EU Fines For GDPR Breaches Increase Fivefold

European data regulators issued €1.1 billion (£920 million) in General Data Protection Regulation (GDPR) fines last year, a 585% increase compared to 2020.  This is almost 20 times higher than the combined total of Q1 and Q2, and triple the total amount of fines in all of 2020. 

Leading law firm DLA Piper surveyed 27 EU member states, as well as the UK, Norway, Iceland, and Liechtenstein. The survey identified an 8% increase in GDPR breach notifications from 2020’s average of 331 notifications per day to 356 in 2021.

Since 28 January 2021, there have been over 130,000 notified personal data breaches in total, with the Netherlands having the most breach notifications per 100,000 people respectively. On the other end of the spectrum, Croatia, the Czech Republic, and Greece reported the fewest number of breach notifications per capita.

The highest GDPR fine to date is the one imposed by the Luxembourg National Commission for Data Protection (CNDP) for €746 million on the online based retailer, Amazon, the biggest fine so far for non-compliance with the GDPR. This is more than 14 times higher than the previous largest GDPR fine (EUR50 million) imposed by France on Google.

The UK came in sixth place with a £20m fine against British Airways for losing the financial and personal details of around 380,000 customers in a cyber-attack in 2018.

Since 28 January 2021, there have been over 130,000 personal data breaches notified to regulators - on average 356 breach notifications per day, an 8% increase on last year’s daily average of 331 notifications per day. 

Commenting on the survey findings, Ross McKean, chair of the UK Data Protection and Security Group said that although the nearly sevenfold increase in fines may grab the headlines, According to DLA Piper’s survey, the most common implications aren’t limited to fines and claims for compensation, but also service interruption caused by the suspension of data transfers, which McKean described as “much more damaging and costly”.”

EU Data Protection Board:      Bloomberg:      ITPro:     Pymnts:     DLA Piper:     RemarkBoard

You Might Also Read:   

The Effects Of GDPR On EU / US Relations:

 

« The Importance Of Securing OT Platforms
Spy Chief Warns US Government Is Classifying Too Much Data »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Rubicon Workflow Solutions

Rubicon Workflow Solutions

Rubicon is a leading provider of managed IT support and strategic services, specialising in creative and mixed platform environments.

SOTI

SOTI

SOTI is an industry leader in Enterprise Mobility Management (EMM).

Cypress Semiconductor

Cypress Semiconductor

Cypress is a semiconductor design and manufacturing company providing embedded devices for secure IoT applications.

ControlScan

ControlScan

ControlScan is a Managed Security Services Provider (MSSP) - our primary focus is protecting your business and securing your sensitive data.

cPacket Networks

cPacket Networks

cPacket’s distributed intelligence enables network operators to proactively identify imminent issues before they negatively impact end-users.

Decision Group

Decision Group

Decision Group are a Total Solution Supplier offering Network Forensics and Lawful Interception tools.

Styra

Styra

Styra allows companies to secure cloud environments and applications, including those built on the popular Kubernetes open-source cloud platform.

Consortium for Information & Software Quality (CISQ)

Consortium for Information & Software Quality (CISQ)

The mission of CISQ is to develop international standards for software quality and to promote the development and sustainment of secure, reliable, and trustworthy software.

Nordic Cyber Summit

Nordic Cyber Summit

Nordic Cyber Security Summit addresses a wide range of technological issues from the IT Security spectrum and also provides a wider perspective from all aspects of the industry.

neoEYED

neoEYED

neoEYED helps banks and fintech to detect and prevent frauds using a Behavioral AI that recognizes the users just by looking at “how” they interact with the applications.

QuantiCor Security

QuantiCor Security

QuantiCor Security is one of the world’s leading developers and manufacturers of quantum computer resistant security solutions for IT infrastructures and the Internet of Things (IoT).

tru.ID

tru.ID

We’re tru.ID, and we're reimagining mobile authentication, one API at a time.

StrongBox.Academy

StrongBox.Academy

StrongBox.Academy provides cybersecurity training courses that are tailored to the specific needs and challenges of the industry.

Firesand

Firesand

Based in Milton Keynes, Firesand Ltd provides penetration testing services to improve your cyber security and protect your company against hackers.

AuthenticID

AuthenticID

Our mission at AuthenticID is to combat fraud worldwide and help businesses protect their enterprise and valuable data assets.

SteelGate

SteelGate

SteelGate’s core capabilities are centered around architecture design and engineering of network, systems, and cybersecurity solutions.