Following the first major GDPR-related financial penalty against internet giant Google, the world seems to have been waiting with bated breath for the next major fine to dwarf the €50 million (U.S. $56.3 million) France’s data regulator meted out in January.
That wait came to an end in early July, when the U.K.’s Information Commissioner’s Office (ICO) fined British Airways £183.4 million (U.S. $230 million) and Marriott £99.2 million (U.S. $124 million) on back-to-back days for data breach-related violations. The penalties were the two largest issued under the EU’s data protection regulation so far.
