Home UK Imposed €132.7 Million of GDPR Fines, more than Germany and Italy Combined
Research

UK Imposed €132.7 Million of GDPR Fines, more than Germany and Italy Combined

Jastra Kranjec
Fact Checked
Fact Checked
Everything you read on our site is provided by expert writers who have many years of experience in the financial markets and have written for other top financial publications. Every piece of information here is fact-checked.
Disclosure
Disclosure
Please note that we are not authorised to provide any investment advice. The information on this page should be construed for information purposes only. We may earn commissions from the products mentioned on this site.
GDPR penalties-BuyShares.co.uk

The General Data Protection Regulation (GDPR) continues causing hefty fines and penalties for businesses and organizations across European countries even two years after coming into force.

According to data presented by Buy Shares, the United Kingdom tops the list of the most expensive data breach penalties with €132.7 million in the total value of GDPR fines, more than German and Italy combined.

Cumulative Value of GDPR Fines Hit €344 Million, a €119 Million Increase in 2020

The primary reason for such a high cumulative value of GDPR fines in the United Kingdom is the data breach penalty imposed by the UK’s data protection authority, ICO, to Marriott International. In November 2018, the American multinational company was fined with €110.4 million after reporting a cyber incident that exposed nearly 340 million guest records.

Last week, the ICO fined British Airways €22 million for failing to protect the personal and financial details of more than 400,000 of its customers, the second-largest GDPR fine in the United Kingdom. The penalty is considerably smaller than the €204.6 million that the ICO initially said it intended to issue back in 2019 after the Magecart group used card skimming to collect the personal and payment information of British Airways` customers.

Far below the United Kingdom, Germany ranked as the second-leading country in Europe with €61.6 million in the cumulative value of GDPR fines, revealed the GDPR Enforcement Tracker data. On October 1st, 2020, H&M Hennes & Mauritz Online Shop was fined with €35.2 million for the insufficient legal basis for data processing, the severest GDPR penalty in the country.

Italian data protection authority (Garante) imposed €57.3 million worth of GDPR fines so far, ranking in third place among European countries. On January 15th, 2020, telecommunications operator TIM was fined €27.8 million for unlawful data processing, non-compliant aggressive marketing strategy, and invalid collection of consents, the steepest penalty in Italy.

France ranked fourth among the European countries with €51.3 million worth of GDPR fines. Austria, Sweden, and Spain follow, with, €18 million, €7million, and €3.9 million, respectively.

Statistics indicate the cumulative value of GDPR fines and penalties hit over €344 million in October, with almost €119 million worth of new fines imposed in 2020.

Top Five GDPR Penalties Account for 70% of Cumulative Fine Value

Behind Marriott’s €110.4 million worth GDPR fine, Google holds second place on the list of the highest data breach penalties. The US tech giant was fined €50 million by France’s data protection regulator, CNIL, for not providing enough information to users about its data consent policies and control in using their data.

H&M Hennes & Mauritz Online Shop ranked third on this list with €35.2 million worth GDPR fine. Italian telecommunications operator TIM and British Airways round the top five list with €27.8 million and €22 million, respectively.

Statistics show the five biggest data breach penalties cost more than €245 million, or 70% of cumulative GDPR fine value.

Question & Answers (0)

Have a question? Our panel of experts will answer your queries. Post your Question

Leave a Reply

Write a Review

Your email address will not be published. Required fields are marked *

Jastra Kranjec

Jastra Kranjec

Jastra is an editor, writer, and PR specialist with years of experience in the news, research, and report writing. Over the years, she has worked in different fields of journalism and public relations, including politics, economy, and financial markets. Jastra has written for a wide variety of online platforms, including Inside Business,The Business Mogul, Business Today, Startups Magazine, StockApps.com, and TradingPlatforms.com.