The Difference between GDPR and the Data Protection Act


Facebook has just been fined £500,000, which threatens to make a severe dent in its paper-clip budget. Luckily for them, this is the maximum fine they could incur under the existing regulations.

They committed a serious, willful and highly calculated data breach, which attracts the maximum penalty available to the enforcers.

Suppose they had committed the same sin two years later. They would have been fined 20,000,000 euros......OR.....4% of their global turnover, "whichever is the greater". Which do you reckon is the greater? I don't know the exact size of their global turnover but I would estimate it at about $10bn. That would put the fine at about $400m or £310m.

Now do you see the difference?