The Importance Of Cybersecurity During A Merger & Acquisition Transaction
The Federal Trade Commission (FTC) announced a complaint and proposed consent order against Marriott International Inc. and its subsidiary, Starwood Hotels & Resorts Worldwide LLC, on October 9, 2024, concerning three alleged...more
Our Consumer Protection/FTC and Privacy, Cyber & Data Strategy teams unpack Starwood Hotels’ and Marriott International’s settlements with the Federal Trade Commission and Marriott’s settlement with state attorneys general...more
Enforcement of data privacy laws across the US is in full force. Most recently, Marriott agreed to a $52 million settlement payment to 50 states, including $3.5 million to the State of Texas, following a data breach of 131...more
The Fourth Circuit dismissed an investor’s lawsuit against a hotel chain that had been subject to a data breach, ruling that the company had not made false or misleading public statements about its protection of customer...more
Hot on the heels of the £20 million fine issued to British Airways, the Information Commissioner’s Office (“ICO“) has issued Marriott International Inc. (“Marriott“) with a long-awaited penalty notice for its failure to...more
Few will have been surprised that, when the ICO eventually published details of the BA and Marriott fines, the final penalties were very much lower than the £183+ million and £99+ million proposed in the original notices of...more
On 30 October 2020, the UK’s data privacy regulator, the Information Commissioner’s Office (ICO) issued a final penalty notice (Penalty Notice) to fine the hotel chain Marriott International, Inc. (Marriott) for a GDPR data...more
The UK Information Commissioner’s Office (ICO) has recently handed down two of the largest fines relating to a data breach in UK history. In August 2018, British Airways (BA) was subject to a cyberattack which breached the...more
On February 21, the District of Maryland held that consumers had standing to assert claims arising from the historic data breach that hit Marriott in 2018, but the court dismissed the plaintiffs’ claim for negligence under...more
States Consider Privacy and Data Security Legislation - It’s that time of year again, when we see a flood of legislative activity at the state level on privacy and data security laws. A couple of recent examples are below....more
The UK Supervisory Authority (the ICO) has had a headline-busting month. On July 9, 2019, the ICO announced its intention to fine Marriott International more than £99 million under the GDPR (General Data Protection...more
GDPR fines are seemingly like buses, you wait over a year for enforcement action by the UK’s data supervisory authority, the ICO, and then two come along at once – and with quite dramatic effect. The ICO has stretched its...more
British Data Protection Authority Flexes GDPR Enforcement Muscles - No longer is the bark of sanctions for lax data protection practices worse than its bite. The Information Commissioner’s Office (ICO)—the United Kingdom's...more
Key Takeaways - - The proposed £183 million and £99.2 million fines against British Airways and Marriott, respectively, by the UK’s ICO emphasise: - The need for companies to maintain appropriate data protection practices...more
The ICO issued notices of intent to fine British Airways and Marriott. What happened? On 8 July 2019, the UK Information Commissioner’s Office (ICO) announced a notice of intent to fine British Airways £183.39 million (about...more
As we turn the page on 2018, let’s reflect on some of the key privacy and cybersecurity issues that will continue to occupy our hearts and minds in 2019....more