Following the recent announcement from the ICO of significantly reduced fines for BA and Marriott the question has to be asked "Where are the landmark cases of fines in the order of 4% of revenue for huge scale breaches?". Clearly during the pandemic the travel and hospitality industries are under great financial strain but since GDPR came in over two years ago there haven't been any fines that have been anywhere near the expected magnitude.