The European Commission (EC) stated that data protection regulators in Europe have received more than 95,000 complaints about potential data breaches, after the implementation of the General Data Protection Regulation (GDPR). The commission also said that most of the complaints are focused on telemarketing, promotional emails, and video surveillance.
The GDPR, which became enforceable on May 25, 2018, and privacy laws and regulations around the globe give new powers to privacy regulators. Designed to harmonize the fragmented data privacy framework across the European Economic Area (EEA), the GDPR allows controllers to charge fines of up to 4 percent of global revenue or 20 million euros ($23 million), whichever is higher.
“What is at stake is not only the protection of our privacy but also the protection of our democracies and ensuring the sustainability of our data-driven economies,” the commission said in a statement. It’s believed that more penalties could come as Europeans become aware of their data privacy rights, the commission added.
Recently, search engine giant Google was fined for 50 million euros (around $57 million) by the French data regulator CNIL (National Data Protection Commission) for violating the General Data Protection Regulation. The data protection watchdog stated it had levied the fine for Google’s lack of transparency and valid agreement regarding ads personalization. The regulator also said that Google didn’t sufficiently inform the people about how it collected the users’ data to personalize ads.
The issue started when CNIL received complaints from the associations, None of Your Business (NOYB) and La Quadrature du Net (LQDN) in May 2018. The associations complained on Google for not having a valid legal basis to process the personal data of the users for ads personalization, as mandated by the GDPR.
The inspections carried out by the CNIL’s restricted committee found that Google has violated two core privacy rules of the GDPR- Transparency, and Consent. The committee notified that the information provided by Google is not easily accessible for users and the structure of the information does not comply with the data regulations. It also declared the users are not able to understand the processing operations carried out by the search engine giant.