Originally written by Anna Jordan on Small Business
Saturday 25th May sees the first anniversary of GDPR – and its associated fines.
It’s fair to say that the effects haven’t been astronomical (at least not yet). The first year has been more about teething than smacking down financial penalties. The watchdog is said to be spending more time focusing on legacy cases breaching the Data Protection Act, including high-profile companies such as Uber, Equifax and BT.
It also hasn’t penalised companies harshly where they can show that they have taken adequate action to fix wrongdoings and comply with new regulation.
Though there have been few penalties, reports have been on the up. Research from Hiscox shows that complaints of online data breaches were up 160% in the six weeks after GDPR came into force.
Across the continent, the European Data Protection Board found that 206,326 cases were reported under the GDPR from supervisory bodies in 31 authorities in the European Economic Area (EEA).
Fines throughout Europe totalled €55.96 million over the first year of GDPR. This sounds like a grand sum, but is mostly made up of a €50 million fine for Google.
France’s CNIL vs Google
In its first GDPR ruling, CNIL pursued Google, issuing a €50