Around half of General Data Protection Regulation (GDPR) fines were incurred by Italian owned companies, according to financial experts Finbold. Finbold was able to compile a list of top 2020 GDPR fines using data collected from the GDPR’s enforcement tracker website.
It has been two years since the General Data Protection Regulation (GDPR) came into effect in May 2018. However, many businesses remain unable and underequipped to handle compliance challenges. One of the most common violation was an insufficient legal basis for data processing and in many cases, companies were not aware of their own obligations.
Despite having proper privacy law and data protection guidelines in place, companies across Europe remain sluggish when it comes to compliance.
In a timeframe between 1st of January 2020 to 17th of August 2020, Italy has seen 45.6 million Euros in GDPR fines. This is from a total of 13 separate investigations. The second number on the list is Sweden with 7.3 million Euros in GDPR fines resulting from 4 cases, and third on the list is the Netherlands which incurred 2.8 million Euros worth of GDPR fines.
Although it can be argued that none of these were heavy fines, but these fines will have a reputational impact on the companies, impact their credibility and trust with their customers and partners and ultimately impact their business. It will also serve as an example for other organisations making them more vigilant in protecting the privacy and data of individuals.
Germany has only received one GDPR related fine since the start of the year, however, this does not necessarily mean that the compliance level is the highest there. The highest number of cases were seen in Spain with 76 investigations and subsequent penalties although, the total GDPR fines incurred amounted to 1.9 million Euros only. Whether it is a nominal slap on the wrist or a serious fine, the rate of litigation is creating awareness and setting precedents for the future of legal proceedings in countries across Europe.
On the other hand, the UK is not in these rankings, the last company fined or GDPR violation was Doorstep Dispensaree Ltd in December 2019. There have been many violations especially during the spread of COVID-19. Perhaps the results will be seen in the coming months.
Similarly, British Airways and Marriott International seemed to be the highest GDPR fines for companies in the UK but, both these companies are now rumoured to be given some sort of exemption or reduction in the total amount of GDPR fines to be payed by the Information Commissioner’s Office (ICO).
If you are not prepared to take any chances with potential hefty fines due to non-compliance with GDPR, then the world leading privacy and consent management solutions as well as advice from privacy experts offered by Seers can help you to protect your organisation by becoming compliant with General Data Protection Regulation (GDPR) and other privacy regulations.