What sort of business are you involved in @ThatT1Feeling? What sort of an impact would losing 4% of your revenue have on it? Do you think you would allow employees to send out ANY messaging that was not rigorously checked by lawyers if there were the remotest risk of prejudicing a defence?

The answer is clearly no. It doesn't matter what individuals spend is. BA are probably concerned about customers, but their duty is to shareholders. And rightly so.

The slightly depressing thing here (I work to some degree on cybersecurity) that the bluster and posturing about "bad old useless BA cutting costs and not looking after our data, cost cutting/Cruz blah blah blah, is obscuring some basic and very important facts: this looks like it was about human factors (access/permissions/review processes) rather than cost. Most if not all companies are subject to similar issues, because employees are fallible. If you don't believe me, drop a USB stick in your company car park with a script that emails you when it's inserted. And wait for the email.

This should be a wake up call to everyone. Because it could very well be your business who is facing an existential threat from GDPR fines, and being subjected to ambulance chasing claims. In such cases, you would be telling your staff to stick strictly to the legally approved forms of words. Instead it's becoming a stick to hit BA with for other perceived wrongs and lessons are not being drawn.

But on the substantive issue, not being in the class action is the worst of all worlds. It loses: no effect. It wins: compensation is fixed at a top limit and shared, this is ultimately paid for by customers one way or another so you might as well get a share. The ambulance chasers don't care that this will be peanuts, as their 35% won't be.