€273m GDPR Penalties Applied Since it Became Enforceable
A report has been published by Law firm DLA Piper that reveals European Union-based companies handed over financial penalties totalling €272.5m ($329m) in relation to wide range of General Data Protection Regulation (GDPR) breaches since May 25 2018.
In addition to this the aggregate daily rate of breach alerts doubled for the second consecutive 12-month period with 331 alerts issued per day since 28 January 2020, a 19% rise from the 278 breach notifications daily rate for the previous year.
The report says that the results of the research shows there is a persistent “failure to implement appropriate security measures”. This is the main reason for the ongoing growth of GDPR fines.
The GDPR fines were handed over paid by businesses located in the 27 EU member states along with the UK, Norway, Iceland and Liechtenstein. The greatest percentage of the total was paid by companies based in Italy (€69.3m) followed closely by Germany (€69.1m) and France (€54.4m).
Over figures made public by the report include:
- 281,000 GDPR data breach alerts have been broadcast.
- This was made up by Germany (77,747), The Netherlands (66,527), the UK (30,536), France (5,389) & Italy (3,460).
- Businesses located in Europe have paid €272.5m ($329m)
- The largest GDPR fine was €50m – issued against Google
- In the UK two GDPR penalties were cut from £282m in total to £28.4m
- Denmark registered the greatest amount to breaches per 100,000 people with 155.6 per 100,000 people, Netherlands recorded a rate of 155.6 and Ireland 127.8