Portugal statistics office fined record $4.6M for GDPR violations


The government office for national statistics in Portugal was assessed a fine of 4.3 million euros (U.S. $4.6 million) by the country’s data protection authority (DPA) for multiple violations of the General Data Protection Regulation (GDPR) that occurred during its 2021 census work.

The National Data Protection Commission (CNPD) announced the penalty Monday against the Instituto Nacional de Estatística (INE). The fine total is a record under the GDPR within the country, with the previous high of €1.25 million (then-U.S. $1.4 million) having been issued in December 2021 against the Municipality of Lisbon, according to the GDPR Enforcement Tracker.

A spokeswoman for the INE confirmed the office was aware of and disagreed with the CNPD’s decision. It is preparing a judicial appeal.

lock iconTHIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.