The Information Commissioner’s Office (ICO) has fined Ticketmaster UK Limited £1.25million for failing to keep its customers’ personal data secure. This follows recent fines issued to British Airways and Marriott International – both record-breaking by the ICO to date.
The Data and Marketing Association’s CEO has provided some initial comments below.
Chris Combemale, CEO, Data & Marketing Association: “This particular case sends a stark warning to organisations that GDPR compliance is both people and technology driven. It is the duty of every person within an organisation to know their responsibilities under the GDPR and this includes being accountable for all technology used. Despite it being a third party’s chatbot software that created a gateway for this data breach, the onus is still on Ticketmaster to ensure that any technology they use is secure.
“Within a month, the ICO has now issued several record-breaking fines in response to significant security failures by organisations who are responsible for the data of millions of customers. Data privacy is not a tick-box exercise, organisations must continue to invest in keeping their customers’ data secure. Otherwise they will face penalties that could prove far more costly to the business.”
