Data Protection Commission fines surpass €1bn in 2022
The Data Protection Commission imposed fines totalling €1 billion in 2022 on the back of 17 large scale enquiries according to its annual report.
Meta, parent company of Facebook, Instagram and WhatsApp, alone paid €1,077 billion for GDPR breaches.
The regulator concluded 10,008 cases, including 1,920 complaints received prior to 2022. The total breach notifications received in 2022 was 5,828.
A further 207 electronic direct marketing investigations were concluded in 2022 and two telco companies were successfully prosecuted for four separate charges of sending unsolicited marketing communications without consent.
However the regulator is still perceived to be a soft touch when it comes to regulating multinational tech firms owing to Ireland’s low corporate tax rate.
The regulator was also heavily criticised by the European Data Protection Board (EDPD) for it’s ‘light touch’ approach to Big Tech. This was evidenced in December 2022 when the EDPD overruled the regulator in a case involving Meta and its policies of collecting user data. The DPC argued that Meta could collect personal information for the purposes of behavioural advertising in exchange for using its services. Having failed, 2023 begins with a €390 million against Meta for these practices. It is unclear how much Meta made from these practices during the four-and-a-half years of the inquiry.
Commenting on the 2022 report, Commissioner for Data Protection Helen Dixon, said: “2022 was a year that saw significant outputs from the DPC in its efforts to drive GDPR compliance and protect the rights of those in Ireland and across the EU. While the DPC encourages and guides organisations in achieving highest standards of protection in their processing of personal data, the DPC has also demonstrated it does not shy away from enforcing the law and applying sanctions where warranted.
“Two-thirds of the fines issued across Europe last year, including the EU, EEA and UK, were issued by the DPC on foot of detailed and comprehensive investigations, a fact that underlines both the outsized role, and exceptional performance, of the organisation in effectively holding those guilty of non-compliance to account.”
TechCentral Reporters
Subscribers 0
Fans 0
Followers 0
Followers