Portugal statistics office fined record $4.6M for GDPR violations
By 
Kyle Brasseur2022-12-14T16:50:00
The government office for national statistics in Portugal was assessed a fine of 4.3 million euros (U.S. $4.6 million) by the country’s data protection authority (DPA) for multiple violations of the General Data Protection Regulation (GDPR) that occurred during its 2021 census work.
The National Data Protection Commission (CNPD) announced the penalty Monday against the Instituto Nacional de Estatística (INE). The fine total is a record under the GDPR within the country, with the previous high of €1.25 million (then-U.S. $1.4 million) having been issued in December 2021 against the Municipality of Lisbon, according to the GDPR Enforcement Tracker.
A spokeswoman for the INE confirmed the office was aware of and disagreed with the CNPD’s decision. It is preparing a judicial appeal.
Related articles
-
News BriefCroatian DPA levies largest GDPR fine
The Croatian data protection authority handed down its largest penalty under the General Data Protection Regulation to date: a fine of nearly €2.3 million (U.S. $2.5 million) against debt collector B2 Kapital.
-
PremiumPrivacy Shield replacement on track, though hurdles remain
The agreement on a new framework for transatlantic data flows between the United States and European Union could be finalized this year. Whether it can stand legal scrutiny is the real question.
-
ArticleClubhouse app operator fined $2M for GDPR violations
Alpha Exploration, operator of the social media app Clubhouse, received a penalty from the Italian data protection authority for the unlawful processing of EU citizens’ data in violation of the General Data Protection Regulation.
More from Regulatory Enforcement
-
ArticleLarge wound care practice pays $45M, agrees to monitoring
One of the largest wound care practices in the nation and its founder have agreed to pay $45 million and be subjected to third-party monitoring, to settle allegations that the business intentionally overbilled Medicare by priming its electronic medical records system to do so.
-
News BriefSEC dismisses SolarWinds case tied to 2020 cyberattack
The dismissal of charges against SolarWinds for alleged cybersecurity lapses related to a 2020 Russian cyberattack in 2020 are the latest in a continuing pattern of leniency for corporations by the Trump administration.
-
PremiumPart Two: FCPA cases closed by DOJ, SEC since January
Since the start of the Trump Administration, the Department of Justice has been winding down a number of Foreign Corrupt Practices Act investigations with little public attention. This second article further explores how and why these FCPA matters have been closed.