Ogni azione di applicazione elencata qui proviene direttamente dai comunicati stampa ufficiali delle autorità di protezione dei dati dell’UE/SEE. Gli importi riflettono la decisione finale emessa.
| Importo | Azienda | Autorità | Anno | Violazione | Fonte |
|---|---|---|---|---|---|
| €1.2B | Meta (Facebook / Instagram / WhatsApp) | Irish DPC | 2023 | Unlawful transfer of EU/EEA user data to the US | fonte ↗ |
| €746M | Amazon | CNPD (Luxembourg) | 2021 | Behavioral advertising processed without valid consent or legal basis | fonte ↗ |
| €530M | TikTok | Irish DPC | 2025 | Unlawful transfers of EEA user data to China without adequate safeguards | fonte ↗ |
| €405M | Meta (Facebook / Instagram / WhatsApp) | Irish DPC | 2022 | Children's data processing violations on Instagram | fonte ↗ |
| €390M | Meta (Facebook / Instagram / WhatsApp) | Irish DPC | 2023 | Unlawful legal basis for behavioural advertising on Facebook and Instagram | fonte ↗ |
| €345M | TikTok | Irish DPC | 2023 | Children's data processed with unlawful defaults, dark patterns, and inadequate age verification | fonte ↗ |
| €325M | CNIL (France) | 2025 | Gmail ads and cookies placed without valid user consent during account creation (ePrivacy) | fonte ↗ | |
| €310M | Irish DPC | 2024 | Unlawful processing of member data for behavioural analysis and targeted advertising | fonte ↗ | |
| €290M | Uber | Dutch DPA (AP) | 2024 | Unlawful transfers of EU drivers' personal data to the US without safeguards | fonte ↗ |
| €265M | Meta (Facebook / Instagram / WhatsApp) | Irish DPC | 2022 | Data scraping incident — privacy by design failures | fonte ↗ |
| €251M | Meta (Facebook / Instagram / WhatsApp) | Irish DPC | 2024 | 'View As' data breach — privacy by design and breach notification failures | fonte ↗ |
| €225M | Meta (Facebook / Instagram / WhatsApp) | Irish DPC | 2021 | Transparency failures (WhatsApp) | fonte ↗ |
| €150M | CNIL (France) | 2022 | Refusing cookies on google.fr/youtube.com required more steps than accepting them (ePrivacy) | fonte ↗ | |
| €91M | Meta (Facebook / Instagram / WhatsApp) | Irish DPC | 2024 | User passwords stored in plaintext — breach notification failure | fonte ↗ |
| €60M | Microsoft | French DPA (CNIL) | 2022 | Cookie consent on Bing — users couldn't refuse as easily as accepting (ePrivacy) | fonte ↗ |
| €50M | CNIL (France) | 2019 | Insufficient transparency and invalid consent for ad personalisation during Android account setup | fonte ↗ | |
| €20M | Clearview AI | Garante (Italy) | 2022 | Unlawful scraping and processing of biometric facial recognition data without consent or legal basis | fonte ↗ |
| €20M | Clearview AI | CNIL (France) | 2022 | Unlawful processing of biometric data scraped from the internet without legal basis or transparency | fonte ↗ |
| €17M | Meta (Facebook / Instagram / WhatsApp) | Irish DPC | 2022 | Accountability failures across 12 data breaches | fonte ↗ |
| €10M | AEPD (Spain) | 2022 | Unlawfully shared right-to-erasure request data with Lumen Project and obstructed deletion | fonte ↗ | |
| €10M | Uber | Dutch DPA (AP) | 2023 | Inadequate transparency on data retention, transfers, and access rights for drivers | fonte ↗ |
| ~€5M | Spotify | Swedish IMY | 2023 | Failed to clearly inform users about what data access requests would return | fonte ↗ |
| €4.75M | Netflix | Dutch DPA (AP) | 2024 | Opaque privacy statement and inadequate responses to data access requests | fonte ↗ |
| ~€4.5M | IMY (Sweden) | 2020 | Failed to delist ordered search results and exposed requesters by notifying webmasters | fonte ↗ | |
| €2.5M | Deliveroo | Italian DPA (Garante) | 2021 | Opaque algorithmic rider management and excess data collection | fonte ↗ |
| €750K | TikTok | Dutch DPA (AP) | 2021 | Privacy notice provided only in English, not understandable to Dutch child users | fonte ↗ |
| €475K | Booking.com | Dutch DPA (AP) | 2020 | Reported a 4,109-person data breach 22 days late | fonte ↗ |
| €450K | X (Twitter) | Irish DPC | 2022 | Failed to notify DPC of a data breach within 72 hours and inadequately documented it | fonte ↗ |
Usi i nostri modelli gratuiti per esercitare i suoi diritti GDPR — scopra cosa conservano su di lei o richieda la cancellazione.
Sfoglia i modelli di richiesta GDPR per azienda →