In recent news, British Airways discussions with the ICO around the €183.3m fine may result in reduction of the penalty of £20.1m. The intention to fine was announced last year after hundreds of thousands of customers’ financial and personal details were stolen during a cyber-attack in 2018.
Our co-head of Data Governance, Britt Endemann, sat down with The Telegraph and shared her thoughts about the potential significant fine reduction for British Airways and how the ICO may arrive to the final quantum. Here is what she had to say:
“I feel for the ICO in this because what would the reaction have been if they had stuck to the massive fine? They would crush an industry that had already been crippled,” she said.
“We thought the original fine looked a little high but we never thought there would be that much of a reduction. The ICO doesn’t want to be seen as weak and they want to send messages tom the larger corporations especially.”
Britt said that in the future the ICO should announce a “minimum” intention to fine first and then add to it over time.
“I think they really have to re-think the order of how they’re sending these messages out and leveraging provisional fines,” she said.