Ireland’s Data Protection Commission (DPC) has sent out a warning big tech firms may be facing massive fines following investigations made by the regulator.
As reported in the Irish Independent, the DPC’s commissioner, Helen Dixon has described how a specialist legal team has been brought together to consult on the size of potential financial penalties that may be issued against the biggest transgressors.
Dixon explained how Facebook’s fine of $5bn (€4.6bn) imposed by US authorities last year will serve as a bellwether for action taken by data privacy enforcement bodies in Europe.
“A very relevant factor in terms of what quantum will create deterrence is the level of fines already existing globally in the area,” she said of the US fine,” Dixon said.
“So, if you ask whether the FTC [Federal Trade Commission] fine is relevant, it is. Under the GDPR, deterrence is a particularly important reason why the fines are included. They could have stopped at the corrective measures. But the fines are there to be punitive and give rise to deterrence. And deterrence is based on what’s already in the [fine] landscape,” she added.
“A fine is an inevitability at some point,” Dixon continued.
The Irish Data Protection Commissioner stopped short of revealing a timeline for key decisions on fines, though she has previously said that Facebook’s WhatsApp and Twitter would be among the first companies to face the music.
Perceived slow action on the part of Ireland’s DPC has drawn fire in the past from privacy regulators in Germany, an accusation that has been rejected by officials in Ireland, with Ms Dixon highlighting how the pressure is on the DPC to ensure that major decisions are shielded from legal challenges.
The Irish DPC is leveraging the EU’s General Data Protection Regulation (GDPR) for 23 separate investigations that are currently open into tech giants, including Facebook, subsidiaries Instagram and WhatsApp, Apple, Twitter, Google, Verizon and Quantcast.
That so many of the world’s tech giants choose to have their headquarters in the Emerald Isle makes the Irish Data Protection Commission one of the most powerful data regulation agencies in Europe, with the power to fine companies up to 4% of annual turnover.
Last year, the IDPC received 6,247 data breach notifications, a figure up 71% on 2018.
The post #Privacy: Irish Data Protection says multinationals can expect big fines appeared first on PrivSec Report.