The 5 Biggest GDPR Fines To Date
- Author Alex Belsey
- Published February 14, 2021
- Word count 480
The General Data Protection Regulation (GDPR) was implemented on May 25th 2018, with the intention of giving individuals greater control over their personal data.
Covering both the European Union and the European Economic Area, any firms which breach GDPR have risked being fined substantial sums of money, as violators can be charged up to €20 million, or 4% of the company’s global turnover for the preceding financial year.
Since not properly adhering to the GDPR can be so costly, almost all companies now have processes in place to properly handle the data of their customers, contacts, and employees, but despite this, many businesses have been penalised for breaching the regulations.
Often, this has proved to be a very expensive mistake, as our article about the 5 biggest GDPR fines to date shows!
- British Airways - Fined €204,600,000
In 2019, British Airways was fined €204,600,000 - the largest amount to date, for an incident in September 2018 where the British Airways website diverted users to another site, which was controlled by a hacker.
Over 500,000 people had their personal data stolen, and BA was found liable for the theft, as they had inadequate security mechanisms in place to prevent such cyber-attacks from happening.
- Marriott International - Fined €110,390,200
Following Marriott International acquiring the Starwood group of hotels and resorts, they failed to implement necessary security measures to protect the guests’ data. This meant that when Marriott was subjected to a cyber-attack, the personal data of over 339 million guests was exposed, and Marriott received a substantial fine.
- Google - Fined €50,000,000
Google breached four separate articles of the GDPR, and paid the price for doing so.
These breaches related to Google not being transparent about how it had collected data from users, then used this data for personalised advertising campaigns. It was also found that Google failed to give enough information regarding their consent policy, and didn’t provide individuals with the required control over how their personal data would be processed.
- TIM – Fined €27,800,000
On January 15th 2020, the Italian telecommunications company TIM was hit with a fine of €27,800,000 for an extensive list of GDPR violations.
These include contacting non-customers multiple times (up to 150 times per month, in fact) without the necessary consent, excessive data retention, enrolling people in prize competitions without their permission, and repeated leaks of customer data.
Several million people were affected by TIM’s overly aggressive marketing strategy and failure to protect customer information.
- Austrian Post – Fined €18,000,000
Austria’s national post service was fined €18,000,000 (plus another €1.8 million to cover the costs of the investigation) in October 2019, for collecting the addresses, personal preferences, and political affiliations of over 3 million Austrians (one third of their entire population), then selling this data to private companies and political parties.
These are some of the other organisations who have fallen foul of the regulators for committing GDPR violations:
Royal Dutch Tennis Association
There are no posted comments.
- How to run a Group Action
- Title: Covid 19 Stimulus for the Malaysian economy: A consultative role for newly globalized unions to play
- The new Malaysian Companies Act and Covid 19 challenges to small and medium enterprises
- Useful Tips on Hiring Professional Painters for Your House
- Where Can You Find the Right Australian Visa Services Agent?
- The Metaphysical Challenge to the Reasonable Man Test in Law
- Lawsuit alleges AFFF firefighting foam exposure caused firefighter’s cancer
- Tips You Need To Know About Cell Phones
- Beginners Guide To Estate Planning
- Who Is Exempt from Wearing Seat Belts?
- Family Law Attorney - You Would Be Surprised At How Important They Are!
- Threshold Could Be Reduced for Blood Pressure Lowering Drugs
- What Are the Few Things You Will Need to Know About Child Custody in a Separation
- Finance Options for Civil Litigation
- What to do if you are struck by a driver without a license in pasca?
- 5 Tips to Choose the Best Lawyer in Dubai For Your Case
- Breathalyzers in DUI Cases Explained
- What is a Field Sobriety Test in a DUI case?
- Military Service & Criminal Convictions
- California's Three Strikes Law Overview
- Ex Post Facto Explained by Criminal Defense Lawyers
- Possession of Drug Paraphernalia Law in CA
- Gun Silencer Law in California
- Stolen Valor Crimes & Defenses
- New PC 290 Law in California
- Prop 57 Law
- Everything You Need To Consider When Choosing And Hiring A Personal Injury Solicitor
- Value of Car accident lawyer
- How to Calculate Child Support