EU expects first GDPR fines to be levied before year-end

These could potentially include UK's ICO investigation into Ticketmaster

EU flag flying

European data protection regulators will soon start issuing the first fines and temporary bans against companies found to have breached the General Data Protection Regulations (GDPR), with the first round of sanctions expected by the end of the year.

That's according to the European Data Protection Supervisor Giovanni Buttarelli, who told Reuters that the various enforcement agencies across each member state have been overwhelmed by a spate of complaints.

Advertisement - Article continues below

"I expect first GDPR fines for some cases by the end of the year," said Buttarelli, in an interview to Reuters. "Not necessarily fines but also decisions to admonish the controllers, to impose a preliminary ban, a temporary ban or to give them an ultimatum."

"The fine is relevant for the company and important for the public opinion, for consumer trust," he added. "But from an administrative viewpoint, this is just one element of the global enforcement."

He added that France alone had seen a 53% increase in the number of complaints against companies, and that queries clarifying various points of the new regulations had also surged across the bloc.

GDPR came into force across Europe on 25 May, including in the UK, representing the biggest shake-up to data protection policies since the introduction of the EU Data Protection Directive in 1995.

Advertisement
Advertisement - Article continues below

Being found in breach of these new rules brings a maximum fine of 20 million, or 4% of global revenue, whichever is higher.

Advertisement - Article continues below

Although enforcement of data protection policies is handled by independent national agencies within each member state, as the EU's Data Protection Supervisor, part of Buttarelli's brief is to coordinate the actions of these agencies.

He believes that those likely to be sanctioned will include companies headquartered across many EU countries, and a number of public bodies, although he refused to elaborate given that these investigations are still ongoing.

The UK's own data protection agency, the Information Commissioner's Office (ICO), is believed to have a number of ongoing investigations that have yet to materialise a sanction, including Ticketmaster, which suffered a breach on its systems in late June. It also recently revealed that it was receiving over 500 calls per week, many of which were data incidents that failed to meet the reporting threshold.

As part of the interview, Buttarelli also urged companies to cooperate on the EU's overhauling of the e-privacy directive, a policy designed to extend the scope of telecoms rules to cover technology firms.

Advertisement - Article continues below

The e-privacy directive is designed to work alongside GDPR, governing the handling of communications up until the moment where the data subject assumes control, at which point GDPR applies. The directive aims to level the playing field for traditional telecoms companies, who are currently subject to far tougher regulations compared to their internet counterparts, such as Skype and WhatsApp.

However, Buttarelli believes that companies have been dragging their feet over the rules, particularly as the directive was expected to be ready in time for the introduction of GDPR in May.

"E-privacy is simply indispensable. It is essential, it is a missing piece in the jigsaw of data protection and privacy. It would be really a dereliction of duty if the EU cannot update soon before the elections its rules on confidentiality of communication," added Buttarelli, referring to the European Parliament elections to be held in May 2019.

  • privacy
  • General Data Protection Regulation (GDPR)
Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement
Advertisement

Most Popular

Visit/operating-systems/ios/355935/apple-confirms-serious-bugs-in-ios-135
iOS

Apple confirms serious bugs in iOS 13.5

4 Jun 2020
Visit/security/ransomware/355945/new-ransomware-uses-java-to-target-software-organisations
ransomware

Tycoon ransomware discovered using Java image files to target software firms

5 Jun 2020
Visit/hardware/355904/picking-the-perfect-multifunction-printer
Hardware

Picking the perfect multifunction printer

4 Jun 2020