UK watchdog, the Information Commissioner’s Office (ICO), has revealed which companies have failed to pay data protection fees.
The list includes cloud data firm NetApp, game developer Ubisoft Reflections and Gigya UK, an Israeli customer identity management firm that was acquired by SAP in 2017.
Other notable names are Italian restaurant chain Prezzo and magazine publishing company Condé Nast, which produces Wired magazine.
The General Data Protection Regulation (GDPR) and the Data Protection Regulations 2018 came into force on the 25th of May, 2018.
Under these regulations, organisations that determine the purpose for which personal data is processed (controllers) must pay the ICO a data protection fee unless they are exempt. These fees fund the ICO‘s data protection work.
The fees, although heftier than under the previous data protection regime, are still relatively small for most companies.
Organisations with less than 10 workers are charged £40 annually, SMEs pay £60, and those with more than 250 staff and/or an annual turnover in excess of £36 million pay £2,900. Fines can be issued of up to £400, £600 and £4,000 respectively.
The ICO can impose fines of up to £4,000 for companies that do not make the payments.
The companies that ICO has now named are those that have still not paid, despite being sent warning letters from the ICO in September 2018.
In total, the ICO named 90 limited companies that have been issued with a penalty notice for non-payment of the data protection fee. For “privacy reasons” it said it had not included any sole traders who had been issued a penalty notice.