The General Data Protection Regulation (GDPR) aims to give control to individuals over their personal data and to simplify the regulatory environment within the EU. It is applicable as of May 25th, 2018 in all member states. Since then the total number of GDPR fines is 250; total GDPR fines amount to more than €153 million (as of March 2020).
Infringements shall be subject to administrative fines up to €20 million or up to 4% of the total worldwide annual turnover of the preceding financial year, whichever is higher. Largest fine so far was €50 million against Google.
By far the most common infringements occur against Articles 5, 6 and 32, i.e. “Principles relating to processing of personal data”, “Lawfulness of processing”, and “Cooperation with the supervisory authority”.