Thought of the Day: What would a £400,000 fine be under the GDPR?

January 17 11:38 2018 Print This Article

Carphone Warehouse has been fined £400,000 following a cyber attack in 2015. Hackers were able to access the personal data of over three million customers and one thousand employees. Currently, the maximum fine the Information Commissioner’s Office (ICO) can impose is £500,000. By this standard, a £400,000 fine is really big. In fact, it is one of the largest fines in its history.

However, after the GDPR comes into force, the maximum fine will become €20 million or 4% of annual global turnover. A £400,000 fine seems quite paltry compared to the new maximum fines. Perhaps Carphone Warehouse has had a lucky shave financially… and I hope they will be first in line to ensure top-notch cybersecurity to avoid any fines in future. We can certainly expect any breaches of a similar scale to receive a significantly bigger fine after the May enforcement date.

view more articles

About Article Author

GDPR Associates
GDPR Associates

View More Articles
write a comment


No Comments Yet!

You can be the one to start a conversation.

Add a Comment