GDPR Results in $126 Million Fines: Is This a Wake-Up Call?
During the initial stages on implementing GDPR, and during the grace period allowed by the EU, most companies had only touched the surface on GDPR requirements and the changes they had to make.
Now, more than 20 months after GDPR has been in force, official data from DLA Piper reveals there have been over 160,000 notified data breaches, with over €114 million ($126 million) in fines, the biggest of which was Google at €50 million.
According to CNBC, Ross McKean, a Partner at DLA Piper, said the findings showed that “we’re still in the very early days” of enforcing the new EU data privacy laws.
“It’s not a huge surprise that we’re seeing a slow start to fines, but there’s more to come,” he said.
Talking to Lawyer Monthly, CEO and co-founder of KYC experts Encompass Corporation, Wayne Johnson says the EU is gearing up for more fines and that this should indeed serve as a wake up call to all those left unprepared: “It’s no surprise that data privacy watchdogs are gearing up to make full use of their expanded powers after collecting around £100m in fines for data violations. Since the arrival of the GDPR, large companies and banks have been scrambling to implement effective policies to adhere to the legislation, with mixed results so far.
“This news should serve as a wake-up call for financial services organisations to ensure full compliance with existing and incoming legislation. With new figures revealing that banks were hit with over £6bn globally for breaches of anti-money laundering (AML) regulation, the importance of adhering to strict compliance rules cannot be underestimated. Moving forward, the ability to know your customer and manage their data proficiently should be a top priority for banks of all sizes.”