The 5 Biggest GDPR Fines To Date
- Author Alex Belsey
- Published February 14, 2021
- Word count 480
The General Data Protection Regulation (GDPR) was implemented on May 25th 2018, with the intention of giving individuals greater control over their personal data.
Covering both the European Union and the European Economic Area, any firms which breach GDPR have risked being fined substantial sums of money, as violators can be charged up to €20 million, or 4% of the company’s global turnover for the preceding financial year.
Since not properly adhering to the GDPR can be so costly, almost all companies now have processes in place to properly handle the data of their customers, contacts, and employees, but despite this, many businesses have been penalised for breaching the regulations.
Often, this has proved to be a very expensive mistake, as our article about the 5 biggest GDPR fines to date shows!
- British Airways - Fined €204,600,000
In 2019, British Airways was fined €204,600,000 - the largest amount to date, for an incident in September 2018 where the British Airways website diverted users to another site, which was controlled by a hacker.
Over 500,000 people had their personal data stolen, and BA was found liable for the theft, as they had inadequate security mechanisms in place to prevent such cyber-attacks from happening.
- Marriott International - Fined €110,390,200
Following Marriott International acquiring the Starwood group of hotels and resorts, they failed to implement necessary security measures to protect the guests’ data. This meant that when Marriott was subjected to a cyber-attack, the personal data of over 339 million guests was exposed, and Marriott received a substantial fine.
- Google - Fined €50,000,000
Google breached four separate articles of the GDPR, and paid the price for doing so.
These breaches related to Google not being transparent about how it had collected data from users, then used this data for personalised advertising campaigns. It was also found that Google failed to give enough information regarding their consent policy, and didn’t provide individuals with the required control over how their personal data would be processed.
- TIM – Fined €27,800,000
On January 15th 2020, the Italian telecommunications company TIM was hit with a fine of €27,800,000 for an extensive list of GDPR violations.
These include contacting non-customers multiple times (up to 150 times per month, in fact) without the necessary consent, excessive data retention, enrolling people in prize competitions without their permission, and repeated leaks of customer data.
Several million people were affected by TIM’s overly aggressive marketing strategy and failure to protect customer information.
- Austrian Post – Fined €18,000,000
Austria’s national post service was fined €18,000,000 (plus another €1.8 million to cover the costs of the investigation) in October 2019, for collecting the addresses, personal preferences, and political affiliations of over 3 million Austrians (one third of their entire population), then selling this data to private companies and political parties.
These are some of the other organisations who have fallen foul of the regulators for committing GDPR violations:
Royal Dutch Tennis Association
There are no posted comments.
- 5 Key Practices for Immigration Compliance
- Do you need an operating agreement for your Florida LLC
- How do I best avoid legal problems in business
- Which is better the Inc. or the LLC
- Trademark your business logo
- STAY OF EXECUTIONS UNDER CAMEROON PENAL LAWS
- Where To Get The free affidavit Form Online
- Contest a Will
- How Do Personal Injury Lawyers Get Paid?
- PECUNIARY SENTENCE UNDER CAMEROON PENAL LAWS
- Architects: Artists, Scientists, or Both?
- The Art of Film Distribution
- Product Design, A Creative Venture?
- Is Marketing Considered Art?
- Are Digital Marketers Creative and Artistic?
- Spies and Mercenaries
- Federal ‘Vanessa Guillen’ Act introduced, data reveals risk of sexual assault at Fort Bliss
- The Special Commercial Courts in Poland
- Tips for Picking the Ideal Orange County Personal Injury Lawyer
- A Reality Check About Unpaid Child Support And Alimony
- Is There a Difference Between Theft, Robbery, and Burglary?
- How to do a Background Check in Canada in 2021
- Money laundry & Cryptocurrency
- 10 legit ways to make money online
- How to run a Group Action
- Title: Covid 19 Stimulus for the Malaysian economy: A consultative role for newly globalized unions to play
- The new Malaysian Companies Act and Covid 19 challenges to small and medium enterprises
- Useful Tips on Hiring Professional Painters for Your House
- Where Can You Find the Right Australian Visa Services Agent?
- The Metaphysical Challenge to the Reasonable Man Test in Law