the BA data breach, there is still time to join the British Airways Group Action claim.
We are specialists in this increasingly important area of law, and our expert lawyers can offer you free, no-obligation advice about your potential claim. Our lawyers are already fighting for justice for many victims of the British Airways data breach and we may be able to help you too.
As a firm on the Steering Committee leading the fight for justice for this action, we are at the forefront of the fight for compensation. Sign-up now for No Win, No Fee representation here.