The European Commission has decided to celebrate Data Protection Day by reporting that it has received 95,100 complaints about data practices and 41,502 breach notifications since the General Data Protection Regulation (GDPR) took effect last May.
The complaints cover telemarketing, email and video surveillance. In addition, the EC is probing 255 cross-border violations.
Three fines have been meted out, including one EUR 50 million against Google for lack of consent on ads, and penalties of EUR 20,000 against a social network for failing to secure users’ data and another for EUR 5,280 against a sports betting cafe for unlawful video surveillance.
The EC adds that “several high level cases are ongoing and could cause fines of up to 4% of the annual (volume) of a business if there is a serious infringement.”
The data breach reports have come in from all data protection authorities in Europe.
In addition, the EC reports that five member states -- Bulgaria, the Czech Republic, Portugal, Slovenia and Greece -- have not passed national legislation to comply with GDPR.
The EC notes that GDPR has been featured in more online searches than Mark Zuckerberg, Beyonce or Kim Kardashian.
The statement by four EC officials observes that consumers have “become more conscious of the importance of data protection and of their rights.”
These complaints and breaches will be just the tip of the iceberg. Looks like a pretty big iceberg to me.