Cullen International’s new benchmark shows that data protection authorities in half of the 16 surveyed European countries imposed fines on big tech companies for either General Data Protection Regulation (GDPR) or e‑Privacy Directive (ePD) infringements since the entry into application of the GDPR in May 2018.
The benchmark shows that Luxembourg is the country with the highest sum of fines imposed with €746m, followed by Ireland and France.
Amazon, WhatsApp and Google are the big tech companies which incurred in the highest sum of fines at €781m, €225m and €155.7m respectively.
The benchmark also looks at whether, in the event of GDPR infringement in multiple EU member states, big tech companies benefitted from the cooperation and consistency mechanism introduced by the GDPR. The mechanism aims to achieve the consistent application of the GDPR throughout the EU.
For more information and access to the benchmark, please click on “Access the full content” - or on “Request Access”, in case you are not subscribed to our European Digital Economy service.
more news
11 June 25
Protection of minors: overview of initiatives on age-verification systems in European countries
Cullen International has just updated a benchmark on national age-verification systems to control or restrict minors' exposure to harmful content on social media platforms.
06 June 25
Update on digital services taxes in Europe
Our latest benchmark offers an overview of taxes adopted or proposed on digital services across Europe.
05 June 25
New ecodesign requirements for smartphones and tablets to apply this month
From 20 June 2025, all new smartphones and tablets must meet new EU ecodesign requirements covering reparability, software updates, durability and battery life. Our new Tracker provides a concise description of the EU ecodesign rules and puts them into context.