The cat is finally out of the bag! The DLA Piper Report is out now and it is unleashing the biggest data protection failures of 2020 among other things. This report showcases the top violations of the GDPR in the EU and the UK ever since the implementation of the GDPR and the Data Protection Act 2008. This report identifies the upcoming battles, most common data breach causes and the speculation of what the data privacy environment will look like by the end of the year 2020.
The year 2020 has been the year of chaos and unexpected turn of events. Under the global pandemic, all industries have been shaken. The world is slowly gaining momentum in defeating this invisible enemy. While the panic caused by the pandemic is being misused in a lot of ways to orchestrate data breaches and hack into the data vaults of many companies and users this year, there are still other reasons that contribute to the data debacle. These include a lack of resources or priority for big firms towards data protection. Even big firms like Marriott International, British Airways and EasyJet have been careless in this regard.
Ross McKean, a partner at DLA Piper from the cyber and data protection specialisation team commented: “GDPR has driven the issue of data breach well and truly into the open. The rate of breach notification has increased by over 12% compared to last year’s report and regulators have been busy road-testing their new powers to sanction and fine organisations”.
“The early GDPR fines raise many questions. Ask two different regulators on how GDPR fines should be calculated and you will get two different answers.”
“The highest GDPR fine to date was EUR50 million imposed by the French data protection regulator on Google, for alleged infringements of the transparency principle and lack of valid consent, rather than for a data breach. Following two high profile data breaches, the UK ICO published two notices of intent to impose fines in July 2019 totalling GBP282 million although neither of these was finalised as at the date of this report.”
Yet, the report was able to highlight some of the biggest breaches in terms of people affected, companies fined and more. There is only one lesson that needs to be learnt and that is privacy is non-negotiable under the law.
