GDPR fines analysed and explained
Our data protection experts regularly analyse fines and other sanctions imposed by European data protection authorities for violations of the European General Data Protection Regulation (GDPR). The aim of our analysis is to equip you with the knowledge to avoid GDPR fines, having learned from the mistakes of other companies.
The music streaming service Spotify did not sufficiently inform its users about the processing of their data. The Swedish supervisory authority has now imposed a GDPR fine.
The Irish supervisory authority imposed the highest GDPR fine to date on the Facebook group, and banned further data transfers to the United States. We explain why the decision is important for all U.S. electronic communications service providers and their European customers.
The Belgian DPA issued a fine against an NGO for failing to comply with data protection law when processing publicly available personal data.
CNIL issued a combined fine of EUR 150 million against two Google subsidiaries and a EUR 60 million fine against Facebook.
Amazon has been hit by the highest fine ever imposed under the GDPR. If the company does not change its policies to comply with data protection laws, it could soon have to pay even more.
The DPC issued a fine of EUR 225 million against WhatsApp for violating its transparency obligations under the GDPR. The decision highlights the importance of ensuring GDPR compliance and provides further important advice for companies.