British Airways Faces $230 Million Fine for 2018 Breach
The UK data protection regulator, the Information Commissioner's Office (ICO), announced Monday that it intends to fine British Airways (BA) a total of £183.39 million (just under $230 million) for the 2018 breach that compromised the personal information of 500,000 customers.
The fine is levied under the auspices of the EU's General Data Protection Regulation (GDPR) and is Europe's largest fine to date. In the first nine months after GDPR came into force on May 25, 2018, the total amount of imposed fines across the EU amounted to €55.955.871 -- €50 million of which was levied as a single fine by the French regulator CNIL against Google.
This is now the first clear indication that European data protection regulators will not be afraid to use the full power of GDPR against major companies. Those organizations around the world that have been waiting to see the likely extent of GDPR enforcement need wait no longer. GDPR fines have been purposely linked to turnover so that large companies cannot treat data protection fines as part of necessary running costs.