UK: The ICO Fines British Airways £20 Million Following A Personal Data Breach

UK: The ICO Fines British Airways £20 Million Following A Personal Data Breach

The Information Commissioner’s Office (ICO) imposed a fine of  £20m on British Airways (BA) for failing to protect the personal and financial details (payment card details) of more than 400,000 customers.

The ICO investigation revealed that the BA had not implemented adequate security measures and as a result, could not detect a cyber-attack, which took place in 2018 until BA was made aware of the attack by a third party two months later. 

Social Media: Referring a Non-User Friends by E-mail Requires their Prior Consent

Social Media: Referring a Non-User Friends by E-mail Requires their Prior Consent

On May 14, 2020, the Belgian Data Protection Authority imposed a €50,000 fine on an international dating website (“dating platform” or the “company”) for lack of legal basis of the data processing operations carried out to provide an “invite a friend” feature.

In particular, it considered that consent of  non-users of the dating platform was necessary before letting the user send them invitation emails.