EuroComply
Sign up
Regulatory intelligence

EU Enforcement Intelligence

Source-linked regulatory updates from CNIL, Garante, ICO, AEPD, EDPB, and major EU supervisory authorities. Sourced from official authority publications.

315

Total updates indexed

12

Sources indexed

8

Regulation areas

27

EU member states

By authority — last 90 days

EUR-Lex69
EDPB60
Court of Justice (EU)32
ESMA30
European Parliament17
European Commission Digital Strategy15
CNIL (France)13
EBA5

By regulation — last 90 days

GDPR97
National Transposition43
EU Amendment21
DSA10
Data Governance Act5
EU Market Regulation5

Enforcement volume — last 6 months

1
Feb
5
Mar
24
Apr
192
May
30
Jun
2
Jul
2
Sept
1
Jan

315 decisions (showing latest 30)

Frequently asked questions

Which EU data protection authority issues the most GDPR fines?

Italy's Garante and France's CNIL issue the highest volume of enforcement decisions annually. Ireland's DPC handles many Big Tech cases due to EU headquarters presence — including the record €1.2 billion Meta fine (2023). The Spanish AEPD and Dutch AP are most active against smaller organisations and public bodies.

What is the maximum fine under GDPR?

GDPR Article 83 sets maximum fines at €20 million or 4% of global annual turnover — whichever is higher. Tier 1 infringements (e.g. insufficient legal basis, data subject rights violations) carry up to €10 million or 2% of turnover. Tier 2 infringements (e.g. unlawful processing, international transfers) carry the full €20 million / 4% ceiling.

When does EU AI Act enforcement start?

EU AI Act enforcement is phased: prohibited AI practices banned from February 2, 2025; GPAI model rules from August 2, 2025; high-risk AI system obligations from August 2, 2026. National market surveillance authorities handle enforcement; the European AI Office oversees general-purpose AI models above 10^25 FLOPs.

What does NIS2 enforcement look like?

NIS2 (Directive 2022/2555) required EU member state transposition by October 17, 2024. Essential entities face fines up to €10 million or 2% of global turnover; important entities up to €7 million or 1.4% of turnover. National CSIRTs and competent authorities handle enforcement. Management board members can be held personally liable for repeated non-compliance.

Get weekly enforcement briefings

Every Monday: the week's top EU enforcement actions, curated by regulation and authority. Free for all EuroComply users.

Sign in or create a free account to subscribe to weekly enforcement alerts.

Data sourced from official EU supervisory authority publications. For informational purposes only. Not legal advice. Editorial policy