Global data risk
Bigger fines, more enforcement – global data privacy in the spotlight
For businesses around the world, personal data is incredibly valuable. Increasingly, it also attracts regulatory risk. Enforcement activity is on the rise globally, with the data privacy enforcement landscape in Europe shifting dramatically since the General Data Protection Regulation (GDPR) came into force.
In our Global privacy data risk update 2022, we identify the most active authorities and those that impose the biggest fines, as we monitor the enforcement developments in Europe and North America over the past 12 months. Building a global picture of data privacy enforcement, we take a deeper dive into developments at the EU and member state level, looking at fines issued under the GDPR, as well as penalties issued by authorities around the world.
Introduction and methodology
This study looks at all penalties levied by EU data protection authorities (DPAs) under the GDPR from its inception to April 2022. We have set this enforcement activity in context by compiling a list of the 100 biggest data privacy fines issued across Europe and North America between 2018 and April 2022. In Europe, our analysis includes penalties issued under member states’ national data protection and e-commerce laws.
This update follows our Global data privacy risk report 2021, which provided in-depth insight into the regional, national and legal trends around data privacy enforcement.
Meet the team
Giles Pratt Partner
Geoff Nicholas Partner
Rachael Annear Counsel
Rhodri Thomas Partner
Brock Dahl Data privacy and security, Head of U.S. Fintech
Washington, DC, Silicon Valley
Norbert Nolte Partner
Dr. Christoph Werkmeister Partner
Richard Bird Partner