Compliance with the General Data Protection Regulation and violations under it

Abstract

The General Data Protection, replacing the Directive 95/46/EC brings more strict obligations with respect to data subject’s rights and data security. The main objective for the research of violations under the General Data Protection Regulation is to find what are the costs to companies for incompliance and failure to protect their users rights and whether the Regulation is sufficiently reaching the goal of enhancing data subject’s rights and in reality protecting their privacy. The author provides an answer to the proposed problems through an analysis of case law, guidelines provided by the authorities, and through the application of the principles of data protection. The outcomes prove that the GDPR by itself is not sufficient to provide complete security and the costs to the companies in breach of the GDPR are not only economic but also moral.