GDPR includes sweeping privacy restrictions requiring websites to give users more control over their data and to offer more transparency about their practices.
The EU’s privacy watchdog is predicting that the first enforcement actions under the General Data Protection Regulation (GDPR) will be announced in the coming months. Violations can carry hefty fines up to 4 percent of a company’s global revenue or about $23 million, whichever is higher. Regulators may also temporarily ban companies over violations.
Giovanni Buttarelli, the European Data Protection Supervisor, told Reuters in an interview on Tuesday that regulators have received a flood of complaints about privacy violations since the GDPR went into effect on May 25.
“I expect first GDPR fines for some cases by the end of the year. Not necessarily fines but also decisions to admonish the controllers, to impose a preliminary ban, a temporary ban, or to give them an ultimatum,” Buttarelli told Reuters.
“The fine is relevant for the company and important for the public opinion, for consumer trust. But from an administrative viewpoint, this is just one element of the global enforcement,” Buttarelli said, though he declined to give any hints about which companies were going to see penalties.
GDPR laws also make companies liable for any third party vendors you contract with and release employee or customer information to. TargetCW has been on the forefront of protecting its clients from unnecessary lawsuits by being one of the first to implement comprehensive GDPR compliance across their organization. If you are currently using an employer of record or staffing agency, you need to ensure they are also GDPR compliant. We put together a helpful website for our clients to vet our compliance. Check it out at www.tcwprivacy.com and see if your current vendors have taken the required steps to prevent a lawsuit.