Upload File

the general data protection regulation (gdpr) in numbers

  • Home
  • Documents
  • The General Data Protection Regulation (GDPR) IN NUMBERS
1
ENFORCING THE RULES IN NUMBERS GDPR COMPLYING WITH THE RULES Most common types of complaints When personal data for which a company is responsible is accidentally or unlawfully disclosed, that company is obliged to report this data breach to their national data protection authority within 72 hours of finding out about the breach. These are the types of activities for which the most complaints have been made so far. Telemarketing Promotional e-mails Video surveillance/ CCTV Number of data breach notifications Many companies, such as social media platforms, provide their services in more than one EU country. The GDPR provides that, in most cases, one national data protection authority takes the lead in investigating the case (“one-stop shop”), whilst the other concerned authorities support the investigation. If there is a disagreement between authori- ties, the European Data Protection Board will arbitrate. Being an EU Regulation, the GDPR is directly applicable in all EU countries. However, it also requires countries to adapt their national legislation. 25 EU Member States have adopted the required national legislation, but three are still in the process of doing so (Greece, Slovenia and Portugal). The GDPR gives the data protection authories the power to impose fines of up to 4 % of a company's annual turnover. Cross-border cases* Fines issued under the GDPR by data protection authorities Adopted Not adopted of our democracies and ensuring the sustainability of our increasingly data-driven economy. On the occasion of GDPR’s first anniversary, we are taking a closer look at awareness, compliance and enforcement of the new rules. A sports betting cafe was fined € 5,280 for unlawful video surveillance Google was fined € 50,000,000 or lack of consent on advertisements A social network operator was fined € 20,000 for failing to secure users' data The General Data Protection Regulation (GDPR) applies since 25 May 2018. Reports of massive data breaches and the mishandling of personal data by large online platforms remind us what is at stake: from preserving our private life, to protecting the functioning Adaptation of national laws in the EU Member States europa.eu/dataprotection Number of queries and complaints to data protection authorities Awareness of GDPR Awareness of data protection authorities Individuals are increasingly contacting data protection authorities to ask questions about the GDPR and lodge complaints about respect for their rights. The GDPR also makes it possible for an organisation to lodge complaints on behalf of individuals. This possibility was used immediately aſter the entry into application of the GDPR. Source: The European Data Protection Board This figure is indicative only. The defintion is not harmonised between national data protection authorities. We were not able to verify if all the reported figures relate to cases post 25 May, when the GDPR entered into application. Some of them can also relate to the former data protection directive. Total number of data breach notifications from all data protection authorities in Europe, since May 2018 Investigations initiated by data protection authorities. Investigations by data protection authorities on the basis of complaints from individuals. 450 300 150 0 MAY 2019 AWARENESS OF THE RULES #HAPPYBIRTHDAYGDPR 57% A data brokering company was fined € 220,000 for failing to inform citizens that their data was being processed by the company Lands authority for failing to ensure the necessary security for their data processing € 5,000 67% of Europeans have heard of the GDPR of Europeans know that there is a public authority in their country responsible for protecting their rights about personal data Source: Special Eurobarometer 487a (March 2019) Source: Special Eurobarometer 487a (March 2019) Source: The European Data Protection Board Source: The European Data Protection Board 20% know which public authority is responsible 144,376 Total number of queries and complaints from all data protection authorities in Europe, since May 2018 89,271 +20 percentage points since 2015 446 Source: The European Data Protection Board

Upload: others

Post on 22-Oct-2021

2 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: The General Data Protection Regulation (GDPR) IN NUMBERS

ENFORCING THE RULES

IN NUMBERSGDPRCOMPLYING WITH THE RULES

Most common types of complaints

When personal data for which a company is responsible is accidentally or unlawfully disclosed, that company is obliged to report this data breach to their national data protection authority within 72 hours of finding out about the breach.

These are the types of activities for which the most complaints have been made so far.

Telemarketing Promotional e-mails

Video surveillance/ CCTV

Number of data breach notifications

Many companies, such as social media platforms, provide their services in more than one EU country. The GDPR provides that, in most cases, one national data protection authority takes the lead in investigating the case (“one-stop shop”), whilst the other concerned authorities support the investigation. If there is a disagreement between authori-ties, the European Data Protection Board will arbitrate.

Being an EU Regulation, the GDPR is directly applicable in all EU countries. However, it also requires countries to adapt their national legislation. 25 EU Member States have adopted the required national legislation, but three are still in the process of doing so (Greece, Slovenia and Portugal).

The GDPR gives the data protection authories the power to impose fines of up to 4 % of a company's annual turnover.

Cross-border cases*

Fines issued under the GDPR by data protection authorities

AdoptedNot adopted

of our democracies and ensuring the sustainability of our increasingly data-driven economy.On the occasion of GDPR’s first anniversary, we are taking a closer look at awareness, compliance and enforcement of the new rules.

A sports betting cafe was fined€ 5,280 for unlawful video surveillance

Google was fined € 50,000,000 or lack of consent on advertisements

A social network operator was fined€ 20,000 for failing to secureusers' data

The General Data Protection Regulation (GDPR) applies since 25 May 2018. Reports of massive data breaches and the mishandling of personal data by large online platforms remind us what is at stake: from preserving our private life, to protecting the functioning

Adaptation of national laws in the EU Member States

europa.eu/dataprotection

Number of queries and complaintsto data protection authorities

Awareness of GDPR

Awareness of data protection authorities

Individuals are increasingly contacting data protection authorities to ask questions about the GDPR and lodge complaints about respect for their rights. The GDPR also makes it possible for an organisation to lodge complaints on behalf of individuals. This possibility was used immediately aster the entry into application of the GDPR.

Source: The European Data Protection Board

This figure is indicative only. The defintion is not harmonised between national data protection authorities. We were not able to verify if all the reported figures relate to cases post 25 May, when the GDPR entered into application. Some of them can also relate to the former data protection directive.

Total number of data breach notifications from all data protection authoritiesin Europe, since May 2018

Investigations initiated by data protection authorities. Investigations by data protection authorities on the basis of complaints from individuals.

450

300

150

0

MAY 2019

AWARENESS OF THE RULES

#HAPPYBIRTHDAYGDPR

57%

A data brokering company was fined€ 220,000 for failing to inform citizensthat their data was being processedby the company

Lands authority for failing to ensurethe necessary security for their dataprocessing € 5,000

67% of Europeanshave heard of the GDPR

of Europeans know that there is a public authority in their country responsible for protecting their rights about personal data

Source: Special Eurobarometer 487a (March 2019)

Source: Special Eurobarometer 487a (March 2019)

Source: The European Data Protection Board

Source: The European Data Protection Board

20% know which publicauthority is responsible

144,376Total number of queries and complaints from all data protection authorities in Europe,since May 2018

89,271

+20percentage

pointssince 2015

446

Source: The European Data Protection Board

General Data Protection Regulation (GDPR) · General Data Protection Regulation (GDPR) Andrea Agosti Mariangela Fierro Milano, 19 Dicembre 2016

Comparing privacy laws: GDPR v. Nigeria Data Protection ...The General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR') and the Nigeria Data Protection Regulation ('NDPR')

General Data Protection Regulation (GDPR) Privacy and Data

Comparison of General Data Protection Regulation (GDPR) drafts · Comparison of General Data Protection Regulation (GDPR) drafts (unofficial) Dec. 17, 2015 v April 7, 2016 drafts

GDPR – EU General Data Protection Regulation Seminar

GDPR: From Regulation to coding - Previous - SecAppDev Ataya - Alain... · •SANS - GWAPT: Web Application ... GDPR: From Regulation to coding 36. Article 33 Notification of a personal

Introduction to General Data Protection Regulation (GDPR) · The General Data Protection Regulation (GDPR) is the new EU’s regulation designed toprotect and empower every subject’s

The EU's General Data Protection Regulation (GDPR)...The EU's General Data Protection Regulation (GDPR) Summary 1. Enforcement Actions, Regulatory Priorities and the Current State

General Data Protection Regulation (GDPR) · Regulation (GDPR) Are you ready? Jennifer Ryan - Data Protection Officer Sara McAneney –IT Security Officer 9th November 2017. There

GDPR - GENERAL DATA PROTECTION REGULATION ON SITES

PRIVACY AWARENESS GENERAL DATA PROTECTION … · 2020-01-06 · PRIVACY AWARENESS GENERAL DATA PROTECTION REGULATION (GDPR) The General Data Protection Regulation (GDPR) that has

The General Data Protection Regulation (GDPR)

GDPR & HR infographic - Workday · GDPR & HR GDPR harmonises different EU country data privacy regulations into a single set of regulations GDPR by (some of) the numbers GDPR comes

Nearpod helps safeguard individual privacy with GDPR Supports3.amazonaws.com/news.nearpod.com/pdf/GDPR-one-pager.pdfNearpod welcomes the General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR)€¦ · the General Data Protection Regulation (GDPR). The UK government has confirmed that Brexit will not affect this: UK companies will

General Data Protection Regulation (GDPR)€¦ · Information Commissioner’s Office (2017) ‘Overview of the General Data Protection Regulation (GDPR)’ Information Commissioner’s

The General Data Protection Regulation (GDPR) IN NUMBERS · ENFORCING THE RULES GDPR IN NUMBERS COMPLYING WITH THE RULES Most common types of complaints When personal data for which

Developer’s Guide to the GDPR · Developer’s Guide to the GDPR The who, what, when, where, and why of the GDPR for developers. The General Data Protection Regulation (GDPR) was

ESSENTIAL COMPLIANCE INSIGHTS The General Data Protection … · PROTECTION REGULATION (GDPR): WHAT ORGANIZATIONS NEED TO KNOW CONTENTS GDPR and its impact GDPR equirr ements and

General Data Protection Regulation (GDPR) - Whitepaper · 2019-03-27 · GDPR: Whitepaper Is Your Organization Compliant? GENERAL DATA PROTECTION REGULATION GDPR came into force on

GDPR (General Data Protection Regulation, EP 2016/679)

General Data Protection Regulation (GDPR) …dynamic.globalscape.com/files/Guide-MFT-GDPR-Compliance...GDPR readiness, when applied in context with software products, means that software

THE GDPR LAST-MINUTE KIT · The GDPR Last-Minute Kit The GDPR (General Data Protection Regulation) is a new EU Regulation which will replace the 1995 EU Data Protection Directive

GDPR European General Data Protection Regulation (GDPR) · 2016-11-14 · European General Data Protection Regulation (GDPR) Webcast mit Sophos – 26.02.2016 2 • „European Directive“

GDPR Controls - Trilogy · GDPR Controls and Netwrix Auditor Mapping . 2 About GDPR The General Data Protection Regulation (GDPR) is a legal act of the European Parliament and the

A General Data Protection Regulation (GDPR) Toolkit for ... Toolkit for website... · A General Data Protection Regulation (GDPR) Toolkit for Parishes in the Diocese of Southwark

EU General Data Protection Regulation (GDPR) - IAPP · PDF fileBACKGROUND •General Data Protection Regulation (GDPR) is the first comprehensive overhaul of European Union data protection

GDPR and Oracle Cloud Applications v7€¦ · GDPR and Oracle Cloud Applications ORACLE WHAT IS GDPR? GDPR The General Data Protection Regulation is set to take effect in May 2018

GDPR – Threat, overhead or opportunity? · GDPR – Threat, overhead or opportunity? The new EU General Data Protection Regulation (GDPR) introduces significant changes to the EU

THE IMPACT OF THE NEW GENERAL DATA PROTECTION REGULATION (GDPR… · 2018-05-07 · IMPACT OF THE GDPR ON WHISTLEBLOWING 3 2. DECODING THE GDPR The EU General Data Protection Regulation

General Data Protection Regulation (GDPR) Preparing legal …gdpr.sport/wp-content/uploads/2018/06/GAISF-Data... · 2018-06-20 · General Data Protection Regulation (GDPR) Preparing

The General Data Protection Regulation (GDPR) IN NUMBERS · Many companies, such as social media platforms, provide their services in more than one EU country. The GDPR provides that,

Privacy Primer and General Data Protection Regulation (GDPR) · 2018. 4. 10. · Personal Information Name, Address, Landline/Mobile Numbers Email Address, Nationality, Citizenship,

Beginning your General Data Protection Regulation (GDPR) Journey

How does the General Data Protection Regulation (GDPR) affect … does GDPR affect your business.pdf · • GDPR is intended toharmonize data protection lawacross the EU • GDPR