What about the passengers?

By | Category: Travel tips & opinions

This morning it was announced that British Airways had been fined £183.4 million by the Information Commissioner which equates to about 1.5% of the entire global turnover of the company.

tal fins of British Airways planes

This fine is a punishment resulting from a cyber-attack on BA’s customer database. In that attack, up to 500,000 customer records were hacked with log-in information, travel details, credit card information (though not the three or four digit security code) and name and address being accessed. Despite BA co-operating with the Information Commissioner this huge fine – the largest ever – was issued.

It is so large because this loss of data was under the new rules of GDPR (General Data Protection Regulation) rather than the old Data Protection Act and, if BA doesn’t win an appeal against the sum, will probably provide a benchmark for future fines of transgressors.

But here is my moan.

What will the 500,000 or whatever the real number is get? They will be compensated by BA for any losses incurred but they won’t get any part of the fine. They are also the ones inconvenienced. They have had to change passwords, possibly cancel credit cards at the same time as wondering whether there will be any problems in the future.   

If it is half-a-million that have been hacked then the fine equates to about £366 per person. As I understand it, the fine will be split between the information commission offices in the EU countries. Since they are government funded then I assume the money goes into the general government pot. The 500,000 completely lose out.

Is this fair or just? I think not.

Travel connected companies are some of the most adroit, technologically, and data is key to their business. We have to give up bank details, travel itineraries (revealing by inference when we are away from home) ages, passport details and other vital pieces of information that can be used by crooks to set up fake accounts. Regardless of what might be said, there are probably few if any sites that cannot be hacked. If individuals are placing confidence and trust in organisations then when the worst happens, they should receive a portion of any fines.

If you enjoyed this post, please consider subscribing to the RSS feed to have future articles delivered to your feed reader.
Tags: , , , ,