In the first year of GDPR enforcement, just a handful of major fines were handed down – making two big ones in the UK this week stand out
The threat of big fines made businesses take GDPR regulations seriously two years ago – but would they ever really happen? Now those big judgments are rumbling like thunder across Europe.
On Monday, Britain's government privacy agency announced it was fining British Airways $230 million in response to a breach of customer data in September of 2018. On Tuesday that agency, the Information Commissioner's Office (ICO), announced a fine of $123 million against hotel chain Marriott for a breach in November of 2018.
The similar announcements both cited the companies’ infringements of the General Data Protection Regulation. The European Union approved the privacy law in spring of 2016 and enacted it some two years later. The business world took careful note of GDPR’s threatened penalties of up to $25 million or 4% of a firm’s annual worldwide revenue.
Just a handful of major fines were handed down in the first year of the GDPR enforcement. (Although France’s $57 million fine against Google – for its handling of user information in its advertising business – in January was significant.)
Yet since May governments have handed down at least as many major fines. And the UK agency behind this week’s fines appears to be on a roll. Germany fined a police officer $1,500 for looking up a driver’s mobile number using their license plate information and calling them for personal reasons. The fi ..
Support the originator by clicking the read the rest link below.
