Data Protection Authorities (DPAs) consider the criteria under Article 83 of the General Data Protection Regulation when deciding whether to impose monetary penalties and the amount. Over the last four years, different DPAs have given the criteria different weighting in their enforcement proceedings, resulting in considerable variance in fining policies and practices. The Future of Privacy Forum has published an overview of the only comprehensive fining methodologies published by EU DPAs (Dutch, Danish, and Latvian), along with the ICO's draft Statutory guidance issued in 2020. The analysis will show how the ICO's approach is likely to continue to differ from that of EU DPAs and the EDPB.
What is this page?
You are reading a summary article on the Privacy Newsfeed, a free resource for DPOs and other professionals with privacy or data protection responsibilities helping them stay informed of industry news all in one place. The information here is a brief snippet relating to a single piece of original content or several articles about a common topic or thread. The main contributor is listed in the top left-hand corner, just beneath the article title.
The Privacy Newsfeed monitors over 300 global publications, of which more than 2,500 summary articles have been posted to the online archive dating back to the beginning of 2020. A weekly roundup is available by email every Friday.