Analysis

British Airways' GDPR Fine Puts Price Tag On 'Poor' Defenses

Law360 (July 8, 2019, 10:24 PM EDT) -- The record-smashing fine that the U.K.'s data protection authority intends to give British Airways for a 2018 data breach signals European regulators' appetite to use their boosted enforcement powers to punish companies for subpar cybersecurity, even without proof that hackers used stolen data for fraud.

In announcing the planned fine of £183.4 million ($230 million) the Information Commissioner's Office on Monday sent a message to the broader business world, according to industry attorneys: Either show that you are putting serious resources behind cybersecurity, or face a potential megafine under the EU's General Data Protection Regulation in the case of a breach....

Stay ahead of the curve

In the legal profession, information is the key to success. You have to know what’s happening with clients, competitors, practice areas, and industries. Law360 provides the intelligence you need to remain an expert and beat the competition.


  • Access to case data within articles (numbers, filings, courts, nature of suit, and more.)
  • Access to attached documents such as briefs, petitions, complaints, decisions, motions, etc.
  • Create custom alerts for specific article and case topics and so much more!

TRY LAW360 FREE FOR SEVEN DAYS