With the EU's stricter GDPR regulation now having been in place for three years, fines for regulation breaches totalled almost €1 billion in 2021's third quarter (1 July – 30 September), almost 20 times that of the first and second quarters combined.
The data was compiled by Finbold, a financial news agency, and highlights the enormous fines handed out by Member States – largely during July of 2021, which accounts for €755.08 million in fines.
Yet these huge financial penalties are largely incurred by individual companies, rather than an accumulation of smaller violations. In July, Amazon received the largest fine to date – €746 million – and Whatsapp was hit with a €225 million fine in September.
- Pandora papers: European Council updates short-list of tax havens
- Record fine for Amazon for data protection breaches
- WhatsApp fined €225 million in Ireland in privacy case
It is also striking that two Member States – Luxembourg and Ireland – dwarf the rest of the EU nations in total amounts fined. This comes as no coincidence since both countries are favoured by multinational corporations for their lower business taxes. These recent fines indicate that these nations may no longer be the safe havens that have so long made them the seat of the mega tech firms that have seen profits rocket in recent years and particularly during the pandemic.
However, Finbold emphasises that the fines indicated will not necessarily be the final amount paid by companies. Fines are often followed by protracted legal battles. Moreover, fines can take months or even years to be handed out in the first place, meaning that this quarter's record totals aren't necessarily a precursor of continually high fines in future financial quarters.
The Brussels Times