Money, money, money... It seems that the thing everyone is aware of is the GDPR fines. Meta fine, Amazon fine and etc leave businesses and individuals confused. How is that calculated? In case, if you are the one wondering (or calculating), this piece of news is for you. During its May plenary, the European Data Protection Board adopted a final version of the Guidelines on the calculation of administrative fines following public consultation.
These guidelines aim to harmonise the methodology data protection authorities (DPAs) use to calculate fines and include harmonised ‘starting points’.
Hereby, three elements are considered: the categorisation of infringements by nature, the seriousness of the infringement and the turnover of a business.The guidelines set out a 5-step methodology, taking into account the number of instances of sanctionable conduct, possibly resulting in multiple infringements; the starting point for the calculation of the fine; aggravating or mitigating factors; legal maximums of fines; and the requirements of effectiveness, dissuasiveness and proportionality.
Comments