Annual GDPR fines exceed €1bn for first time

Annual General Data Protection Regulation (GDPR) fines exceeded €1bn for the first time since the regulation was implemented in 2018, Atlas VPN claims.

The private browsing company identified 412 financial penalties issued in 2021, with a combined total of €1bn issued.

This marks a significant jump in penalties compared to previous years. A total of €171m was issued in fines in 2020, €72m was doled out in 2019 and in 2018, fines made up just €436k.

Fines for Amazon and WhatsApp were largely behind last year’s record level of fines. In July Amazon Europe Core S.à.r.l was fined €746m for failures. Then in September, the EU fined WhatsApp Ireland Ltd. €225m for breaches.

As for the country with the most breaches, Spanish companies accumulated 351 fines, resulting in a combined total of €36.7m worth of penalties. The average penalty size in the country was around €105K, and telecom companies, including Vodafone Spain, were hit multiple times for breaches.

The second most offending country was Italy, with 101 fines, totalling €89m. The average fine was significantly higher than Spain, standing at around €887K – the highest of any country. One of its biggest fines was felt by telecom company TIM, which was fined €27.8m by the Italian SA.

Romania ranked third on the list, with 68 fines issued at a total of €721K. The remaining top ten was comprised of Hungary, Norway, Germany, Poland, Greece and Belgium.

The statistics it used are based on the GDPR Enforcement Tracker database and International Law Firm CMS tracked all of the numbers provided on the website.

Copyright © 2022 FinTech Global


Enjoying the stories?

Subscribe to our daily FinTech newsletter and get the latest industry news & research


The following investor(s) were tagged in this article.