Marriott Faces $124 Million GDPR Fine in UK
Marriott International is facing a fine of $124 million in the UK for breaching the General Data Protection Regulation (GDPR). The fine was imposed by the UKs Information Commissioners Office (ICO) after an investigation revealed that the hotel chain failed to adequately protect the personal data of its guests.
The GDPR, which came into effect in 2018, sets out strict rules for how companies must handle and protect personal data. Under the regulation, companies can face fines of up to 4% of their annual global turnover for serious breaches.
Marriotts data breach, which occurred in 2018 but was only discovered in 2020, exposed the personal information of millions of guests, including names, addresses, and payment card details. The ICO found that Marriott had failed to put in place proper security measures to protect this data, leading to the unprecedented fine.
What does the GDPR require companies to do?
The GDPR requires companies to take steps to protect the personal data of individuals, including implementing appropriate security measures and informing authorities of data breaches within 72 hours.
How did Marriott breach the GDPR?
Marriott breached the GDPR by failing to adequately protect the personal data of its guests, leaving it vulnerable to hackers and other cyber threats.
What are the implications of the ICOs fine for Marriott?
The $124 million fine from the ICO is one of the largest ever imposed under the GDPR and sends a clear message to companies that they must take data protection seriously.
People Also Ask
What is the GDPR and why is it important?
The General Data Protection Regulation (GDPR) is a set of regulations designed to protect the personal data of individuals within the European Union. It is important because it gives individuals more control over their personal information and requires companies to be more transparent about how they use data.
How can companies ensure compliance with the GDPR?
Companies can ensure compliance with the GDPR by implementing strong data protection measures, training staff on data security, and conducting regular audits to identify and address any potential vulnerabilities.
What are the consequences of failing to comply with the GDPR?
The consequences of failing to comply with the GDPR can be severe, including hefty fines, damage to reputation, and loss of customer trust. In extreme cases, companies may even face lawsuits from individuals whose data has been compromised.
Tags:
Marriott faces $124M GDPR fine in UK.