Ryan Gracey Quoted in Compliance Week on GDPR Fines for Big Tech Firms

Ryan Gracey, a partner at Gordons and technology specialist, has been quoted in Compliance Week on Big Tech firms being penalised under the General Data Protection Regulation (GDPR).

When Google was fined 10 million euros (£8.6m) by Spain’s data protection authority last month, it reignited the discussion around why Big Tech firms generally have not been more frequently fined under the GPDR.

“Google’s lack of transparency…”

Ryan said: “Among the reasons Big Tech have received fewer fines to date concerns the nature of the potential GDPR breaches.

“Big Tech investigations have tended to cover their own misuse of personal data to gain financial and competitive advantages – like Google’s lack of transparency to individuals on how their personal data is used. While other industries where we have seen a higher frequency of fines, like telecoms, involve data breaches related to the mass disclosure of personal information.

“The former is difficult, complex and time-consuming for the regulators to investigate, understand and take action on. That lack of visible action is aggregated further by the huge backlog of cases regulators like the Irish Data Protection Commission are facing, although we should see more down the road.

“The latter is much more straightforward – in essence, the regulator can readily identify the breach, consider aggravating and mitigating factors and then issue a proportionate fine.”

You can read Ryan’s comment on Compliance Week here.