
Author
In the individuals and private associations sector, DPAs from 17 different countries have so far imposed 360 fines (+52 compared to the 2024 ETR) on private individuals, individual entrepreneurs, private sport associations and leagues in the total amount of EUR 2,544,656 (+EUR 693,990 compared to the 2024 ETR).
Let's take a closer look
- The highest fine of EUR 600,000 was issued against the GSM Association by the Spanish DPA (AEPD) for not carrying out a data protection impact assessment regarding its use of an identification system for physical attendees that granted access based on facial recognition and biometric tokens (ETid-2545).
- Fines against private individuals were generally much lower, most often below EUR 2,000.
- The lowest fine of EUR 48 was issued against an Estonian police officer (ETid-384) who accessed personal data in a police database for private research.
- Many cases against individuals and private associations involve video surveillance on private grounds or in traffic. DPAs imposed fines for such violations regularly even on private individuals.