British Airways was fined £20 million ($26m) by the UK data protection watchdog over a breach that compromised the personal and financial details of more than 400,000 customers, a cut to a much heftier fine initially planned by the regulator.
The UK Information Commissioners’ Office on Friday said its investigation into a 2018 cyber attack at the company found that “the airline was processing a significant amount of personal data without adequate security measures in place,” exposing people’s data unnecessarily. The fine is the ICO’s biggest so far.
“Their failure to act was unacceptable and affected hundreds of thousands of people, which may have caused some anxiety and distress,” UK data protection chief Elizabeth Denham said in the statement. “When organisations take poor decisions around people’s personal data, that can have a real impact on people’s lives.”
The final penalty is a fraction of the £183.4 million the ICO had initially announced it planned to levy last year. BA said its systems were compromised from August 21 through September 5, 2018 and that about 380,000 transactions had been affected, advising people to contact credit-card providers. It said the stolen data didn’t include travel or passport details.
In July, BA set aside €22 million ($26m) as a provision for the incident.
“The ICO recognises that we have made considerable improvements to the security of our systems since the attack and that we fully co-operated with its investigation,” a BA spokeswoman said Friday in an email.
The ICO probe was done under European Union data protection rules that took effect in May 2018 and gave regulators for the first time the powers to slap companies with fines of as high as 4 per cent of their global annual sales. The biggest fine levied under the rules so far remains a €50m penalty by France’s privacy regulator against Google, but that was a national probe.
The BA probe was different because it was an EU-wide effort led by the ICO. The Irish data protection watchdog is also investigating at least 20 cases with an EU scope, concerning companies such as Apple and Facebook. Its most advanced probe into Twitter has been delayed due to challenges from other national data regulators to its draft findings.
Regulators are obliged under the EU’s General Data Protection Regulation to seek feedback from all data protection watchdogs in probes with an EU-wide reach. The ICO said it also sought the green light from other data authorities before adopting a final decision.
Our legal columnist
Name: Yousef Al Bahar
Advocate at Al Bahar & Associate Advocates and Legal Consultants, established in 1994
Education: Mr Al Bahar was born in 1979 and graduated in 2008 from the Judicial Institute. He took after his father, who was one of the first Emirati lawyers
Company profile
Date started: 2015
Founder: John Tsioris and Ioanna Angelidaki
Based: Dubai
Sector: Online grocery delivery
Staff: 200
Funding: Undisclosed, but investors include the Jabbar Internet Group and Venture Friends
Story%20behind%20the%20UAE%20flag
%3Cp%3EThe%20UAE%20flag%20was%20first%20unveiled%20on%20December%202%2C%201971%2C%20the%20day%20the%20UAE%20was%20formed.%C2%A0%3C%2Fp%3E%0A%3Cp%3EIt%20was%20designed%20by%20Abdullah%20Mohammed%20Al%20Maainah%2C%2019%2C%20an%20Emirati%20from%20Abu%20Dhabi.%C2%A0%3C%2Fp%3E%0A%3Cp%3EMr%20Al%20Maainah%20said%20in%20an%20interview%20with%20%3Cem%3EThe%20National%3C%2Fem%3E%20in%202011%20he%20chose%20the%20colours%20for%20local%20reasons.%C2%A0%3C%2Fp%3E%0A%3Cp%3EThe%20black%20represents%20the%20oil%20riches%20that%20transformed%20the%20UAE%2C%20green%20stands%20for%20fertility%20and%20the%20red%20and%20white%20colours%20were%20drawn%20from%20those%20found%20in%20existing%20emirate%20flags.%3C%2Fp%3E%0A
It Was Just an Accident
Director: Jafar Panahi
Stars: Vahid Mobasseri, Mariam Afshari, Ebrahim Azizi, Hadis Pakbaten, Majid Panahi, Mohamad Ali Elyasmehr
Rating: 4/5
HOW%20TO%20ACTIVATE%20THE%20GEMINI%20SHORTCUT%20ON%20CHROME%20CANARY
%3Cp%3E1.%20Go%20to%20%3Cstrong%3Echrome%3A%2F%2Fflags%3C%2Fstrong%3E%3C%2Fp%3E%0A%3Cp%3E2.%20Find%20and%20enable%20%3Cstrong%3EExpansion%20pack%20for%20the%20Site%20Search%20starter%20pack%3C%2Fstrong%3E%3C%2Fp%3E%0A%3Cp%3E3.%20Restart%20Chrome%20Canary%3C%2Fp%3E%0A%3Cp%3E4.%20Go%20to%20%3Cstrong%3Echrome%3A%2F%2Fsettings%2FsearchEngines%3C%2Fstrong%3E%20in%20the%20address%20bar%20and%20find%20the%20%3Cstrong%3EChat%20with%20Gemini%3C%2Fstrong%3E%20shortcut%20under%20%3Cstrong%3ESite%20Search%3C%2Fstrong%3E%3C%2Fp%3E%0A%3Cp%3E5.%20Open%20a%20new%20tab%20and%20type%20%40%20to%20see%20the%20Chat%20with%20Gemini%20shortcut%20along%20with%20other%20Omnibox%20shortcuts%20to%20search%20tabs%2C%20history%20and%20bookmarks%3C%2Fp%3E%0A
MATCH INFO
Arsenal 1 (Aubameyang 12’) Liverpool 1 (Minamino 73’)
Arsenal win 5-4 on penalties
Man of the Match: Ainsley Maitland-Niles (Arsenal)
Key findings of Jenkins report
- Founder of the Muslim Brotherhood, Hassan al Banna, "accepted the political utility of violence"
- Views of key Muslim Brotherhood ideologue, Sayyid Qutb, have “consistently been understood” as permitting “the use of extreme violence in the pursuit of the perfect Islamic society” and “never been institutionally disowned” by the movement.
- Muslim Brotherhood at all levels has repeatedly defended Hamas attacks against Israel, including the use of suicide bombers and the killing of civilians.
- Laying out the report in the House of Commons, David Cameron told MPs: "The main findings of the review support the conclusion that membership of, association with, or influence by the Muslim Brotherhood should be considered as a possible indicator of extremism."
