Later in the article: "The message is clear - if you don't treat your customers' data with the utmost care expect severe punishment when things go wrong."
"The General Data Protection Regulation (GDPR) came into force last year and was the biggest shake-up to data privacy in 20 years.British Airways faces record £183m fine for data breach | BBC
The penalty imposed on BA is the first one to be made public since those rules were introduced, which make it mandatory to report data security breaches to the information commissioner.
It also increased the maximum penalty to 4% of turnover. The BA penalty amounts to 1.5% of its worldwide turnover in 2017, less than the possible maximum.
Until now, the biggest penalty was £500,000, imposed on Facebook for its role in the Cambridge Analytica data scandal. That was the maximum allowed under the old data protection rules that applied before GDPR."