The UK’s data privacy regulator, the ICO, has started issuing notices of intention to fine data controllers under the GDPR for data breaches. The maximum fine the ICO can impose for a breach of data protection laws increased from £500k under the Data Protection Act 1998 to €20m or 4% of global annual turnover, whichever is greater, under GDPR. GDPR also introduced stronger data breach reporting and notification requirements.
Technology Law Update, 10th July 2019
Source: www.technology-law-blog.co.uk
