GDPR: UK watchdog promises 'proportionate and pragmatic' enforcement
From 25 May, Elizabeth Denham will have the power to issue fines of up to 4% of a business' annual global turnover, or €20 million, whichever is highest, where they are responsible for certain breaches of the new General Data Protection Regulation (GDPR). Other types of breaches could attract fines of up to 2% of annual global turnover, or €10m.
However, Denham said she plans to stick with the Information Commissioner's Office's (ICO's) existing approach to enforcement when the GDPR begins to apply.
Pending the next few months of Brexit negotiations outcomes, we may want to take "Hefty fines will be reserved for those organisations that persistently, deliberately or negligently flout the law." more seriously and the views of other remaining EU DPAs.
There are indications that UK itself is trying to achieve EU adequacy before Brexit fully implemented. While 'proportionate' will continue to be applied, I am unsure if the UK's approach of 'pragmatic' will be accepted once it concludes its exit. Well, we will look forward to the impending EDPB's considerations if UK remains adequate.