Data Privacy – More Fines, More Awareness

Data Privacy Trends in 2023

Data Privacy is becoming a very popular topic worldwide. Privacy is a right of every individual in the world. As the number of Data privacy laws is increasing, Companies need to focus & protect users’ privacy & comply with the new regulations. As awareness of data privacy is increasing globally, managing personal data concerning the laws & regulations affects the trust of people which in the end affects the profit margins of the company. So, Companies are now trying to comply with the rules & regulations of each country prescribed by their respective governments.

Also, to avoid Data Privacy breaches, GDPR (General Data Protection Regulation) of the EU legislators imposes heavy penalties if companies are found misusing or mishandling the data.


1. Global rise in data privacy laws & regulations

Due to the introduction of GDPR in 2018, there has been significant growth in data privacy prevention regulations & companies are now investing in making the data more secure, avoiding third-party cookies, etc. Today, 100+ countries have proper Data Privacy laws & regulations & this number is rising significantly. It is expected that 75% of the global population would have their private information secured complied with the regulations by the end of 2024.


2. Companies will invest more in privacy technologies

There will be huge spending by the companies in the race to protect the data & avoid penalties. Advertisers & Marketing agencies rely on sharing information models. However, this will soon be stopped with new laws & regulations. Google has already launched a Privacy Sandbox in 2019 & is currently working on Trust Token-API to replace third-party cookies. This will greatly enhance the user experience & greater security of personal data.


3. More privacy-related fines will be charged to service providers

Big tech companies are often charged with fines & penalties for data breaches. One of the world’s top companies, Meta will be charged an enormous fine of €1 billion estimated under GDPR breaches.

Moreover, IDPC (Irish Data Protection Commission) has more than 40 open inquiries for other big tech companies.

Cookies and other tracking technologies are also evolving with time. So, the website owners need to continuously update their current Privacy Policy & process the data accordingly.


4. Increase in requests and complaints of data subjects

Data subjects or users are becoming aware of their rights of protecting their personal data from any fraudster, cookie, or any other agent of data breaches. Users are getting to know about their rights to know, update, delete, edit or handle the information. So, there are significant increases in complaints about data handling.

In the year 2020, India banned the famous mobile game PUBG. The biggest reason for the ban was data privacy concerns. The game servers were not in India, but in China, and it was believed that the data was misused, stolen & transferred to some other entity.

As Data subjects become aware of their rights, they will start to prefer 1st party data handlers who will be more secure, transparent, and protective & has full control over data.


5. Greater transparency in the collection and processing of personal data

Data is priceless. Data contains valuable information which can create a business & also destroy it. According to the user privacy survey, it is likely that the users would change their service providers as users become more aware of their data. The businesses that handle the data properly and comply with regulations will see an increase in active users compared to others.


Below Mentioned are some of the huge fines levied on big companies due to data breaches

Top fines

1. Amazon GDPR fine – €746 million

On July 16th, 2021, Amazon- Inc. was imposed with a huge fine of €746 million ($888 million) due to violation of GDPR. More than 10,000 people filed complaints against Amazon Inc in May-2018 through a French Privacy Rights Group. An investigation was opened by CNPD on how Amazon Handles & processes its user data. They found infringements in Amazon’s advertising & targeting system which was conducted without the consent of the user.

2. Meta GDPR fine – €405 million

On September 5th, 2022, Meta Ireland was imposed with a fine of €405 million GDPR fine for finding infringements in processing the personal data of children in accordance with legal bases. According to Data Protection Commission (DPC), personal data such as email addresses & phone numbers of Instagram business accounts of children aged from 13 to 17 years old were automatically displayed. Meta failed in providing proper measures with information using clear & plain language to children, lacked organizational measures & technical measures & also failed in conducting a Data Protection Impact Assessment where processing resulted in a high risk to the rights & freedom of child users.

3. Meta GDPR fine – €265 million

An investigation has previously been launched by DPA in 2021 after several media reports reported that Facebook’s data set was made available on a hacking platform with highly personal data. 533 million users were affected due to this data leak disclosing all their personal information such as email addresses & phone numbers to third parties without authorization & consent.

So, on November 25th,2022 DPA imposed a €265 million fine on Meta after reviewing the Facebook Search, Messenger Contact Importer & Instagram Contact Importer tools.

4. WhatsApp GDPR fine – €225 million

On 2nd September 2021, Ireland’s DPC imposed €225 million fine on WhatsApp Ireland which is a Facebook Owned Voice over-Ip service & messaging app after a 3-year investigation.

The decision was issued to reassess the proposed fine regarding infringements of transparency in the calculation of the fine as well as the period for WhatsApp to comply after the EPDB (European Data Protection Board) intervened and asked the DPC.

5. Google LLC fine- €90 million

On December 31, 2021, a €90 million fine was imposed on Google LLC France over its inability to refuse cookies easily as users could accept on YouTube. The CNIL concluded that the cookie refusal mechanism was much more complex than it should be, which led users to accept cookies which benefited the company to use it for advertising & targeting users based on cookies.

€100 euros per day fine was also imposed on the company until they provide simple mechanisms to refuse cookies as that of accepting them.


Importance Of Data Privacy

Data will help you to improve the quality of life for the people you support: Improving quality is primarily among the reasons why organizations should be using data. By allowing you to measure and take action, an effective data system can enable your organization to improve the quality of people’s lives.

Data allows you to monitor the health of important systems in your organization: By utilizing data for quality monitoring, organizations are able to respond to challenges before they become full-blown crises. Effective quality monitoring will allow your organization to be proactive rather than reactive and will support the organization to maintain best practices over time. So, choosing a wise data manager is particularly important. For example, IEDPS.



The patented iEDPS-Infosys Enterprise Data Privacy Suite provides enterprise-class data privacy & data management. It enables organizations to de-risk as well as protect sensitive data bundled with advanced test data management capabilities. iEDPS helps manage all data needs and enables an organization to adhere to global regulatory standards such as GDPR, CCPA, HIPAA, PIPEDA, GLBA, ITAR, and other global and local regulations. iEDPS can be deployed on any platform and supports all major databases and file systems.

iEDPS uses a data masking technique to hide sensitive data in the repositories. It identifies sensitive data in the repositories & performs data masking (Static & Dynamic) adhering to all the global standards prescribed. Also, iEDPS is very flexible to any newer recommendations of the client for any other type of data protection algorithm they need which will be developed, tested & then delivered maintaining data privacy throughout the development team, production & testing team to avoid any kind of data breaches too.

Author Details

Akshay Vishwanath Masali

Akshay is a System Engineer at Infosys Center for Emerging Technology Solutions. He has worked on Angular front end development & have a good knowledge of Data Science.

Leave a Comment

Your email address will not be published.