In the fifth summer of the General Data Protection Regulation (GDPR), the total fines imposed by the European supervisory authorities have exceeded the 4 billion euro threshold. The number of sanctions imposed also climbed above the 2000 mark.
Meta alone has to pay more than half of the fines for four cases: In May, shortly after the 5th anniversary of the GDPR, the Irish Data Protection Commission (DPC) imposed the record fine of 1.2 billion euros due to an insufficient legal basis for data processing the US group. Between September 2022 and January 2023, the DPC sentenced the mother of Facebook and Instagram to fines totaling just over one billion euros in three other cases after the European Data Protection Board (EDPB) got involved in each case.
Top ten fines
Meta is also in the top ten of the highest individual fines in the “Enforcement Tracker” by the law firm CMS, with two other penalties against Facebook and the other subsidiary WhatsApp. Amazon has intervened in second place: the Luxembourg regulator billed the e-commerce giant 746 million euros in mid-2021. Google ranks 7th, 9th and 10th with three sanctions from France.
Relevant fundamental questions on the interpretation of the GDPR – including fines – are still the subject of legal proceedings and have now reached the European Court of Justice (ECJ), writes CMS in the current report on the enforcement of the regulation. In particular, the role of national supervisory authorities and the considerable influence of national legislation on sanctions and the resulting differences between the member states posed a challenge for the economy.
On the other hand, civil rights organizations complained about deficits in the GDPR application for precisely this reason. CMS therefore supports the EU Commission’s plan to standardize the processing of cross-border data protection cases by the supervisory authorities.
comments_outline_white Read comments (1) Go to homepage
#Data #Protection #Penalties #GDPR #Fines #Exceed #Billion