Google’s £44m fine for breaching the General Data Protection Regulation (GDPR) should serve as a warning to businesses of all sizes that they have a mandatory responsibility to uphold the regulation, according to a Scottish technology business leader.
Austen Clark, managing director of Clark Integrated Technologies, in Aberdeenshire, said that the massive fine imposed on Google by the French data regulator CNIL, is a sign that data privacy obligations should be taken extremely seriously.
Mr Clark said: “This is the start of the GDPR having teeth. We are now in the next phase of the process: enforcement by the authorities that have been mandated to uphold the regulation.
“They will demonstrate that there is a price to pay in not dealing with how we manage personal data. When it comes to implementing GDPR, too many organisations have paid lip service and carried out a tick box exercise - this should be taken as a reminder to us all.”
GDPR came into force in May 2018 and drastically increased potential penalties on companies found to have misused or mismanaged clients’ personal data.
Fines that can be up to €20m or 4% of total annual turnover were expected to be incurred as a last resort.
Mr Clark added: “Examples are being made of organisations that do not comply; data management practices need to be robust and there can be no passing the buck.”
The Information Commissioner’s Office (ICO) has a useful guide to GDPR on its website, click here.