Search Privacy Fines

Browse and filter privacy enforcement fines worldwide.

← Back to Overview

Regulation

Country

Year

Min Fine (USD)

Sort

37 fines found

Total: $8.4B

Date	Company	Fine	Regulation	Authority	Country	Type	Summary
2023-05-22	Meta Platforms	€1.2B	GDPR	Ireland DPC	Ireland	transfer	Unlawful data transfers to the US in violation of Schrems II. Largest GDPR fine ... Unlawful data transfers to the US in violation of Schrems II. Largest GDPR fine ever. Articles: Art. 46(1)
2023-05-22	Meta Platforms	€1.2B	GDPR	Data Protection Authority of Ireland	Ireland	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 32 (1) b) GDPR
2025-05-01	TikTok	€530.0M	GDPR	Ireland DPC	Ireland	transfer	Illegal data transfers to China and failure to be transparent about data process... Illegal data transfers to China and failure to be transparent about data processing. Articles: Art. 46(1), Art. 5(1)(a)
2025-05-02	TikTok	€530.0M	GDPR	Ireland DPC	Ireland	transfer	Illegal data transfers to China and failure to be transparent about data process... Illegal data transfers to China and failure to be transparent about data processing. Articles: Art. 46(1), Art. 5(1)(a)
2022-09-05	Meta Platforms	€405.0M	GDPR	Ireland DPC	Ireland	children	Published children contact details and allowed children aged 13-17 to operate bu... Published children contact details and allowed children aged 13-17 to operate business accounts. Articles: Art. 5(1)(c), Art. 6(1), Art. 12, Art. 24
2022-09-05	Meta Platforms	€405.0M	GDPR	Ireland DPC	Ireland	children	Instagram published children contact details and allowed children aged 13-17 to ... Instagram published children contact details and allowed children aged 13-17 to operate business accounts. Articles: Art. 5(1)(c), Art. 6(1), Art. 12, Art. 24
2022-09-05	Meta Platforms	€405.0M	GDPR	Data Protection Authority of Ireland	Ireland	Failure to comply with data processing principles	-- Articles: Art. 5 (1) a), c) GDPR, Art. 6 (1) GDPR, Art. 12 (1) GDPR, Art. 24 GDPR, Art. 25 (1), (2) GDPR, Art. 35 GDPR
2022-01-04	Meta Platforms	€390.0M	GDPR	Data Protection Authority of Ireland	Ireland	Failure to comply with data processing principles	-- Articles: Art. 5 (1) a) GDPR, Art. 6 (1) GDPR, Art. 12 GDPR, Art. 13 (1) c) GDPR
2023-01-04	Meta Platforms	€390.0M	GDPR	Ireland DPC	Ireland	consent	Forced users to consent to targeted advertising as condition of using Facebook a... Forced users to consent to targeted advertising as condition of using Facebook and Instagram. Articles: Art. 6(1), Art. 7
2023-09-15	TikTok	€345.0M	GDPR	Ireland DPC	Ireland	children	Failed to protect children users. Profiles set to public by default for minors. Failed to protect children users. Profiles set to public by default for minors. Articles: Art. 5(1)(c), Art. 5(1)(f), Art. 12, Art. 13, Art. 24, Art. 25
2023-09-01	TikTok	€345.0M	GDPR	Ireland DPC	Ireland	children	Failed to protect children users privacy. Profiles set to public by default for ... Failed to protect children users privacy. Profiles set to public by default for minors. Articles: Art. 5(1)(c), Art. 5(1)(f), Art. 12, Art. 13, Art. 24, Art. 25
2024-10-01	LinkedIn	€310.0M	GDPR	Ireland DPC	Ireland	consent	Used wrong legal basis for behavioral advertising and ad targeting. Used wrong legal basis for behavioral advertising and ad targeting. Articles: Art. 6
2024-10-24	LinkedIn	€310.0M	GDPR	Ireland DPC	Ireland	consent	Used wrong legal basis for behavioral advertising and ad targeting. Used wrong legal basis for behavioral advertising and ad targeting. Articles: Art. 6
2022-11-25	Meta Platforms	€265.0M	GDPR	Data Protection Authority of Ireland	Ireland	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 25 (1), (2) GDPR
2022-11-28	Meta Platforms	€265.0M	GDPR	Ireland DPC	Ireland	data_breach	Scraped personal data of 533 million Facebook users made available online. Data ... Scraped personal data of 533 million Facebook users made available online. Data protection by design failure. Articles: Art. 25
2021-09-02	Meta Platforms	€225.0M	GDPR	Ireland DPC	Ireland	consent	Lack of transparency about data sharing with Facebook. Lack of transparency about data sharing with Facebook. Articles: Art. 5(1)(a), Art. 12, Art. 13, Art. 14
2021-09-02	Meta Platforms	€225.0M	GDPR	Data Protection Authority of Ireland	Ireland	Non-compliance with lawful basis for data processing	-- Articles: Art. 5 (1) a)
2022-03-15	Meta Platforms	€17.0M	GDPR	Data Protection Authority of Ireland	Ireland	Failure to comply with data processing principles	-- Articles: Art. 5 (2) GDPR, Art. 24 (1) GDPR
2023-01-19	Meta Platforms	€5.5M	GDPR	Data Protection Authority of Ireland	Ireland	Non-compliance with lawful basis for data processing	-- Articles: Art. 6 (1) GDPR, Art. 12 GDPR, Art. 13 (1) c) GDPR
2022-01-12	Meta Platforms	€5.5M	GDPR	Ireland DPC	Ireland	consent	WhatsApp fined for transparency failures in processing user data. WhatsApp fined for transparency failures in processing user data. Articles: Art. 5(1)(a), Art. 12, Art. 13
2024-05-15	Airbnb Ireland	€2.1M	GDPR	Ireland DPC	Ireland	consent	Excessive collection and processing of ID document data. Excessive collection and processing of ID document data. Articles: Art. 6
2023-02-27	Bank of Ireland 365	€750K	GDPR	Data Protection Authority of Ireland	Ireland	Failure to comply with data processing principles	-- Articles: Art. 5 (1) f) GDPR, Art. 32 (1) GDPR
2022-04-05	Bank of Ireland	€463K	GDPR	Data Protection Authority of Ireland	Ireland	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 32 GDPR, Art. 33 GDPR, Art. 34 GDPR
2023-01-23	Centric Health Ltd.	€460K	GDPR	Data Protection Authority of Ireland	Ireland	Failure to comply with data processing principles	-- Articles: Art. 5 (1) f) GDPR, Art. 5 (2) GDPR, Art. 32 (1) GDPR
2020-12-15	Twitter	€450K	GDPR	Data Protection Authority of Ireland	Ireland	Failure to notify DPA of a data breach	-- Articles: Art. 33 (1), (5) GDPR

Page 1 of 2Next