The EU General Data Protection Regulation (GDPR) is among the world’s toughest data protection laws. Under the GDPR, the EU’s data protection authorities can impose fines of up to up to €20 million (roughly $2,372,000), or 4 percent of worldwide turnover for the preceding financial year—whichever is higher.

Since the GDPR took effect in May 2018, we’ve seen over 800 fines issued across the European Economic Area (EEA) and the U.K. Enforcement started off somewhat slow. But between July 18, 2020, and July 18, 2021, there was a significant increase in the size and quantity of fines, with total penalties surging by around 113.5%. And that was before the record-breaking fine against Amazon—announced by the company in its July 30 earnings report—which dwarfed the cumulative total of all GDPR fines up until that date.

Top 10 fines so far:

  • Amazon — €746 million
  • Google – €50 million
  • H&M — €35 million
  • TIM – €27.8 million
  • British Airways – €22 million
  • Marriott – €20.4 million
  • Wind — €17 million
  • Vodafone Italia — €12.3 million
  • Notebooksbilliger.de — €10.4 million
  • Eni — €8.5 million
  • More details: https://www.tessian.com/blog/biggest-gdpr-fines-2020/

    More Rajko Sekulovic's questions See All
    Similar questions and discussions