Scroll Top
19th Ave New York, NY 95822, USA

Fines and Penalties for Non-Compliance: DSA, GDPR, and CRD

In the digital age, regulations and directives have been established to protect consumers and ensure a level playing field for businesses. Three significant pieces of legislation in this realm are the Digital Services Act (DSA), the General Data Protection Regulation (GDPR), and the Consumer Rights Directive (CRD). This article provides a brief overview of each and outlines the fines and penalties associated with non-compliance.

1. Digital Services Act (DSA):


The DSA is a proposed regulation by the European Commission aimed at addressing the challenges posed by digital services. It focuses on issues related to illegal content, transparency obligations, and ensuring a safer online environment.

Fines and Penalties:

For non-compliance with orders from supervisory authorities, companies can face fines of up to 6% of their global annual turnover.

For systematic breaches of the regulation, fines can go up to 1% of the company’s global annual turnover.

2. General Data Protection Regulation (GDPR):


The GDPR is a regulation that focuses on data protection and privacy for individuals within the European Union (EU) and the European Economic Area (EEA). It addresses the transfer of personal data outside these regions and gives individuals control over their personal data.

Fines and Penalties:

Minor infringements can result in fines of up to €10 million or 2% of the company’s global annual turnover, whichever is higher.

Severe infringements can lead to fines of up to €20 million or 4% of the company’s global annual turnover, whichever is higher.

3. Consumer Rights Directive (CRD):


The CRD aims to ensure that consumers have the same minimum rights wherever they shop in the EU. It covers various aspects, including the right to information, the right to cancel online purchases, and the right to return goods.

Fines and Penalties:

The penalties for non-compliance with the CRD vary by member state, as the directive allows each country to set its own penalties.

Generally, penalties can include fines and may also involve compensating the consumer for any harm caused.

Some countries have established daily fines for ongoing violations, while others have set fixed amounts or percentages of annual turnover.


While the DSA, GDPR, and CRD serve different primary purposes, they all aim to create a safer, more transparent, and fairer digital environment for consumers and businesses alike. Non-compliance can result in significant financial penalties, emphasizing the importance for companies to understand and adhere to these regulations and directives.

Image by Storyset on Freepik

blank Kelly Logan

Founder and Managing Partner

More about Kelly

Read also

Visit Us On FacebookVisit Us On TwitterVisit Us On Linkedin