Its been over two years since the General Data Protection Regulation (GDPR) was implemented in the EU and EEA. We have studied fines and penalties that data protection authorities have imposed in the EU under the GDPR to determine which countries violate GDPR the most and the total combined fine of the EU countries year to date (2020).

Key findings

GDRP Fines 2020

Embed key findings

EU countries ranked by
total GDPR fine amount in 2020

(from January 1, 2020 to August 17th, 2020)



Total fine amount per country

Number of fines

GDPR fines ranked by fine amount

Fine Types

Insufficient legal basis for data processing Insufficient fulfilment of data subjects rights Insufficient technical and organisational measures to ensure information security Non-compliance with general data processing principles Insufficient fulfilment of information obligations Insufficient cooperation with supervisory authority Lack of appointment of data protection officer Insufficient fulfilment of data breach notification obligations








All data sourced from the GDPR Enforcement Tracker fines database, specifically fines and penalty records dating 2020. Please note that not all fines are made public, therefore ranking is limited to publicly available GDPR fines.

Brought to you by

Learn about finance internships or read latest review