Top 3 Most Active Regulators by Volume of Fines
1. Agencia Española de Protección de Datos (Spain)
2. Autoritatea Naţională de Supraveghere a Prelucrării Datelor cu Caracter Persona (Romania)
3. The Information Commissioners Office (UK)
Top 3 Most Active Regulators by Value of Fines
1. Datatilsynet (Norway)
2. Agencia Española de Protección de Datos (Spain)
3. The Information Commissioners Office (UK)
Top 3 Most Active Regulators by Volume of Fines
1. Agencia Española de Protección de Datos (Spain)
2. Garante per la protezione dei dati personali (Italy)
3. Autoritatea Naţională de Supraveghere a Prelucrării Datelor cu Caracter Personal (Romania)
Top 3 Most Active Regulators by Value of Fines
1. Data Protection Commission (Ireland)
2. Commission Nationale de l'Informatique et des Libertés – CNIL (France)
3. The Information Commissioners Office (UK)
Top Fine
- The Norwegian DPA, Datatilsynet, issued a fine of approx. €1.7 million against the Norwegian Labour and Welfare Administration (NAV).
- The main ground for this sanction relates to unsatisfactory "technical and organisational" measures implemented by NAV.
- Datatilsynet is known to be a very stringent data protection authority and this case is a new demonstration that this data protection authority is not more lenient towards public authorities.
- It must be noted that NAV was already sanctioned in 2022 for lack of legal basis, which may explain the high-level value of this new fine.
- The NAV will have an opportunity to comment on the allegations and potentially have the proposed fine reduced.
Key Takeaways
- Thus far, November has been the quietest month in 2023 in terms of GDPR enforcement, with a limited volume and value of fines imposed.
- Lack of legal basis for sending marketing communications remains a key concern for European regulators, as illustrated by the fines imposed by the UK's DPA to three companies.
- The Spanish DPA, AEPD, remains by far the most active regulator and continues to impose fines limited in value.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
We operate a free-to-view policy, asking only that you register in order to read all of our content. Please login or register to view the rest of this article.