06 May
2021

Understanding the data protection and cyber security landscape

Author: Matt Gatenby, Senior Partner, Travlaw 

There was a time, pre-covid (I know, that seems a million years ago…) when the most joked about element of what we all do day-to-day in the travel industry, was data. Typical, especially around that 2018 GDPR implementation time, there were comments along the lines of “We had a sweepstake to choose the person who would have to go through sorting out our Data Protection Policy”.

Of course, these days all that sentimentality is reserved solely for the aforementioned Coronavirus. However, I wonder if, over time, the feelings about data have softened anyway? Most travel businesses are now three years into having gone through GDPR, and anecdotally most of our clients are now, actually pretty comfortable with the whole thing. They have policies in place (and crucially they are not just token affairs), team members know a thing or two about data, and many even have dedicated, enthusiastic Data Protection Officers, or Data Protection Managers.

After all, each of us do recognise that data is all important – it runs through everything we do. It feels like each day, each of us sign up to a new set of T&Cs online, or via an App Store of some kind, and certainly click to say we accept cookies for this particular website. For travel businesses, both of those events happen a multitude of times as consumers browse and book, and frankly the industry has settled into a happy place regarding data in the majority of cases.

However, there is usually a lot going on. The risk of some kind of data breach is always there, from an errantly left-behind data stick on a train, to a simple one off e-mailed invoice sent to ‘Mark.Gatenby’ instead of ‘Matt.Gatenby’ (my uncle very likely would be less than interested in my e-mails, although would almost certainly forgive a breach). Hacks, or attempts at hacks are happening with frightening regularity, and the travel industry is seen as a prime target. Given what we do as an industry, we hold and process a lot of personal data, and often special category data, and the rules & regulations adapt frequently as the world continues to work out what is best practice. In recent times we have seen a change, more or less, in how the UK sends and receives data with our EU counterparts, and that is before we get onto the same relationship with the US, and indeed the rest of the world.

Happily, ABTA are once again running one of their long-running series of Data events, and Travlaw are once again delighted to be a partner in the delivery. It is no surprise to us that despite the sometimes-sardonic comments that still surround data, this conference proves so popular - it is a really informative day.

So, if you want to learn the fundamentals, drill down into specific issues at a more advanced level, or just sense-check the whole landscape on data, this is the conference for you. If there are answers, the presenting team on the day will have them so this is an excellent opportunity to spend a full day virtually and remotely talking about something amazingly important, that isn’t Covid-19 related.

ABTA’s Data and Cyber Protection Training for Travel is taking place virtually on 8 June, to register your place and view the full event agenda please visit abta.com/abtaevents.

Make the most of our new business rate that allow you to train your whole team for less. It includes five digital log ins and on demand content can be shared amongst your team.