ProPrivacy is reader supported and sometimes receives a commission when you make purchases using links on this site.

GDPR appeals on the rise as more companies challenge rulings

There has been a marked increase in challenges to GDPR rulings in recent months, with European companies appear increasingly confident they can successfully appeal charges. 

The surge has put a renewed focus on the lack of resources regulators have at their disposal. 


A challenging caseload 

The Wall Street Journal reports that in the past six months, fifteen appeals have been lodged for fine reductions, with six more currently awaiting a court's decision. 

This has reportedly forced staff working for privacy regulators to spend much more time than they'd like defining the remit of a growing number of individual cases and making sure the correct legal procedures are followed at all times. 

This has been made tougher by the fact that few regulatory bodies have been awarded adequate funding to tackle their current caseload. Privacy-conscious web browser Brave filed a complaint to the EU commission last year after discovering that chronic underfunding was indeed hampering regulators' ability to enforce the rules. 

Success prompts more challenges

Not unusually, the more successful challenges that lead to reductions - or fines being overturned completely - the more likely it is to galvanize other companies when they're charged. 

Many organizations no longer hesitate to challenge the decision of data protection authorities. That's a big change.

Ahmed Baladi, Partner at Gibson, Dunn and Crutcher LLP

Some experts have also said that due to the fact many regulators are short-staffed and are running on stretched budgets, hunting for mistakes in the prosecution's legal proceedings has become a more beneficial endeavor. 

Fine reductions

In the past few months, several companies have had fines for breaching data regulations reduced after successfully appealing the decisions in court. Reasons for mass reductions vary but include explanations such as data not being sensitive enough to warrant the charges.  

Privacy regulators in a number of European countries have also witnessed their rulings struck down by a court for reasons that could potentially set worrying precedents for the future and impede enforcement of such rules in the future. 

The most recent example is that of Deutsche Wohnen, a German property company, who had a fine levied against them overturned by a Berlin court, which said as there was no specific employee identified as the culprit. A similar explanation was given in a case in Austria in December 2020. This will make it harder to fine larger, more bureaucratic companies. 

Back in October, British Airways escaped a monster £183 million fine from British regulator ICO, later reduced to £20 million, with the impact of Covid-19 on the industry thought to play a role. 

A tougher stance

Despite several successful appeals from well-known European companies, regulators in Europe imposed €158.5m of fines between January 2020 and January 2021, which accounts for well over half of the total €272.5m imposed since the law came into force. 

Law firm DLA Piper charted a 19% increase in reported data breaches in 2020 compared with the year previous, with regulators made aware of over 120,000 shortcomings. 

Failing to comply with GDPR regulations can lead to fines totaling up to 4% of global revenue or €20 million, as dictated in the regulation.

Written by: Aaron Drapkin

After graduating with a philosophy degree from the University of Bristol in 2018, Aaron became a researcher at news digest magazine The Week following a year as editor of satirical website The Whip. Freelancing alongside these roles, his work has appeared in publications such as Vice, Metro, Tablet and New Internationalist, as well as The Week's online edition.


There are no comments yet.

Write Your Own Comment

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

  Your comment has been sent to the queue. It will appear shortly.

We recommend you check out one of these alternatives:

The fastest VPN we test, unblocks everything, with amazing service all round

A large brand offering great value at a cheap price

One of the largest VPNs, voted best VPN by Reddit

One of the cheapest VPNs out there, but an incredibly good service