We could see a huge Marriott GDPR fine

The scale of the Marriott GDPR fine that could be issued after last year’s huge data breach incident could set the precedent. And it could be significant.

The Marriott data breach saw a wealth of personal and account data exposed for a number of years between 2014 and 2018. It affected some 500m people and may have compromised passports and exposed travel information. As such, this is an incredibly serous data breach, and any punishment issued will need to reflect that.

The costs of dealing with the breach, plus the legal action costs and regulatory fines, could be monstrous for the hotel chain.

How much could the Marriott GDPR fine be?

The Information Commissioner’s Office (ICO) can fine a company up to 4% of their global annual turnover. In the case of Marriott, this could end up being as high as almost £700m.

Whatever the fine could be, we would expect it to be huge given just how bad this data breach was. We’ve yet to see how much a fine could be for a breach of this scale, so the Marriott GDPR fine may set the precedent for the future.

There are already numerous legal actions that have been launched around the world, including here in the UK and in the U.S. Compensation for victims could range between £1,000.00 to £5,000.00, and then add the solicitor fees on top, and the company’s legal bill alone could be huge. The overall costs the data breach may lead too could easily be in the billions.

Can victims claim compensation for the Marriott data breach?

Separate to any potential Marriott GDPR fine issued by the ICO, victims of the data breach here in the UK may be eligible to make a claim for data breach compensation.

Victims can claim for the distress caused, and for any losses and expenses also incurred. This can be particularly important for those who fall victim to fraud, although you don’t have to have had any losses to be able to make a claim.