LONDON – European watchdogs sounded a warning that they are just getting started in issuing fines for GDPR violations. One warned that 2018 “should be considered a transition year.”
‘Massive Increase’ in Reported Breaches
Speaking at a conference in London hosted by the International Association of Privacy Professionals, Stephen Eckersley from the UK Information Commissioner’s Office, said his country had worked with colleagues in the Netherlands and Norway. He explained that they had established a “matrix” to calculate fines. This is not public but used as a “toolkit” by the agencies (via The Register).
Mr. Ecksersley also said that there had been a “massive increase” in reports of data breaches. There were 1,700 in the first month GDPR came into force. He said that organizations were reporting “just in case.” As a result, his organization had set up a dedicated team that data controllers can contact to asses whether they need to make a formal notification.
Most of the Fines Paid by Google
Speaking at the same conference, Mathias Moulin, from the French data watchdog CNIL, said 2018 “should be considered a transition year” for GDPR. His organisation fined Google 50m. That fine against Google made up almost of the €55.96 in fines given out of GDPR.
A report by the European Data Protection Board, released February, said that in total 206,326 cases had been reported since GDPR came in in May 2018. Apple CEO Tim Cook is a strong advocate of such legislation being enacted in the U.S.