Nearly €1.1 billion worth of GDPR fines have been imposed in 2021, according to research by DLA Piper.

This figure represents a 594 per cent year-on-year increase in fines imposed since 28 January 2021, compared to €158.5 million during the same period the year before.

The figures were taken from a survey of over 27 European Union member states, plus the UK, Norway, Iceland, and Liechtenstein.

Luxembourg, Ireland, and France topped the rankings for the highest individual GDPR fines, accounting for €746 million, €225 million, and €50 million worth of fines, respectively.

Luxembourg and Ireland have each imposed record-breaking fines, moving them from the bottom to the top of the league tables according to the law firms results.

The growth of breach notifications also continued according to the findings, rising 8 per cent from last year’s average of 331 notifications per day to 356 for this year.

More than 130,000 personal data breaches were notified in aggregate since 28 January 2021 according to DLA Piper.

Weighting the results against country populations, the Netherlands took the top position this year ahead of Liechtenstein and Denmark with 151, 136, and 131 breach notifications per 100,000 people, respectively.

Croatia, the Czech Republic, and Greece reported the fewest number of breach notifications according to the findings, reporting just 28 per capita since 28 January 2021.

Share Story: