GDPR Fines Haven't Rocked the Data Privacy World

upstart writes:

Submitted via IRC for Runaway1956

GDPR Fines Haven't Rocked the Data Privacy World

When it launched, Europe's General Data Protection Regulation (GDPR) became bigger than Beyonci(C). Since then, some of the hype around the law has waned, but there's still one thing that gets people excited: fines.

Under the law, data-protection regulators across Europe have boosted powers to punish companies and organizations who are found in breach of the GDPR. The most serious consequences can be fines of up to a20 million ($22.4 million) or 4 percent of a firm's global turnover, whichever is greater. These are larger than the 500,000 ($650,000) penalties that could be issued by the UK's regulator, the Information Commissioner's Office, under the old data-protection rules.

Before the GDPR was enforced there were outlandish predictions that businesses would be hit with huge fines for data-protection issues. Some estimates claimed GDPR fines would be 79 times higher than those under previous rules; others said banks would be hit with fines of up to a4.7 billion ($5.3 billion) in the coming years.

Unsurprisingly there hasn't been a deluge of fines running into millions or billions of euros, but the EU's 28 data-protection regulators are slowly beginning to flex their enforcement muscles-including against big tech companies.

After the first year of the GDPR, the European Data Protection Board reported (PDF) that nations had examined 206,326 cases under the law. Helen Dixon, the Irish data-protection regulator who has jurisdiction over US tech companies because of their European headquarters in Ireland, has investigations open into at least 17 multinational firms. These include Facebook and its subsidiaries WhatsApp and Instagram, plus Google and Twitter.

Read more of this story at SoylentNews.