Since the EU’s GDPR came into full effect back in May, 2018, European data protection authorities have received more than 160,900 data breach reports, according to a new report by law firm DLA Piper. The figure represents an increase of 2.6 percent compared to the first eight months of the GDPR.

But the real story is that 114 million euros ($126 million) in fines have been imposed so far.

The GDPR came into force not only as a powerful European data privacy law with the ability to fine companies up to 4 per cent of their global annual revenue. It’s also a model for the rest of the world on how to regulate the unchecked flow of personal information enabled by today’s heavyweight tech companies.

The largest fine resulting from the law was the 50 million euro punishment ($57 million) on Google in France for a lack of transparency. (Though to put that figure in context, Google’s parent company Alphabet was recently valued at $1 trillion). However, the law firm’s study did not count the proposed 183 million pound ($238 million) fine on IAG, which owns British Airways in the UK —if carried out, that would be a record fine.

GDPR: Maximum Penalties are Serious

Clearly, however, GDPR has been reshaping the data breach and privacy discussion in Europe, says Ross McKean, a partner at DLA Piper who specializes in cyber and data protection, although regulators have yet to use their full fining power.

The total amount of fines of €114 million imposed to date is relatively low compared to the potential maximum fines that can be imposed under GDPR, indicating that we are still in the early days of enforcement,

However, McKean predicts that multi-million euro fines will become more common in the coming year as regulators build on past enforcement efforts and find their footing.

Source: Engadget UK, Bank Info Security

If you liked this post, check out our Premium Privacy Insights for informative articles on wide-ranging global data privacy issues.

Contact the author
Peter Borner
Executive Chairman and Chief Trust Officer

As Co-founder, Executive Chairman and Chief Trust Officer of The Data Privacy Group, Peter Borner leverages over 30 years of expertise to drive revenue for organisations by prioritising trust. Peter shapes tailored strategies to help businesses reap the rewards of increased customer loyalty, improved reputation, and, ultimately, higher revenue. His approach provides clients with ongoing peace of mind, solidifying their foundation in the realm of digital trust.

Specialises in: Privacy & Data Governance

Peter Borner
Executive Chairman and Chief Trust Officer

As Co-founder, Executive Chairman and Chief Trust Officer of The Data Privacy Group, Peter Borner leverages over 30 years of expertise to drive revenue for organisations by prioritising trust. Peter shapes tailored strategies to help businesses reap the rewards of increased customer loyalty, improved reputation, and, ultimately, higher revenue. His approach provides clients with ongoing peace of mind, solidifying their foundation in the realm of digital trust.

Specialises in: Privacy & Data Governance

Contact Our Team Today
Your confidential, no obligation discussion awaits.