GDPR fines totalling €292m issued in 661 cases

2021-05-18T15:58:00+01:00

1 Comment

Since its roll out in May 2018, every one of the 28 EU nations, plus the United Kingdom, has issued at least one GDPR fine.

A GDPR tracking dashboard from Privacy Affairs displays official data from national data protection bodies to monitor the status of GDPR fines.

During the last 3 years, Spain has issued the largest number of GDPR fines by far with 222 fines, followed by Italy - with just 73 fines.

The largest GDPR fine of €50,000,000 was issued by French authorities in January 2019, against Google Inc.

Highest fines issued to private individuals:

€20,000 issued to a private person in Spain for unlawful video surveillance of employees.
€11,000 issued to a football coach in Austria who was found to be filming female players in the shower.
€9,000 issued to a person in Spain for illegal video surveillance of employees.
€2,500 issued to an individual in Germany who sent out emails to several persons, where each could see the other recipients’ email addresses.
€2,200 issued to a person in Austria for having illegally filmed public areas using a personal CCTV system.

The success of GDPR can be seen in the number of pieces of legislation that are described as “GDPR-style” as well in the adoption of GDPR-standards worldwide by tech giants such as Microsoft.

But three years on what is next for GDPR? A key question is the extent to which the legislation needs updating in the face of new technology. Axel Voss, a politician who was a driving force behind the GDPR, warned in March that the legislation is now out of date as it hasn’t kept pace with new technology.

“We have to be aware that GDPR is not made for blockchain, facial or voice recognition, text and data mining… artificial intelligence,” said the German MEP.

Hear more about GDPR at ‘Divergence in GDPR and the Financial Services Industry at PrivSec Global at 12pm on 24 June.

Topics

1 Comment

News
Euro politicians question UK’s Data Protection Bill compatibility with GDPR

2024-02-28T09:25:00Z By GRC World Forums

Paul Tang, a Member of the European Parliament, has raised concerns about the UK’s new Data Protection and Digital Information Bill (DPDI) and its potential to undermine elements of the GDPR.
News
Italian city first to receive fine for AI privacy violations

2024-01-29T15:27:00Z By GRC World Forums

The data privacy regulator in Italy has imposed a €50,000 fine on Trento for violating laws regarding the northern city’s use of artificial intelligence (AI) in urban surveillance schemes.
Video
ChatGPT: the data privacy nightmare?

2023-12-19T06:06:00Z

Within two months of its release, it reached 100 million active users, making it the fastest-growing consumer application ever launched.

1 Reader's comment

You're not signed in.

Only registered users can comment on this article.

More from GDPR

Feature
Five years of GDPR - what does the dawn of AI mean for data privacy regulations?

2023-05-25T14:43:00Z By GRC World Forums

May 25, 2018 saw the introduction of the EU’s General Data Protection Regulation (GDPR), a ground-breaking legal framework that set new standards on how organisations both within and beyond EU borders obtain, process and store personal data.
News
Meta faces GDPR penalty on top of order to halt data transfers

2023-05-03T15:02:00Z

Meta is getting ready for the cessation of its EU-U.S. data transfers, as well as a fine for violating the EU General Data Protection Regulation, according to filings made with the U.S. Securities and Exchange Commission.
News
Potential cost increase to access EU markets due to new UK data law

2023-04-24T09:38:00Z

Proposed data regulations in the UK, currently awaiting approval from Parliament, may fall short of Europe’s GDPR standards.