Unknown – €250,000 Fine (Malta, 2022)

€250,000Information and Data Protection Commissioner1 January 2022Malta
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

An unknown company in Malta was fined EUR 250,000 for not having proper security measures to protect personal data. This case shows the importance of implementing strong technical and organizational safeguards to keep data safe. Companies should regularly review and update their security practices.

What happened

A company failed to implement adequate technical and organizational measures to protect personal data.

Who was affected

Individuals whose personal data was not properly protected by the company.

What the authority found

The Maltese data protection authority fined the company for not having sufficient security measures, violating GDPR's data protection requirements.

Why this matters

This significant fine emphasizes the critical need for companies to prioritize data security. It serves as a reminder to regularly assess and improve data protection measures to avoid similar penalties.

GDPR Articles Cited

AI-verified

Art. 15 GDPR
Art. 58(2)(b) GDPR
Art. 58(2)(c) GDPR
View original scraped data
Art. 32(1) GDPR
(2) GDPR

Original data from scraper before AI verification against source document.

Source verified 6 March 2026
articles corrected
Malta enforcementInformation and Data Protection Commissioner actionsAll Unknown actions
Full Legal Summary
Detailed

The controller has failed to implement appropriate technical and organizational measures to protect personal data.

Related Enforcement Actions (5)

Other enforcement actions involving Unknown in MT

Fine
Jan 2020· Information and Data Protection Commissioner

The controller had sent unsolicited commercial messages. In addition, the privacy policy did not comply with transparency requirements and the control...

€4K
Fine
Jan 2020· Information and Data Protection Commissioner

The controller has disclosed a personal email address to all recipients of the email.

€3K
Fine
Jan 2020· Information and Data Protection Commissioner

The controller failed to comply with a data subject's right to information. In addition, the data protection policy did not meet the transparency requ...

€20K
Fine
Jan 2022· Information and Data Protection Commissioner

The controller has violated numerous GDPR regulations, involving special categories of personal data of numerous individuals.

€65K
Current
Jan 2022

Fine

€250K

Fine
Jan 2023· Information and Data Protection Commissioner

The controller unlawfully gained access to audio recordings from a surveillance camera.

€5K

Details

Fine Date

1 January 2022

Authority

Information and Data Protection Commissioner

Fine Amount

€250,000

Enforcement Tracker ID

ETid-1835

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Unknown - Malta (2022). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: