Tiago Sérgio Cabral (Managing Editor). 

▪

1. It is a known fact that the General Data Protection Regulation (GDPR) has suffered from an enforcement problem. The theoretical administrative fines of up to €20 000 000, or in the case of an undertaking, up to 4 % of the total worldwide annual turnover of the preceding financial year, whichever is higher, that appear impressive on paper largely failed to properly materialize in the first few years of application of the “new” data protection framework.

2. Fines under the GDPR finally overcame the €1 billion threshold in 2021, a sevenfold increase from 2021. In fact, fines under the GDPR have been steadily growing since 2018. Of course, one should not forget that a significant percentage of the total amount of fines levied in 2021 is comprised by the €746 million fine levied by Luxembourg Data Protection Supervisory Authority (DPA) against Amazon and the €225 million fine levied by the Irish DPA against Whatsapp. In addition, the total amount of the fines still pales in comparison with other areas, such as competition law.

Continue reading “The GDPR may no longer be a paper tiger” →