Security News > 2020 > April > British Airways and Marriott UK data protection fines deferred again as coronavirus shutdown hits business
The UK Information Commissioner's Office has yet again postponed its £280m in fines against British Airways and Marriott Hotels for data leaks.
The fines were handed to both companies following damaging and widely publicised digital break-ins affecting millions of people around the world.
According to EU news website Politico, the fines have been delayed for Marriott until 1 June this year, with UK law firm Mishcon de Reya's data protection man Jon Baines blogging, with reference to the same source, that BA owner IAG's annual report revealed that its own fine had been postponed until 18 May. That statement said in part: "The ICO initially had six months from issuing the Notice of Intent to British Airways within which it could issue a penalty notice, which has been extended through to May 18, 2020, to allow the ICO to fully consider the representations and information provided by British Airways."
Marriott copped its £99m fine after letting 383 million people's data go AWOL thanks to Chinese hackers.
British data protection law is convoluted when it comes to fines: the ICO announces its intention to impose a big monetary penalty and then the naughty companies have a chance to argue about it behind closed doors, a bit like an appeal.