Data Protection Commission applied fines of over €1bn in 2022
Last January, the DPC hiked an initial €59m fine to €390m for tech giant Meta over how it processes personal data, after an intervention by the European Data Protection Board. File picture: Leah Farrell/RollingNews.ie
Ireland’s Data Protection Commission applied fines of over €1bn across 2022 as its investigations under GDPR ramped up.
The commission, which today publishes its annual report for 2022, said it has to date concluded 17 large-scale inquiries with “multiple reprimands and compliance orders imposed”.
The regulator processed nearly 9,400 new cases from individuals across 2022; some 2,710 were official complaints, according to the report.
More than 10,000 cases were officially concluded, making 2022 the first year in its history that the DPC concluded more cases than it took on within a calendar year.
Helen Dixon, the data protection commissioner, said that in 2022, the DPC had seen “significant outputs... in its efforts to drive GDPR compliance and protect the rights of those in Ireland and across the EU”.
The report is the penultimate such publication of Ms Dixon’s tenure, which is due to end in 2024.
She said that two-thirds of the fines issued by regulators across Europe last year had emanated from the DPC, “a fact that underlines both the outsized role, and exceptional performance, of the organisation in effectively holding those guilty of non-compliance to account”.
The DPC is to take on an additional two commissioners to work alongside Ms Dixon after then-justice minister Helen McEntee approved the appointments last summer, stating that to do so would “support the evolving organisational structure, governance, and business needs” of the commission.
Other statistics highlighted by the commission in its report include the conclusion of 207 direct marketing investigations in 2022, with two telecoms having been “successfully prosecuted for four separate charges of sending unsolicited marketing communications without consent”.
“While the DPC encourages and guides organisations in achieving highest standards of protection in their processing of personal data, the DPC has also demonstrated it does not shy away from enforcing the law and applying sanctions where warranted,” said Ms Dixon.
Last January, the DPC hiked an initial €59m fine to €390m for tech giant Meta over how it processes personal data, after an intervention by the European Data Protection Board which rejected the original decision. Meta was given a period of three months to bring its data-processing operations into compliance with the law.
CONNECT WITH US TODAY
Be the first to know the latest news and updates
