Are brands getting worse at privacy breaches? GDPR fines hit record €1billion

Despite the slow demise of tracking cookies, GDPR penalties are increasing year-on-year, considerably affecting businesses that don’t comply with the new privacy laws. Some countries are gathering significantly more fines than others. 

According to the data presented by the Atlas VPN team, GDPR fines hit over €1 billion last year, with 412 total penalties issued in 2021 by the EU. Amazon and WhatsApp had to pay off the most significant penalties for violating GDPR laws.

The goal of the General Data Protection Regulation (GDPR) was to offer EU citizens more control over their data and privacy.

In 2018, when the EU implemented the GDPR law, a total of €436k in fines were issued to businesses. The next year, in 2019, the sum of total fines increased significantly to €72 million. In 2020, they rose again to a total of over €171 million by the end of the year. 

However, 2021 blew out past years by a significant margin, accumulating more than €1 billion in GDPR fines, a 521 percent increase compared to the previous year.

Reining in the power of the biggest tech companies

In July 2021, Amazon Europe Core S.à.r.l incurred a fine of €746million, the highest penalty in GDPR history. The company responded: "We believe the CNPD's decision to be without merit and intend to defend ourselves vigorously in this matter."

In September, the EU fined WhatsApp Ireland Ltd. with the second biggest penalty of €225 million. The Meta-owned company also disagrees with the decision and plans to appeal.

Cybersecurity writer at Atlas VPN Vilius Kardelis shares his thoughts on GDPR benefits to EU citizens: “GDPR continues to successfully hold businesses accountable when they misuse people’s data or are ambiguous about their privacy policies. Companies became more responsible when handling their client information to avoid hefty fines from regulators, ultimately benefiting every EU citizen.”

GDPR penalties comparison among countries

In some countries, updated privacy laws affected businesses significantly as they were fined appropriately under the new system.

The most fines were collected by Spain, accumulating to a total of 351. They incurred €36.7 million worth of penalties, with the average penalty landing at about €105K.

Italy stands second on the list with 101 fines, which required businesses to pay nearly €90 million. The average penalty in Italy is about €887K, which stands out as one of the largest compared to other countries.

Romania ranks third on the list as it has imposed a total of 68 sanctions that sum up to €721K in fines. Even though they have issued many penalties, the average falls short of only €11K.

Have you registered with us yet?

Register now to enjoy more articles and free email bulletins

Already registered?
Sign in