We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners. Read More


Log in

M21082 - GDPR Workshop: GDPR Fines, Claims And Enforcement Action (Online)

  • 19 Oct 2021
  • 13:30 - 15:30
  • Online Webinar


Registration Time: 13:15
Sessions Time: 13:30 - 15:30  no break time
Speaker: Mr David Cauchi
Venue: Online Webinar
Participation Fees (The Institute is now accepting payments via Paypal)
MIA Members: €28.00
Non-MIA Members: €50.00
Retired Members: €15.00
Students: €20.00
*Group bookings for 3 or more participants available.


Following the coming into effect of the GDPR in 2018, as expected, there was a consistent increase in sanctions and enforcement action taken by EU Data Protection Supervisory Authorities. Apart from the powers to impose administrative fines up to a maximum of 20million or 4% of the annual turnover, Supervisory Authorities have additional enforcement tools which they can use when the violations do not require a sanction, such as the issuing of specific orders, reprimands and bans on processing operations. In addition, the GDPR also provides direct remedies for individuals which can be availed of even without involving the Supervisory Authorities.


To provide a better understanding of the GDPR enforcement process and landscape.  


Supervisory Authorities
- Role and Competences
- Cooperation Mechanism
- Enforcement Powers and Sanctions
Remedies for data subjects
- Right to lodge a complaint
- Judicial Remedies
- Right to Compensation
- Growing trend in claims and class action
Fines in numbers
- Major sanctions
- Statistics


This session is intended for persons with Decision-Making or Advisory Roles within organizations, including Top Management, Business Entrepreneurs, Legal, Compliance and Risk Managers, Data Protection Officers and other employees responsible for the handling of privacy matters within organizations.


David Cauchi is a seasoned data protection practitioner with over 17 years of experience in the field. He started his career in the data protection field when he joined the Information and Data Protection Commissioner after graduating in Management in 2003.
Throughout these years he developed a passion and also expertise in the field, particularly in handling casework, investigations and audits, international and cross-border matters, providing guidance and raising awareness on data protection to the various sectors, including banking and financial services, online gaming, employment, law enforcement and regulatory bodies, NGOs, and also the public at large.
David was also actively involved in EU fora, in particular the Coordinated Supervision of EU large-scale information systems, having also served as Chair of the Schengen Supervision Coordination Group.
He moved to the private sector in 2020, where he leads the privacy function for an online gaming corporate. David is also a Certified Practitioner and Privacy Manager, having obtained the relevant qualifications from PDP Training and IAPP respectively.


2 Hours Professional


Terms and conditions apply.


By Registering and/or Booking for this event, you agree that MIA will collect your information, who will be using it as per the MIA Privacy Policy for CPE Events. Please read the MIA’s Privacy Notice for CPE Events in its entirety which can be found at this link. By accepting to participate in this event you accept that MIA shall process personal data in accordance with this Privacy Notice.
If registration is being affected by a company or other corporate entity on behalf of an attendee or the registering company or other corporate entity supplies to the MIA personal data of third parties, such as of employees, affiliates, management companies or service providers, the registering company or other corporate entity shall be solely responsible for making sure that the provision of such data to the MIA fully complies with applicable laws and the relevant person in regard to whom the data relates has been provided with the necessary information at law regarding the MIA’s processing of his personal data.
Any information notices, consents or other applicable requirements that may be required to be fulfilled for the provision of third party data to the MIA shall be borne solely by the registering company or other corporate entity. The registering company or other corporate entity hereby fully indemnifies the MIA and shall render the MIA completely harmless against all costs, damages or liability of whatsoever nature resulting from any claims or litigation (instituted or threatened) by any third party against the MIA as a result of the provision of any third party personal data to the MIA by the registering company or other corporate entity.
The Malta Institute of Accountants may take photos during this event. These images will be used by the Institute to share news about the event in newsletters, the Annual Report, The Accountant journal and printed publicity. Photos can also be published on MIA’s Facebook, Linkedln and Twitter. Such images may be used to publicise future events of the same nature and for reporting purposes.


Suite 4, Level 1, Tower Business Centre, Tower Street, Swatar, BKR 4013, Malta 

E-mail: info@miamalta.org

Tel. +356 2258 1900