12.07.2019 | KPMG Law Insights

Fine for serious data protection violations

By Sebastian Hoegl, LL.M. (Wellington), Maik Ringel

Fine for serious data protection violations

“The U.K.’s Information Commissioner’s Office (ICO) intends to take action against U.S. hotel chain Marriott International, Inc. impose a hefty fine of more than GBP 99 million for serious data protection violations. At Mariott, data from more than 339 million guest records worldwide, including approximately 30 million from EU/EEA residents, was exposed as a result of a cyberattack. The data breach apparently occurred at Starwood Hotel Group before it was acquired by Mariott in 2016. The ICO said the size of the fine was justified because the data breach went undetected until 2018 due to poor data protection due diligence on the transaction and continued inadequate data security measures at Mariott. Since the data breach was discovered, Mariott has been cooperating with the ICO; otherwise, the fine would have been even higher. Mariott and the data protection authorities of the other EU member states whose residents are affected by the data breach now have the opportunity to comment on the allegations before the ICO makes its final decision.

The ICO’s actions show that data protection law is also becoming increasingly important in corporate acquisitions. Buyers must therefore not only assess the data protection risks in the target company as part of due diligence. But it is much more important to raise data protection at the target company to an appropriate level (at the latest) when it is integrated into the corporate group.”

Explore #more

18.06.2026 | In the media

KPMG Law Guest Article in Innovative Administration: Protection in Turbulent Times

Board members of municipal enterprises face personal, unlimited liability, which is further exacerbated by the unique characteristics of the public sector. D&O insurance protects their…

18.06.2026 | In the media

Handelsblatt and Best Lawyers Honor KPMG Law Experts

Best Lawyers has once again identified Germany’s top business lawyers for 2026, exclusively for the Handelsblatt. A total of 31 lawyers from KPMG Law and…

15.06.2026 | KPMG Law Insights

Higher Fees for Designers Due to Cost Increases? What Clients Need to Know

More and more often, architects and engineers are sending additional invoices to their clients. “The project is dragging on, construction costs are rising, and …

12.06.2026 | KPMG Law Insights

12th Amendment to the German Act Against Restraints of Competition: What’s Changing for Transactions, Public Procurement, and Certain Industries

The planned 12th amendment to the German Act Against Restraints of Competition (GWB) is expected to bring several significant changes for businesses, including higher thresholds…

09.06.2026 | KPMG Law Insights

Implementation of the Pay Transparency Directive: what the expert commission recommends

First published on December 2, 2025
The EU Pay Transparency Directive has been in force since June 2023 and should have been transposed into German…

02.06.2026 | Deal Notifications

KPMG is assisting hpm Henkel Projektmanagement with its integration into the BKW Engineering network

KPMG Law provided exclusive legal counsel to the shareholders of hpm Henkel Projektmanagement regarding the company’s integration into the BKW Engineering network. KPMG Law provided…

02.06.2026 | In the media

KPMG Law quote in Die Welt and Business Insider on the most important changes in June

In June, several changes come into force that will directly affect millions of consumers in Germany. From new rights for online shopping and changes to…

29.05.2026 | In the media

Statement by KPMG Law experts in the Süddeutsche Zeitung on the topic of embedded insurance

Insurance is increasingly being offered when buying cars, cell phones or concert tickets. Embedded insurance is particularly popular when buying electrical devices such as smartphones.…

26.05.2026 | KPMG Law Insights

The industrial electricity price – cost relief with new requirements and verification obligations

The industrial electricity price is in the starting blocks: With the publication of the funding guideline on May 6, 2026, the long-awaited legal framework for…

19.05.2026 | KPMG Law Insights

The amendment to the Environmental Appeals Act is intended to speed up infrastructure projects

The amendment to the Environmental Appeals Act (UmwRG) passed by the Federal Cabinet on January 21, 2026 is intended to speed up infrastructure projects.…

Contact

Sebastian Hoegl, LL.M. (Wellington)

Senior Manager
Lawyer
Specialist lawyer for IT law
LL.M. (Wellington)

Heinrich-von-Stephan-Straße 23
79100 Freiburg im Breisgau

Tel.: +49 761 769999-20
shoegl@kpmg-law.com

Maik Ringel

Senior Manager

Münzgasse 2
04107 Leipzig

Tel.: +49 341 22572563
mringel@kpmg-law.com

© 2026 KPMG Law Rechtsanwaltsgesellschaft mbH, associated with KPMG AG Wirtschaftsprüfungsgesellschaft, a public limited company under German law and a member of the global KPMG organisation of independent member firms affiliated with KPMG International Limited, a Private English Company Limited by Guarantee. All rights reserved. For more details on the structure of KPMG’s global organisation, please visit https://home.kpmg/governance.

KPMG International does not provide services to clients. No member firm is authorised to bind or contract KPMG International or any other member firm to any third party, just as KPMG International is not authorised to bind or contract any other member firm.