Data acquired from the GDPR Fines 2020 Report by Finbold.com indicates that a total of €171.3 million fines have been issued against European countries in 2020 alone. The fines were issued between January 1st, 2020, and January 1st, 2021. Our GDPR Fines 2020 Report reveals that Italy accounts for the highest fines at €58.16 million of the total fines from 34 violations. The United Kingdom ranks second with €43.9 million in fines from only three violations. The two countries cumulatively account for 59.5% of all the EU GDPR fines. Germany is third at €37.39 million from three major violations. Sweden’s 15 violations attracted €14.27 million in fines, while Spain closes the top five categories with €8 million in fines arising from 128 incidents. In 2020, a total of 299 fines were registered in the EU.

The biggest single fine in 2020

Germany’s H&M Hennes & Mauritz online Shop AB & Co. KG was fined €35.25 million for data protection violations on specific incidents. This is the biggest single fine on a specific data breach incident in 2020. Italy’s TIM, a telecommunication operator, received the second-highest fines at €27.8 million. British Airways is third after amassing fines of €22.04 million. The fine comes after over two years since the General Data Protection Regulation (GDPR) was implemented in the EU and EEA back on May 25, 2018. Finbold.com chief editor Oliver Scott commented: “Despite campaigns to have organizations enact better measures to protect consumer data, the violations recorded across the EU remain significant with the law coming into place in 2018. It will be interesting to see if organizations will take up extra responsibility to prevent breaches in 2021. However, stakes remain high for companies to avoid risking regulatory action for breaches and protecting reputation alongside legal actions.”