Originally Posted by
Marty-Party
I agree, and I am a BA employee. The GDPR regulations cannot legislate on cross boarder hacks but will fine those who are victims. However, outsourcing to IT centres abroad increases that risk as it's more difficult to control what goes on - no need to dispute that as it is an obvious fact. IT centres in other countries are not bound by UK law apart from the contract they sign with the UK company. For balance, I have no idea if the hack was due to IT being outsourced but I'm sure that the tech guys abroad won't be fined, it will be the UK based BA company.
To broaden the subject (sorry for the thread keep), why has Cruz still got his job? Don't BA have non-execs who are supposed to monitor the CEO etc ? IAG ) are making unbelievable profits (lets face it BA is making the money) but the board are allowing one disaster after another. In many industries Cruz would have gone by now, so why is he still CEO ?
Great question Dear chap, but unfortunately accountability exists in name only.
They pocket the benefit from the destruction and outsourcing of staff, they then apply a contract remedy when discovered.
Would respectfully disagree with some posters,
BA are not the victim. There would most certainly have been internal dissent to this decision, but the 'savings' and therefore personal benefit outweighed any consideration of the security of the the customer details.