The Irish Data Protection Commission issued 66% of all EU data breach fines last year according to a report from law firm DLA Piper.

The firm has corrected an original version of its 'GDPR and Data Breach Survey' which was issued earlier this month.

The updated figures show that €1.64 billion in fines were reported since 28 January 2022 and not €2.9 billion, as originally outlined by DLA Piper.

The figure of €2.9 billion is the current total for all GDPR fines reported from 25 May 2018 to 10 January 2023.

The DPC was responsible for issuing just over €1 billion of last year's reported fines.

The year's highest fine of €405m was imposed by the DPC against Meta for breaches by Instagram relating to children’s personal data.

Meta is currently appealing the decision in the High Court.

"2022 was a significant year for Ireland’s Data Protection Commission," said John Magee, Partner and Head of Data Protection, Privacy & Information Security at DLA Piper Ireland.

"While most of the larger headline-grabbing fines have been levied against social media companies, the DPC is increasingly looking at organisations from all sectors so businesses across the board would be well advised to get their house in order to avoid sanctions," he added.

The survey looks at data fines issued since 28 January 2022 and covers all 27 EU member states as well as the UK, Norway, Iceland, and Liechtenstein.

"With data protection enforcement on the rise, it is probably no coincidence that organisations are increasingly cautious around when and how they report data breaches to regulators," Mr Magee said.

"The fear of investigations, fines and compensation claims is likely driving what is a small but significant reduction in breach reporting numbers," he added.