Organisations due for GDPR punishment will be named in the coming months

The regulator for data privacy in the EU has disclosed that planned enforcement of the General Data Protection Regulations (GDPR) is to be made public as we move towards the New Year.

Organisations due for GDPR punishment will be named in the coming months

The regulator for data privacy in the EU has disclosed that planned enforcement of the General Data Protection Regulations (GDPR) is to be made public as we move towards the New Year.

As reported by Reuters, the EU’s Data Protection Supervisor, Giovanni Buttarelli explained on Tuesday that the national watchdogs for data protection have been inundated with data breach reports and complaints since the GDPR went live at the end of May of this year.

In an interview with the news agency, Mr Buttarelli said:

“I expect first GDPR fines for some cases by the end of the year. Not necessarily fines but also decisions to admonish the controllers, to impose a preliminary ban, a temporary ban or to give them an ultimatum.”

The landmark legislative changes brought in by the GDPR have put new responsibilities on the shoulders of global organisations that deal with the private data of EU citizens, to adhere to new standards on data processing to ensure that individuals’ private information stays safe.

Far from just a set of new laws, the GDPR’s coming signals a culture change in the way both organisations and users think about private, personal details. In complying to GDPR standards, business behaviours and mechanisms should begin to bake data privacy into daily operations through a risk-based approach.

Since the introduction of the legislation we have seen many high-profile organisations fall foul of the GDPR through violations that have led to heavy financial penalties and reputational damage.

Some of the fines given out have been very much in tune with the stick the GDPR can wield – maximum punishments can see transgressing organisations fined up to 4 per cent of annual turnover or £20m.

While Mr Buttarelli has not named any of the organisations due to be held to account in the coming months, he emphasised that fees levied would be “relevant for the company and important for the public opinion, for consumer trust.”

From an administrative viewpoint, this is just one element of the global enforcement,” he added.


The inaugural Data Protection World Forum (DPWF) was held on November 20th & 21st 2018 at the ExCeL London and welcomed over 3,000 delegates seeking the very latest insight on data protection and privacy.

Pre-registration for DPWF 2019 will be opening in the coming weeks.

https://www.dataprotectionworldforum.com/