In 2016, telecommunications company TalkTalk was fined £400,000 for failing to prevent a cyber attacker from accessing customer data. Should this happen after 25th May 2018 the company would be fined £74m under the new General Data Protection Regulation, resulting in a consequential 18,000% increase.
All businesses operating in the EU must ramp up their GDPR efforts otherwise they could see themselves facing hefty fines. As companies collect and store more data there is an inherent risk of it being used for felonious activity.
Tough data protection regulations are ‘designed to harmonise’ data laws across the European Union to help protect EU citizens’ privacy. The new laws will reshape how organisations operate. Companies trading in the EU such as Apple could have €756 million wiped out in one go thanks to a substantial 4% fine.
|Company||Industry||Revenue (Billions of Euros)||Total Penalty: 4% tier (Millions of Euros)|
|Apple||Technology||€ 189||€ 756|
|BP||Energy||€ 159||€ 636|
|Samsung||Technology||€ 149||€ 596|
|Fiat Chrysler Automobiles||Automotive||€ 106||€ 424|
|Schwarz||Retail||€ 92||€ 368|
|Legal & General Group||Financial services||€ 91||€ 364|
|Prudential||Financial services||€ 84||€ 336|
|Alphabet||Internet||€ 78||€ 312|
|Microsoft||Technology||€ 74||€ 296|
|Carrefour||Retail||€ 73||€ 292|
|Tesco||Retail||€ 68||€ 272|
|Aviva||Financial services||€ 64||€ 256|
|Aldi||Retail||€ 60||€ 240|
|Tesco||Retail||€ 59||€ 236|
|Metro||Retail||€ 54||€ 216|
|Rewe||Retail||€ 54||€ 216|
|HSBC Holdings||Financial services||€ 54||€ 216|
|Dell Technologies||Technology||€ 54||€ 216|
|Vodafone||Telecommunications||€ 53||€ 212|
|Edeka||Retail||€ 50||€ 200|
|Amazon||Retail||€ 46||€ 184|
|Hewlett Packard Enterprise||Technology||€ 42||€ 168|
|HP||Technology||€ 42||€ 168|
|Auchan||Retail||€ 38||€ 152|
|E.Leclerc||Retail||€ 37||€ 148|
|Imperial Tobacco Group||Tobacco||€ 34||€ 136|
|GlaxoSmithKline||Pharmaceuticals||€ 33||€ 132|
|Centrica||Electric utility||€ 32||€ 128|
|SSE||Electric utility||€ 32||€ 128|
|Sainsbury||Retail||€ 30||€ 120|
Popular industries across Europe within the public trading sector belong to retail services followed by the financial sector.
UK retailers make up 5% of a 100 company list with revenues combined totaling €134 billion. Put into context, if Tesco were to heavily breach consumer data after 25th May 2018 they would receive a 4% fine, that fine would cost them €236 million (£294m). Up to nearly 300% more than the £74m TalkTalk figure.
The Wonga data breach earlier this year affected almost 245,000 customers in the UK, making the finance industry the most vulnerable due to large monetary-led data desired by hackers.
Internet service companies such as Google and Facebook may not top the number of retailers but as their business models rely on data collection; from search history to passwords, the data giants could face penalties of €312m and €96m, respectively.
Furthermore, all EU residents will be able to request any organisation trading in the EU to remove personal data from its database and businesses should start planning on how they will remain to be fully compliant and react to such requests and more.
Since Article 50 has not yet been triggered, the UK is still part of the EU and businesses must operate accordingly.
The top public-trading global companies from various industries who currently trade within the EU were selected and compiled into a list sorted by highest global revenue. All global revenue [2016 – 2017] has been switched to Euros for consistency. All industry types have been aggregated to show which industry is most popular within the EU.