Hi Calvin,
the GDPR fines are up to 10 million euros or, if higher, 2% of worldwide turnover in the cases of, by way of example:
-violation of the conditions applicable to the consent of minors in relation to information society services;
-unlawful processing of personal data that does not require the identification of the person concerned;
-failure or incorrect notification and / or communication of a data breach to the competent national authority;
-violation of the obligation to appoint the DPO;
-failure to apply technical and organizational measures to ensure data protection.
The amount of administrative pecuniary sanctions can increase up to 20 million euros, or alternatively, up to 4% of worldwide turnover in the cases of, by way of example:
-failure to comply with an order, provisional or definitive limitation concerning a treatment, imposed by a competent national authority;
-cross-border illegal transfer of personal data to a recipient in a third country.
Until now, European Privacy Authorities gave these fines:
- Germany: fine of 20.000 Euros to Social Network Knuddels.de for article 32 violation after a data leak of 2 million username/passwords and 800k emails. The fine was light for the high collaborative behavior of Knuddels.de.
-Portugal : fine of 400.000 Euros to Hospital Barreiro Montijo for large and not motivated access of 600 hospital employees to patients personal and sensitive data
-Austria: fine of 4.800 Euros to an Entrepreneur for camera installation outside his shop
-France: fine of 50 million Euros to Google LLC for commercial ads lacking of transparence, information and customer consensus
I believe that in the near future the controls and the fines will rise up.
Bye
Sergio
------------------------------
Sergio Insalaco
------------------------------
Original Message:
Sent: 03-11-2019 02:28 PM
From: Calvin Bench
Subject: THINK 2019 Presentation about our Guardium Project: GDPR Reflections - Where Are We Now?
Hi Sergio
Thanks for posting. This is great. I have a few questions:
- Are you seeing an upward trend in strictness by EU officials around GDPR compliance?
- What kind of action [ lawsuits, complaints, fines ] will it take to motivate organizations to be GDPR compliant if it hasn't happened already?
- Are there countries / parts of the world you see as being unwilling to comply with GDPR even with European customers, employees?
------------------------------
Calvin Bench
Offering Manager
Austin TX
Original Message:
Sent: 03-07-2019 12:42 PM
From: Sergio Insalaco
Subject: THINK 2019 Presentation about our Guardium Project: GDPR Reflections - Where Are We Now?
Hi fellow Guardium Community members,
Check out the presentation I gave with IBM at THINK 2019, "GDPR Reflections: Where Are We Now?" about our Guardium Project.
best
------------------------------
Sergio Insalaco
------------------------------