(Subscribe to our Today's Cache newsletter for a quick snapshot of top 5 tech stories. Click here to subscribe for free.)
The European Union started enforcing General Data Protection Regulation (GDPR) in May, 2018, a legal framework that sets guidelines for collecting and processing individual’s personal data.
Since its enforcement, in two and half years, European authorities have imposed EUR114 million ($126 million) in fines, according to a report by law firm DLA Piper.
France, Germany and Austria topped total value of GDPR fines with over EUR51 million, EUR24.5 million and EUR18 million respectively, the report noted.
1.6 lakh data breaches have been reported so far; the Netherlands reported most violations, followed by Germany and the UK with 40,647, 37,636 and 22,181 each.
The daily rate of breach notifications also rose by 12.6% from 247 notifications per day for the first eight months of GDPR to 278 for the current year.
The GDPR was presented as a powerful instrument for European data privacy laws that could charge companies and set an example for the rest of the world on how to corporations should treat personal data.
The fines imposed indicate that non-compliance cost firms dearly with prospects of higher fines in the future.
“The total amount of fines of €114 million imposed to date is relatively low compared to the potential maximum fines that can be imposed under GDPR, indicating that we are still in the early days of enforcement,” Ross McKean, partner at DLA Piper specialising in cyber and data protection, said.
“We expect to see momentum build with more multi-million Euro fines being imposed over the coming year as regulators ramp up their enforcement activity."
The highest GDPR fine was levied on Google by France’s data protection regulator. The authorities charged the Alphabet-owned company EUR50 million for alleged infringement of the transparency principle and lack of valid consent.
