Total Tests:

Booking.com fined €475,000 for late reporting of data breach

By John Leonard for Computing
Thursday, April 1, 2021

However, In its final penalty notice, the UK watchdog the ICO announced that, in view of the pandemic, Marriott would be required to pay just £18.4 million, a huge drop from the £99 million figure it had originally proposed in 2019.

Commenting on the Booking.com fine, Ilia Kolochenko, founder and chief architect of ImmuniWeb, said: "The fine seems to be severe given that sensitive data of just 300 people was compromised among 4,000 victims that were somehow affected. The Dutch DPA exercised its discretion to impose fines under Article 83 of GDPR in a broad manner, and it seems to be an unambiguous signal of zero tolerance for late data breach reports.

"It's unclear whether [Booking.com] will appeal the sanction as disproportionally harsh in light of the unprecedented lenience towards Marriott and BA by the UK regulator. The European Data Protection Board will probably intervene and bring more clarity on this specific misconduct in terms of gravity and subsequent punishability. In any case, this precedent evidences that victims of data breaches are to rigorously follow Article 33 of the GDPR and notify the competent DPA within 72 hours as prescribed." Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential