LONDON, July 15, 2020 /PRNewswire/ -- Since rolling
out in May 2018, there have been 340
GDPR fines issued by European data protection authorities. Every
one of the 28 EU nations, plus the United
Kingdom, has issued at least one GDPR fine.
A GDPR tracking dashboard from
PrivacyAffairs displays official data from national
data protection bodies to monitor the status of GDPR fines.
Whilst GDPR sets out the regulatory framework that all EU
countries must follow, each member state legislates independently
and is permitted to interpret the regulations differently and
impose their own penalties to organisations that break
the law.
Nations with the highest fines:
- France: €51,100,000
- Italy: €39,452,000
- Germany: €26,492,925
- Austria: €18,070,100
- Sweden: €7,085,430
- Spain: €3,306,771
- Bulgaria: €3,238,850
- Netherlands: €3,490,000
- Poland: €1,162,648
- Norway: €985,400
Nations with the most fines:
- Spain: 99
- Hungary: 32
- Romania: 29
- Germany: 28
- Bulgaria: 21
- Czech Republic: 13
- Belgium: 12
- Italy: 11
- Norway: 9
- Cyprus: 8
The second-highest number of fines comes from Hungary. The National Authority for Data
Protection and Freedom of Information has issued 32 fines to date.
The largest being €288,000 issued to an ISP for improper and
non-secure storage of customers' personal data.
UK organisations have been issued just seven fines, totalling
over €640,000, by the Information Commissioner. The average penalty
within the UK is €160,000. This does not include the potentially
massive fines for Marriott International and British Airways that
are still under review.
British Airways could face a fine of €204,600,000 for a data
breach in 2019 that resulted in the loss of personal data of
500,000 customers.
Similarly, Marriott International suffered a breach that exposed
339 million people's data. The hotel group faces a fine of
€110,390,200.
The largest GDPR fine to date was issued by French authorities
to Google in January 2019. The €50
million was issued on the basis of "lack of transparency,
inadequate information and lack of valid consent regarding ads
personalisation."
Highest fines issued to Private individuals:
- €20,000 issued to an individual in Spain for unlawful video surveillance of
employees.
- €11,000 issued to a soccer coach in Austria who was found to be secretly filming
female players while they were taking showers.
- €9,000 issued to another individual in Spain for unlawful video surveillance of
employees.
- €2,500 issued to a person in Germany who sent emails to several recipients,
where each could see the other recipients' email addresses. Over
130 email addresses were visible.
- €2,200 issued to a person in Austria for having unlawfully filmed public
areas using a private CCTV system. The system filmed parking lots,
sidewalks, a garden area of a nearby property, and it also filmed
the neighbours going in and out of their homes
For questions regarding the research or more information about
the team behind the report, contact Joe
Robinson at joe@privacyaffairs.com or
visit PrivacyAffairs.
Full research
here: https://www.privacyaffairs.com/gdpr-fines
PrivacyAffairs is a data privacy and cybersecurity research,
information, and advice website.
Related Images
gdpr-fines-tracker.jpg
GDPR Fines Tracker
GDPR Fines Tracker by PrivacyAffairs
Related Links
GDPR Fines Tracker
Dark Web Price Index
View original content to download
multimedia:http://www.prnewswire.com/news-releases/gdpr-fines-totalling-158-million-issued-in-340-cases-study-by-privacyaffairs-finds-301093537.html
SOURCE PrivacyAffairs