The BfDI found Vodafone €45 million for data protection failures linked to partner fraud and security flaws, prompting the company to enhance its compliance and security measures.
The Irish DPC fined TikTok €530 million for GDPR breaches related to inadequate protection of European user data transferred to China.
WhatsApp receives support from a CJEU adviser in its challenge against the EDPB over a €225 million fine for privacy violations.
TikTok faces a fine over €500 million for transferring European user data to China, with an impending decision from Ireland’s Data Protection Commission.
Amazon lost its appeal against a 746 million euro fine for GDPR violations, as Luxembourg’s court upheld the decision by the CNPD.
The DLA Piper GDPR Fines and Data Breach Survey 2025 provides valuable insights into the enforcement landscape of the GDPR over the past year.
European data protection fines fell to €1.2 billion in 2024; activists claim enforcement is weak, with only 1.3% of cases fined, urging stricter personal accountability under GDPR.
Ireland imposed over half of Europe’s GDPR fines in 2024, totaling €3.5 billion since 2018, with a notable decline in penalties compared to previous years.
Meta challenges a €91 million fine from Ireland’s DPC for improperly storing user passwords, claiming the penalty is excessive and misapplied under GDPR.
The Italian Data Protection Authority fined OpenAI €15 million for using personal data without legal grounds and lacking age verification for ChatGPT.
The Dutch DPA fines Netflix €4.75 million for inadequate customer information on personal data handling, violating GDPR regulations.
Meta faces a €251 million fine from the DPC for a data breach affecting 29 million accounts, with plans to appeal the decision.