GDPR violations have cost companies billions since being introduced

GDPR
(Image credit: Shutterstock / Vector Image Plus)

In the six years that the European Union’s General Data Protection Regulation (GDPR) has been in force, €4.5 billion ($4.9 billion) in fines have been paid due to violations.

Research by NordLayer has revealed individual data protection authorities have issued 2,072 violations, highlighting that the regulation is being taken seriously and companies failing to adhere to the new measures are being punished.

Since its inception in May 2018, GDPR has significantly influenced data protection and privacy practices, however for many consumers, it has also added another layer of complexity.

GDPR fines prove companies are being penalized

Spain, Italy and Germany top the list for GDPR violations. Spanish businesses were the most frequently penalized, with 842 fines totaling €80 million. Despite receiving less than half the number of fines than Spain, Italy paid out around three times as much in fines, suggesting a higher average magnitude across the board. German companies were fined 186 times, resulting in €55 million in penalties.

Carlos Salas, a NordLayer cybersecurity expert, noted: “We've witnessed businesses across industries change their data handling practices and invest in security measures to achieve compliance… [GDPR] has reshaped the digital landscape, forcing a much-needed prioritization of privacy rights.”

Meta, responsible for six of the top 10 fines, was the most penalized company. Between the parent company and its Facebook and WhatsApp subsidiaries, it paid out €2.5 billion in fines, accounting for more than half of all the financial penalties.

Its biggest, a €1.2 billion fine for insufficient legal basis for data processing in 2023, far exceeded the second-biggest fine – a €746 million penalty given to Amazon. Other companies in the top 10 included TikTok and Google, with only one firm falling outside of the Big Tech category – Italy’s Enel Energia.

Salas summarized: “Data protection regulations evolve, and cyber threats become more sophisticated, so businesses must remain proactive in their data privacy and security approach.”

More from TechRadar Pro

Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

Read more
European Union
European Commission hit by EU court fine after breaking own data privacy rules
 In this photo illustration, the big tech companies Google, Apple, Meta, Amazon, Microsoft logos seen displayed on a mobile phone screen.
Big tech needs less than three weeks to pay off over $8 billion in 2024 fines
European Union technical background
Trump blasts EU regulators for targeting Meta, Apple and other US tech giants
Illustration of a thief escaping with a white fingerprint
5 massive privacy scandals that rocked the world – and made millions of victims
Outdoor photograph of a pair of hands holding a smartphone with navigator location points in the background
Millions of phone location records feared leaked as one of the biggest data leaks ever may be a whole lot worse
Hands on a laptop with overlaid logos representing network security
Privacy must be a business priority: the urgent need for investment and action
Latest in Security
China
Notorious Chinese hackers FamousSparrow allegedly target US financial firms
A digital representation of a lock
NYU website defaced as hacker leaks info on a million students
NHS
NHS IT supplier hit with major fine following ransomware attack
A digital representation of blockchain.
Malicious npm packages use devious backdoors to target users
Data leak
Top home hardware firm data leak could see millions of customers affected
Representational image depecting cybersecurity protection
Third-party security issues could be the biggest threat facing your business
Latest in News
Shigeru Miyamoto presents Nintendo Today app
Nintendo Today smartphone app is out now on iOS and Android devices – and here's what it does
Nintendo Virtual Game Card
Nintendo reveals the new Virtual Game Card feature, an easier way to manage your digital Switch games
Nintendo Switch 2
The Nintendo Switch 2 pre-order date has seemingly been confirmed by Best Buy Canada – here's when you'll be able to order yours
Person printing
Microsoft’s latest Windows 11 update exorcises possessed printers that spewed out pages of random characters
Pro-Ject A1.2 in black, playing a vinyl record in a hi-fi listening room
Pro-Ject's new fully-automatic turntable could be the buy of Record Store Day 2025
Intergalactic: The Heretic Prophet
Intergalactic: The Heretic Prophet reportedly won't release until after 2026, as Neil Druckmann says that staff 'are playing it at the office' right now - but I don't think I can wait that long