GDPR Fine Statistics & Trends 2026
GDPR enforcement statistics across 5,535 enforcement actions totalling €10.6B in 33 European countries. Track GDPR fines over time, compare GDPR fines 2026 vs previous years, and analyze GDPR fine trends and violation patterns.
Data current as of 29 April 2026 · Updated daily
Frequently Asked Questions About GDPR Fine Statistics
Q:How much have European DPAs collected in GDPR fines in total?
European data protection authorities have collectively issued billions of euros in GDPR fines since the regulation took effect in May 2018. The total includes both cookie-specific ePrivacy fines and broader GDPR penalties. Ireland's DPC, Luxembourg's CNPD, and France's CNIL account for the largest individual fines, with penalties against Meta, Amazon, and Google exceeding EUR 1 billion each.
Q:Are GDPR fines increasing or decreasing over time?
GDPR fines have generally been increasing both in total volume and average amount since 2018. The trend shows DPAs becoming more confident in imposing larger penalties. 2023 and 2024 saw record-breaking fines, particularly for Big Tech companies. Cookie consent fines specifically have accelerated as more DPAs prioritise ePrivacy enforcement.
Q:Which company has received the largest GDPR fine?
Meta (formerly Facebook) holds the record for the largest single GDPR fine at EUR 1.2 billion, imposed by Ireland's Data Protection Commission in May 2023 for transferring EU user data to the US. In the cookie consent space, the largest fines have been levied by France's CNIL against Google (EUR 150 million) and Amazon (EUR 35 million) for cookie violations.