British firms face £122bn in fines under GDPR regime

October 19 10:13 2016 Print This Article

Hot on the heels of the warning that TalkTalk would have faced a £70m fine had its 2015 data breach occurred under the EU General Data Protection Regulation (GDPR) regime, one finance body claims that UK businesses could face up to £122bn in penalties for data breaches when the new laws do come into effect in May 2018.

The Payment Card Industry Security Standards Council (PCI SSC) is using the eye-watering figure as a wake-up call to firms, urging them to act now to avoid exponentially increased fines.

According to a UK Government 2015 survey, 90% of large organisations and 74% of SMEs reported a security breach, leading to an estimated total of £1.4bn in regulatory fines.

In 2018, the GDPR will usher in fines of up to €20m or 4% of annual worldwide turnover, whichever is greater – dwarfing the current maximum of £500,000.

This means that if data breaches remain at 2015 levels, the fines paid to the European regulator could see a near 90-fold increase, from £1.4bn in 2015 to £122bn, the PCI SSC calculated, based on the maximum fine of 4% of global turnover.

However, the PCI SSC is keen to point out that regulatory fines are only part of the potential fall-out, with reputational damage, business disruption and revenue loss also having a major impact.

PCI SSC international director Jeremy King said: “The new EU legislation will be an absolute game-changer for both large organisations and SMEs as the regulator will be able to impose a stratospheric rise in penalties for security breaches, and it remains to be seen whether businesses facing these fines will be able to shoulder the costs.

“Companies, both large and small, need to act now and start putting in place robust standards and procedures to counter the cyber security threat, or face the prospect of paying astronomical costs in regulatory fines and reputational harm to their brand.”

The original article (and image) was originally posted here:

view more articles

About Article Author

GDPR Associates
GDPR Associates

View More Articles
write a comment

1 Comment

  1. zandrablodgett
    September 23, 22:01 #1 zandrablodgett

    Нey there! I’m at work browsing your blog from my new apple iphone!
    Just wanted to say I love reading through your blog and look forward
    to all your posts! Ϲarry on thе excellent work!

    Reply to this comment

Add a Comment