Tsaaro Issues Warning to Indian Corporates: Get Ready for GDPR-Like Penalties

Tsaaro's Privacy Fines Report 2022
Tsaaro's Privacy Fines Report 2022

New Delhi; 13 February 2023: Tsaaro, a premier provider of data privacy and cybersecurity services, has unveiled the results of its survey on GDPR penalties and enforcement trends. The study found that penalties imposed on META platforms account for 82.6% of all fines. The Privacy Fines Report 2022 provides an in-depth look at privacy fines and is the first of its kind to examine them as a whole. Tsaaro analyzed approximately 500 fines and penalties imposed by EU data protection authorities under the EU GDPR. The company also warns Indian businesses of a potential privacy breach, which has not been reported or assessed, but is likely to occur given the current structures in place.

Additionally, the fines on privacy are not only intended to correct wrongs but also serve as a warning to corporations that privacy violations are

not to be taken lightly. Non-compliance can result in significant consequences. Tsaaro Solutions’ first annual Privacy Fines Report (2022) aims to provide not only consumers but also corporations with valuable information on the compliance measures of GDPR. The report seeks to educate and inform businesses about the importance of protecting personal data and the consequences of non-compliance.

Commenting on the same, Akarsh Singh, co-founder, and CEO of Tsaaro, said, “It is always extremely important for corporations and consumers to be acquainted from time to time with the facts and realities of the rapidly developing world which is taking place at the expense of personal data – a fact that is often hidden in plain sight. Our commitment to privacy is the cornerstone of what we do at Tsaaro and therefore the First Annual Tsaaro Report on GDPR Fines & the Privacy Landscape of 2022 is a product of the same commitment. 

Furthermore, the report also delves into the industry specific violations by offering a comprehensive overview of the sectors with the maximum number of breaches. It sheds light on the nations that recorded the highest cumulative penalties and highlights the most frequently violated GDPR articles.

Key findings:

  • 82.6% (697 million) of the total fines account on the META platforms
  • Media, Telecom & Broadcasting Industry Accounted for about 86% of the total fines
  • In the Finance, Insurance & Consulting sectors, roughly 26% violated Article 5 of the GDPR
  • Nearly 29% of the penalized companies in the Transport & Energy sector violated Article 6 of the GDPR
  • Public Sector Entities & Educational Institutions were heavily penalized, contributing to about 10% of the total fines imposed
  • In 2018, there were 12 penalties with €500,000
  •  In 4 years, the penalties increased to 166x times 
  • In 2022, the penalties increased to 440 with €831,258,610
  • It is possible to be fined up to 20 million euros for particularly serious violations listed in Article 83(5) GDPR, or up to 4 of the preceding fiscal year’s total global turnover for undertakings
  • A lesser-severe violation is defined in Art. 83(4) GDPR as one that may result in a fine of no more than 10 million euros or 2% of a company’s worldwide sales during the preceding fiscal year, whichever is higher
  • Top 5 provisions for which organizations were penalized were Articles 5, 6, 12, 13, 32

Click here to get access to Tsaaro’s report.