Which countries have been the biggest GDPR rule-breakers?

UK-based financial analysts Finbold rank which EU nations have been the top violators of GDPR this year

Spain and Italy have topped a ranking of EU nations penalised for GDPR violations this year, according to UK-headquartered financial analysts Finbold.

Over two years since the General Data Protection Regulation legislation was implemented, 2020 has seen Spain slapped with 76 fines - the most of any EU country - while Italy has raked in the highest total of fines; €45.6m.

That's 66.9 per cent of the total fines issued to every EU nation between 1 January and 17 August 2020; €68.2m.

Spain's 76 penalties added up to €1.95m.

The second and third top offenders include Sweden, whose four fines amounted to €7.03m, and the Netherlands, with three offences racking up €2.08m. Norway, Belgium, Hungary, Finland and Ireland round out the top 10.

The number one GDPR violation factor listed by the GDPR's enforcement tracker website is "insufficient legal basis for data processing".

Companies sanctioned for this reason include one of Italy's telecom firms, Wind Tre, which was fined €16.7m for "unsolicited communications sent without prior consent", not giving customers "their right to withdraw their consent and object to processing for direct marketing purposes" and customer data being "published on public telephone lists despite their objection".

Finbold did note that its analysis is based on fines made public by the EU's GDPR tracker.