Just over 59,000 data breaches have been reported across Europe in the eight months since GDPR has come into force.
GDPR came into effect on May 25th 2018, this set out the new rules on how businesses, organisations and government bodies can collect and handle data. Under GDPR legislation, Data Controllers must report breaches within 72 hours of discovery.
Just eight months on, new statistics from a UK law firm have suggested that over 59,000 breaches have been reported since the legislation was enacted. This survey, conducted by DLA Piper, looked at breach reports from 23 of the 28 EU Member States from 25th May 2018 to 28th January 2019. Of the results, the Netherlands was found to have the most breaches (15,400), followed by Germany (12,600), and the UK (10,600).
The countries with the lowest reported breaches were Cyprus (35), Iceland (25), and Liechtenstein (15). The Netherlands leads the way as the country with the most breaches notified per capita, followed then by Ireland and Denmark.
Under GDPR, the Data Protection Body within the EU can fine a company up to 4% of their global annual turnover for breaches. It should be noted that 9% of these breaches reported relate to breaches predating GDPR. Due to this DLA Piper claim that these statistics are “best approximations”.
The study stated: “It is still very early days for GDPR enforcement with only a handful of fines reported across the EU.
“With the exception of the recent €50 million fine imposed on Google, so far the level of fines have been low, certainly when compared to the maximum fines regulators now have the power to impose.
“However, we anticipate that 2019 will see more fines for tens and potentially even hundreds of millions of Euros as regulators deal with the backlog of GDPR data breach notifications.”
So far, Google is one of the most widely recognised brands to be found to be in breach of GDPR. Google was fined €50 million by French regulator CNIL.
GDPR Compliance is mandatory for all businesses operating within the EU. Ensure your business is GDPR complaint with our GDPR Compliance Training and rest assured your employees are GDPR compliant in all of their activities.