Legaltech News: GDPR Fines Uncertain After British Airways’ Data Breach

November 08, 2018

More than 200,000 British Airways customers that used a credit or debit card to book a reward flight in late August had their personal information hacked. This recent cyberattack, which is now being investigated by the British Information Commissioner’s Office, has spurred questions over whether British Airways will face penalties under the General Data Protection Regulation (GDPR), which took effect in the European Union on May 25, 2018. 

O’Melveny partner and former chief of the U.S. Attorney’s Office’s Criminal Division Steve Bunnell observed that regulators may be focusing on high profile cases. “One of the things you look for is an opportunity to show people that you are serious,” said Bunnell. “You look at something that is high profile, something to make a statement.”

To read the full article, click here.