In this episode of Life with GDPR, Jonathan Armstrong and Tom Fox consider the recently released UK Information Commissioner’s Office (ICO) Cathay Pacific Airways Limited fine of £500,000 for failing to protect the security of its customers’ personal data.
This is a pre-GDPR case and the fine represents the maximum fine under the ICO’s pre-GDPR powers. The ICO took into particular account the fact that Cathay Pacific failed to follow its own policies and ignored fundamental best practices.
Some of the highlights in this episode include:
– What were the background facts of the enforcement action?
– What are the implications of a pre-GDPR enforcement action?
– Why was the maximum fine levied?
– What were the regulators findings?
– What are the lessons learned for the data protection practitioner?
You can read more about this action in our alert here: https://www.corderycompliance.com/ico-fines-cathay-pacific-for-data-security-breach/
For more information please contact Jonathan Armstrong who is a lawyer with Cordery in London where his focus is on compliance issues.
|Jonathan Armstrong, Cordery, Lexis House,
30 Farringdon Street, London EC4A 4HH
T: +44 (0)20 7075 1784