Data Protection And The Rise of Regulatory Specialists
Why There’s A Greater Need For Regulatory Specialists
Over the last few years, we have seen many matters that would previously have been prosecuted before the criminal courts, move into the jurisdiction of other bodies. What we see as a result is a range of specialist regulators best placed to react to perceived industry failings, and if necessary, meet out swift and condign punishment.
As criminal lawyers, we too have kept pace with those changes, where once we would have defended tachograph cases in the local magistrates’ court, we now support vehicle operators before traffic commissioners. The alleged ‘crimes’ are the same, but the enforcement regime entirely different.
Huge Fines Handed Out To Large Companies.
Last week we saw the Information Commissioner’s Office (‘ICO’) issue notices of intention to issue fines to two large companies.
British Airways is to be fined £193.39 million and Marriott Hotels more than £99 million. In each case, there was a large-scale breach of data protection (in one case involving over half a million users), and these fines reflect not only the extent of the breach but also an early indication as to a stronger line being taken under the new GDPR regime.
Information Commissioner Elizabeth Denham said:
“People’s personal data is just that – personal. When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience. That’s why the law is clear – when you are entrusted with personal data you must look after it. Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.”
Another striking feature of these two cases is the international approach to data breach, explained here by the ICO:
“ICO has been investigating this case as lead supervisory authority on behalf of other EU Member State data protection authorities. It has also liaised with other regulators. Under the GDPR ‘one stop shop’ provisions the data protection authorities in the EU whose residents have been affected will also have the chance to comment on the ICO’s findings.”
Whatever your business or profession, we make it our business to protect your interests and our specialist teams are fully up to date with all practice, procedures and emerging trends.