Unknown – €2,500 Fine (Malta, 2020)

€2,500Information and Data Protection Commissioner1 January 2020Malta
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

In Malta, a company accidentally shared a personal email address with everyone on an email list. This mistake led to a fine because it breached privacy rules. Companies need to be careful when sending emails to protect people's personal information.

What happened

A personal email address was disclosed to all recipients of an email.

Who was affected

The individual whose personal email address was shared with all email recipients.

What the authority found

The data protection authority fined the company for not protecting personal data, violating GDPR's security requirements.

Why this matters

This incident serves as a reminder for businesses to double-check email settings and ensure personal data is not exposed. Proper email practices are crucial to maintaining data privacy.

GDPR Articles Cited

AI-verified

Art. 32(1)(b) GDPR
View original scraped data
Art. 32(1) b) GDPR

Original data from scraper before AI verification against source document.

Source verified 16 March 2026
articles corrected
Malta enforcementInformation and Data Protection Commissioner actionsAll Unknown actions
Full Legal Summary
Detailed

The controller has disclosed a personal email address to all recipients of the email.

Related Enforcement Actions (8)

Other enforcement actions involving Unknown in MT

Fine
Jan 2020· Information and Data Protection Commissioner

The controller failed to comply with a data subject's right to information. In addition, the data protection policy did not meet the transparency requ...

€20K
Fine
Jan 2020· Information and Data Protection Commissioner

The controller has unlawfully disclosed personal data of a data subject.

€5K
Fine
Jan 2020· Information and Data Protection Commissioner

The controller had sent unsolicited commercial messages. In addition, the privacy policy did not comply with transparency requirements and the control...

€4K
Current
Jan 2020

Fine

€3K

Fine
Jan 2022· Information and Data Protection Commissioner

The controller has violated numerous GDPR regulations, involving special categories of personal data of numerous individuals.

€65K
Fine
Jan 2022· Information and Data Protection Commissioner

The controller has unlawfully disclosed personal data of a data subject.

€3K
Fine
Jan 2022· Information and Data Protection Commissioner

The controller has failed to implement appropriate technical and organizational measures to protect personal data.

€250K
Fine
Jan 2023· Information and Data Protection Commissioner

The controller unlawfully gained access to audio recordings from a surveillance camera.

€5K
Fine
Jan 2023· Information and Data Protection Commissioner

Multiple data protection shortcomings

€3K

Details

Fine Date

1 January 2020

Authority

Information and Data Protection Commissioner

Fine Amount

€2,500

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Unknown - Malta (2020). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: