GDPR fines for 2024 were more than €1.5 billion, but penalties appear to be in a decline in early 2025!

Computerworld.com reported “Data protection authorities in Europe imposed fines amounting to €1.2 billion last year according to the seventh edition of commercial law firm DLA Piper’s GDPR Fines and Data Breach Survey.  For the period since January 28, 2024, this represents a decrease of 33 percent compared to the fines of the previous year. This is the first year-on-year decline in fines, it said — although 2023 was unusual: Ireland fined Meta a record €1.2 billion that year, and no comparable fines were imposed in 2024.”  The January 31, 2025 report entitled " GDPR authorities accused of ‘inactivity’” (https://www.computerworld.com/article/3814479/gdpr-do-the-authorities-lack-the-bite.html) included these comments:

In total, the fines imposed since GDPR came into force in May 2018 amount to €5.88 billion. Large technology companies and social media giants in particular have had to pay. Almost all of the ten highest fines imposed since 2018 relate to the tech industry, including the fines of €310 million euros imposed on LinkedIn by the Irish data protection authority in 2024 and a €251 million fine for Meta.

Ireland continues to impose the most fines by a wide margin: since May 2018, it has now imposed fines of €3.5 billion. In comparison, Germany has imposed fines totaling €89.1 million since the GDPR came into force. According to DLA Piper, the German data protection authorities are focusing on breaches of the integrity, confidentiality and security of data processing.

Interesting update on GDPR and we need to keep an eye on the fines!