A GDPR tool has been recently created by PrivacyAffairs called 'GDPR Fines Tracker & Statistics'. The General Data Protection Regulation (EU) 2016/679 (GDPR) is a regulation in EU law on data protection and privacy in the European Union. The regulation came into force in 2019.
While many organizations have compiled, to the extent that some are being cautious and are even over-reporting (due to a fear of regulatory action)), some others have attempted to meander through legal grey areas or they have openly flouted the rules.
The new tool promotes transparency in relation to the numbers and types of companies who have been deemed to have breached GDPR rules, together with the fines imposed on the corporations. PrivacyAffairs is a collection of cybersecurity professionals, tech journalists, and privacy advocates.
The new tool covers:
# Every known GDPR fine
# The total number and value of all fines
# Breakdown of the biggest GDPR fines
Looking at the data, some interesting findings emerge.
Of the 290 companies found to have breached GDPR in some shape or form, the largest fine has been levelled at Google. This was a fine of €50,000,000 issued to Google Inc. on January 21 , 2019, triggered by activities in France. Not all of the fines have been on this scale, with the smallest fine to date being just 90 euros. In all, the total value of the fines comes to €154,405,357 (as of July 1st, 2020).
The most recent fine issued, at the time of writing was to Örebro County Health and Medical Board, in relation to Article 5 GDPR and Article 6, as the website reveals. This was due to a failure to comply with data processing principles connected to a situation where a patient’s personal data was publicized.
Aside from Google, other companies receiving large fines are:
TIM - Telecom Provider - €27,800,000
Austrian Post - €18,000,000
Deutsche Wohnen SE - €14,500,000
1&1 Telecom GmbH - €9,550,000
Astute readers of Digital Journal will note that the Marriott and British Airways cases are not included on the list. This is because these are not final yet. These fines are likely to substantial, although it is unknow whether the level of fines will result in these companies entering into the top five list of the largest fines issued.