The General Data Protection Regulation (the «GDPR») is coming: in five months, companies will be required to comply with new data protection rules, any breach of which may entail severe sanctions.
Those sanctions include, among others, administrative fines imposed by the data protection supervisory authorities. Such fines may, depending on the type of infringement, amount up to €20 million or, in case of an undertaking, 4% of total worldwide annual turnover (whichever is greater) of the undertaking for breaches of GDPR.
In order to achieve a consistent approach to the imposition of the administrative fines, the Article 29 Working Party (representing all data protection authorities in the European Union) recently released guidelines on the application...
|