With GDPR in Full Swing: An Overview of the Latest Fines
It has been nearly a year since the GDPR went into effect, and several organisations have since been exposed to the costly non-compliance price tag. While high-profile prosecutions have yet to occur within the UK, the following incidents emphasise the importance of GDPR compliance:
Failed consent policies in France—French regulators gave Google a record-setting GDPR fine of €50 million (£42.7 million) for failing to provide transparent and accessible information on its data consent policies in January 2019.
Password problems in Germany—In September 2018, a German social media company suffered a cyber-attack that compromised the personal data of over 800,000 users. An investigation revealed that the users’ passwords had been stored in unencrypted text. The financial penalty was €20,000 (£17,000).
Camera concerns in Austria—In October 2018, an Austrian business received a GDPR fine of €4,800 (£4,100) for installing a CCTV camera in front of their establishment that also recorded a portion of the public pavement.
Safeguard slip-ups in Holland—In November 2018, the Dutch government discovered that Microsoft had failed to follow GDPR privacy guidelines when handling 300,000 Dutch workers’ information. No fine has been issued, but the company could face millions of pounds in punishment.