
On 22 May 2023, the Irish data protection regulator (DPC) announced that it had issued a record-breaking €1.2 billion fine in a decision relating to non-compliant EU-to-U.S. data transfers under the GDPR. This fine imposed by the DPC substantially overshadows the previous record of €746 million under the GDPR, and raises several concerns for organisations transferring personal data from the EU to the U.S.