The scale of the Marriott GDPR fine that could be issued after last year’s huge data breach incident could set the precedent. And it could be significant.
The Marriott data breach saw a wealth of personal and account data exposed for a number of years between 2014 and 2018. It affected some 500m people and may have compromised passports and exposed travel information. As such, this is an incredibly serous data breach, and any punishment issued will need to reflect that.
The costs of dealing with the breach, plus the legal action costs and regulatory fines, could be monstrous for the hotel chain.
An inquiry from the Digital, Culture, Media and Sport Committee has called for greater Facebook regulation to shift the power from the corporations to the people.
Recommendations include an independent regulator that could be responsible for enforcing an ethical code of conduct that all tech firms must adhere to. They could also be handed powers to bring legal proceedings for breaches and enforce new rules for tech firms to prevent and remove disinformation, false news and harmful content.
The inquiry was launched off the back of the Cambridge Analytica scandal and also focuses on the misuse of personal data as well.
It’s understood that business data breach headlines are still being ignored by business leaders, despite the monumental costs and consequences they can have.
Although the research and studies bring about all sorts of facts and figures, another recent worrying one indicated that only around a third of businesses are properly investing in new software to protect themselves against the increasing risks of hacks and business data breaches.
With huge names suffering massive losses as a result of big breaches, this number really isn’t reflective of a proper desire to protect the data they hold.
Are we seeing an increase in GDPR data breach instances since the new rules came into force in May 2018, or is it just a case of more reporting?
According to recent research, reports of GDPR data breach incidents more than doubled between May, which saw the new rules come into force on 25th, and June 2018 the following month. Does this mean that incidents massively spiked and increased during that short period of time, or are organisations so in fear of the new rules that they’re reporting every little breach that may be happening?
The results are what we expected.