Underage Instagram users were opting to ignore privacy settings and work around them by opening business accounts, leading to a GDPR fine of €405 Million by the Irish DPC.
Spanish data protection authority AEPD called the two infringements that led to the GDPR fine "very serious." Both relate to Google's transfer of EU citizen data to the US.
Facebook’s new €17 million GDPR fine stems from a failure to demonstrate that adequate security measures were in place to prevent the data breaches in 2018.
Even seemingly innocuous “free” tools can cause data privacy problems, as a company out of Germany has found out. The company has been ordered to pay a small GDPR fine due to its use of Google Fonts.
Mayor's office of Lisbon has been handed a $1.4 million fine by the country's data protection commission for providing the personal data of activists and organizers to foreign diplomats, including Russia’s foreign ministry.
Proposed fruits of the Irish DPC's three-year investigation into Facebook's consent and transparency violations are GDPR fines that would amount to a maximum of about $36 million to $42 million, or what the company makes roughly every two hours.
The Irish DPC has taken some heat for perceived softness in issuing GDPR fines to Big Tech. A $267 million fine issued to WhatsApp is the first substantial amount that the Irish regulator has assessed, but it comes amidst accusations and criticism.
The Luxembourg CNPD has issued Amazon the largest GDPR fine to date, hitting the online shopping giant with a penalty of €746 million (about $887 million) over its targeted advertising practices.
The $425 million GDPR fine has been proposed by Luxembourg’s data protection commission, which has submitted a draft decision to the data protection authorities of the other EU member states.
The large amount of the Booking.com fine is a point of contention as it stretches to the limit of what the GDPR allows for a data breach notification incident that involved relatively little sensitive personal information.