Digital Marketing Solutions Summit | Forum Events Digital Marketing Solutions Summit | Forum Events Digital Marketing Solutions Summit | Forum Events Digital Marketing Solutions Summit | Forum Events Digital Marketing Solutions Summit | Forum Events

Posts Tagged :

regulation

GDPR fines hit nearly 300m euros in three years

The General Data Protection Regulation (GDPR) was implemented in the EU three years ago on May 25th. This legislation aimed to give the residents of the EU more control over their data and privacy.

According to the recent Atlas VPN team findings, the cumulative sum of the GDPR fines imposed on the EU countries over the past three years has reached €283,673,083 due to a total of 648 penalties against organizations violating the data protection law.

The biggest GDPR fine so far was issued in January 2019. The French regulator CNIL fined Google €50 million for failing to provide transparent information on its consent policies and the way it handles ad personalization.

After that, another massive increase in penalties happened between October 2019 and January 2020. Thus, since the start of GDPR, organizations have been fined a total of €100,711,612 due to 167 violations.

In 2020, from July to October, there was a significant increase in the sum of fines. It was because 3 out of 5 most enormous penalties of all time were issued in October.

Cybersecurity writer and researcher at Atlas VPN William Sword, said: “GDPR has empowered EU citizens to be more actively involved in what is happening with their data and understand their privacy rights. As for organizations, complying with data protection rules will create a more trustworthy environment between them and consumers. ”

GDPR violations in specific countries

Privacy regulators in each country were closely monitoring companies to make sure that people’s data is dealt with responsibly.

Italy has assessed the most significant sum of fines over three years — €76,271,601. So far, Italy has been penalized a total of 77 times.

France takes second place with €54,661,300 in fines. The largest part of the amount was made off of the previously mentioned Google fine.

In third place sits Germany, where GDPR violations have cost companies €49,186,833.

Even though Spain has slightly less in the total sum of fines — €29,521,410, they have had the most violations. More than one-third of all GDPR penalties (230) were imposed upon Spain.

IAB responds to EU privacy complaints

The Internet Advertising Bureau (IAB) Europe has responded to complaints filed by campaigners with Data Protection Authorities (DPA) in the UK, Ireland and Poland, which make specific reference to the IAB OpenRTB Protocol and IAB Europe Transparency and Consent Framework (TCF).

The complaints allege that programmatic advertising using real-time auctions are inherently incompatible with EU data protection law. The premise of these challenges is based on communication between IAB Europe and the European Commission, from April 2017.

At the time, these conversations were part of a dialogue around the planned implementation of GDPR and revisions to the ePrivacy Directive.

IAB Europe was asked to provide details of potential challenges that would be faced within the digital advertising ecosystem, to ensure regulations developed were appropriate for use and could be implemented without limitation across the entire value chain.

The limitations identified at that time focused on how notice and choice could be given to consumers regarding the use of their data for targeting purposes. These limitations have since been addressed by the development of the Transparency and Consent Framework and IAB Consent Management Platform (CMP) by IAB Europe.

IAB Europe says it remains engaged with the European Commission and regional DPAs on behalf of members and the broader digital advertising industry, and adds that a similar dialogue has been attempted with the instigators of the complaints.

The IAB statement read: “These claims are not only false but are intentionally damaging to the digital advertising industry and to European digital media that depend on advertising as a revenue stream.

“IAB Europe has consistently tried to outline the counter arguments and correct information, mentioned above, to the claimants. However, they have consistently chosen to ignore the facts, bringing more inaccurate information to support their case. Their errors of omission could therefore be characterised as either misrepresentations or just fabrications.”

Click here to read the full statement from IAB Europe.