Skip to main content

Clifford Chance

Clifford Chance


GDPR Gets Serious – Two Record-Breaking Cyber Fines in Two Days

17 July 2019

The ICO has proposed unprecedented fines against British Airways and Marriott International – how should businesses respond?

 The UK privacy regulator, the Information Commissioner's Office (ICO), has issued notices of intention to impose fines of over GBP 280m on two international businesses for GDPR breaches, in particular because of their perceived data security failures. The UK's Information Commissioner, Elizabeth Denham has stated:

 "For a fine to be dissuasive against a company that has a turnover in this stratosphere, we have to provide the fine accordingly.

 This is not a small business. This is not a charity. This is a large business that you'd expect would take care of personal data".

Download PDF