November 27, 2020

Volume X, Number 332


November 25, 2020

Subscribe to Latest Legal News and Analysis

Dutch DPA Releases 2019 Annual Report

On July 1, 2020, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, the “Dutch DPA”) published its 2019 annual report (the “Report”). The Report shows that in 2019, the Dutch DPA focused on enforcement actions, after having raised awareness about the EU General Data Protection Regulation (the “GDPR”) in 2018. Below are key findings from the Report.

In 2019, the Dutch DPA:

  • Received 26,956 data breach notifications, compared to 20,881 in 2018.

  • Received 27,854 complaints, including 959 international complaints. According to the Dutch DPA, the number of complaints shows how important privacy has become for individuals. This is confirmed by research commissioned by the Dutch DPA in early 2019 showing that no less than 94% of Dutch individuals are concerned about the protection of their personal data.

  • Intervened in 2,082 cases, including 2,017 cases relating to data breaches and complaints. This is twice as many as 2018.

  • Conducted 110 investigations, compared to 20 in 2018, and completed 59 of them. In 24 of the 59 completed investigations, the Dutch DPA found infringements.

  • Imposed fines four times, for a total amount of more than 2.5 million euros. The infringements sanctioned by the Dutch DPA concerned access to medical records, unlawful sale of personal data, unlawful processing of biometric data and non-compliance with individuals’ access rights.

  • Imposed seven corrective measures, including penalty payment orders and reprimands.

  • Advised on 105 draft laws, including laws on credit registration, preventive debt assistance and partnerships, compared to 82 in 2018.

  • Received 6,940 requests for information, compared to 21,395 in 2018.

Read the press release and the full report (available in Dutch).


Copyright © 2020, Hunton Andrews Kurth LLP. All Rights Reserved.National Law Review, Volume X, Number 190



About this Author

In today’s digital economy, companies face unprecedented challenges in managing privacy and cybersecurity risks associated with the collection, use and disclosure of personal information about their customers and employees. The complex framework of global legal requirements impacting the collection, use and disclosure of personal information makes it imperative that modern businesses have a sophisticated understanding of the issues if they want to effectively compete in today’s economy.

Hunton Andrews Kurth LLP’s privacy and cybersecurity practice helps companies manage data and...

212 309 1223 direct