since the General Data Protection Regulation (GDPR) took effect in May 2018, the UK's Information Commissioner's Office (ICO) has received a monthly average of 1,276 data breach notifications – 43 notifications per day. Three of the EU's other largest economies reported breach notification figures significantly lower than in the UK. The monthly average in France, Italy and Spain is 307, 170 and 94 respectively.
A new report issued by Pinsent Masons, featuring data gathered from the ICO, Action Fraud and data protection authorities across Europe, highlighted the issue and flagged the impact it is having on the caseload of the regulators.
A separate recent report issued by the ICO revealed that it had received around 14,000 personal data breach reports from organisations between 25 May 2018, the date the GDPR became effective, and 1 May 2019. By way of comparison, the ICO said it had received approximately 3,300 personal data breach reports during the year ending 31 March 2018.