I don't recall right now the exact details about how they calculate the fine,
which is appropriate for each case, but the 4% of turnover or 20 million Euros
is just the maximum amount (per case). I'm sure there is something already
documented, about that, or may be is each country DPA the one responsible to
define the exact fine for each case.
For example, up to now (with the previous law, LOPD for Spain), the maximum
fine was 600.000 euros, and the "starting" fine was 1.500 euros. So, depending
on the number of people affected, the degree of infringement, if it is the
first time or if the company has been warned or fined before, you can get a
fine in the "middle" of those figures.
I'm sure it will be the same way for the GDPR.
Regards,
Jordi
-----Mensaje original-----
De: NANOG <nanog-boun...@nanog.org> en nombre de Seth Mattinen
<se...@rollernet.us>
Fecha: sábado, 26 de mayo de 2018, 16:00
Para: <nanog@nanog.org>
Asunto: Re: Whois vs GDPR, latest news
On 5/26/18 1:30 PM, JORDI PALET MARTINEZ via NANOG wrote:
> I don't think, in general the DPAs need to use lawsuits.
>
> If they discover (by their own, or by means of a customer claim) that a
company (never mind is from the EU or outside) is not following the GDPR, they
will just fine it and the corresponding government authorities are the
responsible to cash the fine, even with "bank account embargos". If the company
is outside the EU, but there are agreements with that country, they can proceed
to that via the third country authorities.
If someone were to show up and issue me a 10 or 20 million euro fine
(more in USD), I'd just laugh since I'll never see that much money at
one time in my whole life.
I'm not convinced they will limit reach to the Facebooks and Googles of
the world until a lower limit is codified. I suspect that won't happen
until enough small guys are fined 10-20 million euros who could never
hope to repay it in a lifetime.
~Seth
**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company
This electronic message contains information which may be privileged or
confidential. The information is intended to be for the exclusive use of the
individual(s) named above and further non-explicilty authorized disclosure,
copying, distribution or use of the contents of this information, even if
partially, including attached files, is strictly prohibited and will be
considered a criminal offense. If you are not the intended recipient be aware
that any disclosure, copying, distribution or use of the contents of this
information, even if partially, including attached files, is strictly
prohibited, will be considered a criminal offense, so you must reply to the
original sender to inform about this communication and delete it.
