Over nearly two years, the European Union (EU) is expected to have collected 114 million euros ($126 million) on the issues related to the breaching of the protected data and privacy. More than 160,000 data breach cases have been reported and several cases are yet to be announced in relation to the EU’s General Data Protection Regulation (GDPR) privacy law.
The EU’s data protection law, GDPR 2016/679 was implemented in May 2018 in a view to regulate the transfer of the data outside the EU and European Economic Areas (EEA). According to multinational law firm DLA Piper, the EU has issued over 160,000 cases of data breach notifications across Europe since GDPR’s implementation. As per the firm, “the biggest penalty under GDPR to date was a fine of 50 million euros imposed on Google.”
A partner of the firm, Ross McKean projected that bigger fines could be expected in the coming days. McKean, a partner at DLA Piper specializing in cyber and data protection, said the report released by his firm was not the complete data and asserted, “We’re still in the very early days.” Talking to CNBC, McKean stated, “It’s not a huge surprise that we’re seeing a slow start to fines, but there’s more to come.”
DLA Piper commented that the rate of data breach notifications has increased almost 13% from the first eight months of GDPR to the current year. As reported by CNBC, the French data protection regulator, CNIL imposed around 50 million euros in 2019 for the infringement of GDPR. The infringements, however, were related to issues of lacking transparency and valid consent rather than a data breach.
Headache for Google and Facebook
The EU’s regulation of protected data and privacy represented a grave threat to the giant tech companies including Google and Facebook. These tech companies are at high stakes bringing under the surveillance of GDPR since they normally handle a huge amount of personal data every day. Under GDPR regulations, “a company can be fined either 20 million euros or up to 4% of their annual revenues, whichever is the greater amount.” The regulatory authorities of the EU’s members have been strictly conducting a search on the potential violations of the landmark EU law across the continent.
McKean stated that some companies were wary of GDPR and the law related to GDPR had been a troubling effort for Europe’s data protection authorities, as well as businesses. The main challenge of GDPR to the giant companies was the regulators have the power to levy sizable fines. Citing GDPR a “vague law,” McKean commented, “It is going to be slow progress to get the legal certainty regulators need to start whacking companies with higher fines.”
Under the provision of the GDPR, several companies have been levied fines by different countries of the EU over the two years. As reported by CNBC, Ireland’s Data Protection Commission has initiated multiple ongoing cases into (GDPR) violations, investigating a range of big tech companies from Facebook to Apple. Last year, Britain’s Information Commissioner’s Office issued notices warning to impose fines on British Airways and Marriott International which was amounted to about £282 million but both penalties have not been yet finalized.
I’m Roshan, a journalist, blogger and music lover. I like covering global news related to finance, business, and technology. Focusing on the collection of true and reliable information, I rely on working by conducting interviews with business leaders and talking to the inside sources of companies.
You can reach out to me at: [email protected]