Last week was packed in terms of new developments in the area of privacy. On Monday 8th July, the UK's data protection authority, the Information Commissioner’s Office (the ICO), announced its intention to fine British Airways in the amount of £183,390 million (equivalent to about EUR 204 million, which according to media reports, is about 1.5% of the company's worldwide turnover last year) for infringements of the EU General Data Protection Regulation (GDPR). The proposed fine relates to a cyber incident involving user traffic to the British Airways website being diverted to a fraudulent site. Through this false site, customer details were allegedly harvested by attackers. The ICO’s investigation found that a variety of information of approximately 500,000 customers was compromised in this incident, including log in, payment card, and travel booking details as well name and address information.
We recently completed our comprehensive analysis of the UK Information Commissioner's Office (ICO) enforcement actions in 2012. You may find this analysis, along with statistics, pie charts and