08/06/2023 (Agence Europe) – On Wednesday 7 June, the European Data Protection Board (EDPB) published guidelines on calculating administrative fines relating to the General Data Protection Regulation (GDPR). The aim, stresses the EDPB, is to harmonise the methodology national data protection authorities (DPAs) use by providing common “starting points”, namely the nature of the infringements, their seriousness and a company’s turnover. The guide proposes a five-step methodology that takes into account the number of instances of sanctionable conduct, the starting point for calculating the fine, aggravating or mitigating factors, legal maximums of fines and the requirements of effectiveness, dissuasiveness and proportionality. While the amounts of fines under the GDPR are left to the discretion of DPAs, they are regularly the subject of criticism (see EUROPE 13185/4). Read the guidelines: https://aeur.eu/f/7bs (HS)