Funding and fines, breaches and spies

3 min read

Georgia Iacovou

15 Jul 2019

🙋🏻‍♀️ Happy Monday, internet users 👉 a sweet cash injection for privacy 👉 it’s ICO fine season 👉 cool your jets

👩‍💻 Seen on the web-nets: surveillance has shown us how nice we are…?

Have you heard of the bystander effect? Where someone is in trouble in public, and people just stand and watch instead of helping. Apparently, that is what humans are famous for. But a widespread study of camera footage shows the opposite: people are actually happy to intervene and help. See? Anyone can be a hero…

Privacy is important, give us money

OneTrust just raised $200m in their series A and TrustArc just raised $70M in their series D: correct me if I’m wrong, but this might mean that the world of business is actually starting to value privacy. The CEO of OneTrust, Kabir Barday, has actually said that they weren’t even looking for funding, because they make their own money (a novel idea, I thought VCs just gave us everything?). None of that matters, because this general siphoning of funds into urgent privacy matters is an industry signal that people are starting to take this seriously.

Marriott’s fine: breach at the beach 🏖

In 2014, Starwood hotels systems’ were compromised. In 2016, Marriott acquired Starwood, and did not check if the lobbies were clean, the pillows were fluffed, and if there had been any data breaches. Real smart, guys. The personal data of over 300 million guests was exposed, including passport numbers, credit card numbers, and anything else you need to ruin someone’s life. Big woops. The ICO are now fining Marriott with £100m over this — they could have avoided this if they exercised some due diligence 🤷🏻‍♀️

👑 Royalty deserve the best when it comes to breaching regulations

King’s College London had a visit from the Queen in March. As you can imagine, they had to make some security preparations. Here’s what they did:

  1. Looked at their database of students
  2. Picked the ones which looked like they could be ‘activists’
  3. Made a list of thirteen students; sent list to the police
  4. Deactivated their student cards for the duration of the visit

Oh crap, I don’t think violating the GDPR is what anyone meant when they said ‘prepare for the Queen’s visit’ 😱 Luckily King’s have realised they ‘did a bad’, and have turned themselves over to the ICO. The report they wrote outlines their new plans as they take security in-house. We eagerly await the ICO’s response — as we all know, it appears to be fine season.

💸 Cool your jets for yet another fine

This is the last one, I swear (the last one in this post, not the last one in the world). British Airways got caught being hacked into by c y b e r t h e i v e s (that’s the lamest name I could think of — don’t want to give them any credit) back in June 2018. Hundreds of thousands of casual folk trying to book their flights were diverted to a fraudulent site, where personal info such as their email address and travel information were rudely harvested. The ICO are administering their heaviest ever fine for this: a clean £183M. I don’t want to call this a win, because none of this should be happening in the first place. Hopefully BA are nice and embarrassed and they won’t make flights more expensive…

the author

Georgia Iacovou

Content Writer, Metomic