GDPR Turns Six: Reflecting On A Global Privacy Benchmark
IT Security Guru, Tuesday, May 28th, 2024
The EU's flagship data protection law, the General Data Protection Regulation (GDPR), celebrated its sixth anniversary on 25th May '24. Since coming into effect in 2018, its stringent requirements for enhanced security controls and data privacy have consistently raised awareness about the issues surrounding the storage and processing of personal data. This regulation has set a global benchmark, becoming a model for regulators worldwide.
The GDPR was designed to protect individuals' fundamental rights and freedoms, especially their right to personal data protection. As internet usage became more widespread, the EU Parliament recognised the need for updated guidelines to adapt to a more connected world where data is the common currency. Consequently, the GDPR was created to replace the 1995 Data Protection Directive used across various European countries.
In the past six years, 4.5 billion Euros has been paid in GDPR violation fines, according to research by Nordlayer. Spain, Italy, and Germany have imposed the largest fines. Since the GDPR came into effect, individual data protection authorities (DPAs) have issued 2,072 violation decisions. Spain holds the worst record, with 842 fines totaling 80 million Euros (68.16 million UK pounds) since 2018.