Since the General Data Protection Regulation’s (GDPR) inception on 25 May 2018, the number of data breach notifications received by the Information Commissioner (ICO) has quadrupled – but the ICO is yet to issue any fines under GDPR.
A record breaking 14,072 breach notifications were made to the ICO between 25 May 2018 and the beginning of May this year. This is four times the number of notified data breaches recorded by the ICO for April 2017-2018, which was 3,311.
This sharp increase is partly due to the introduction of mandatory breach reporting for organisations that control personal data where a data breach is likely to “result in a risk for the rights and freedoms of individuals” under the new regime. These new breach reporting obligations enable the ICO to enforce GDPR and issue fines more effectively than in previous years.
The public have also submitted an unprecedented 41,054 complaints this year, almost doubling last year’s total. It suggests consumers are now more aware than ever before of the value of their personal data and their rights under GDPR, which includes their right to lodge a complaint with the ICO.
So far, more than 90 fines have been issued under GDPR totalling €55.96 million across Europe, including the biggest ever GDPR fine of €50 million issued by France’s CNIL to Google for failing to meet the new consent requirements under GDPR and to comply with its transparency and information obligations.
Despite these impressive notification figures, the increase in consumer awareness of GDPR, and ground breaking enforcement action taken by the ICO’s counterparts across Europe, no fine has been issued under GDPR rules in the UK. However, a spokeswoman for the ICO has confirmed that the “first fines under the General Data Protection Regulation are due to be issued soon, once the necessary legal processes have been completed”.
Although it is not public knowledge which organisations will be on the receiving end of the ICO’s first fines, we suspect that the ICO will have focussed its attention on the most egregious breaches – for example, the hacking attack on British Airways’ systems which led to 244,000 customers’ payment details being stolen and put up for sale on the dark web.
Following his ongoing high profile LinkedIn campaign and the series of articles that he has written on the Horizon Post Office Scandal, Partner and Co-head of SMB’s Commercial Media team, Simon Goldberg has made a podcast with former Sub-Postmaster Lee Castleton.
Read moreSimons Muirhead Burton is proud to have advised on the acquisition of the sequel and television rights to the Academy Award-winning film Slumdog Millionaire.
Read moreSMB is thrilled to celebrate the continued success of our client, Flight Club Darts, as they opened the doors to their latest premises in Oxford Westgate Shopping Centre on Friday 22nd November 2024.
Read more