Canadian Underwriter

Aon, DLA Piper review insurability of GDPR fines

May 18, 2018   by Staff

Print this page

Photo copyright: and law firm DLA Piper have released a report—The Price of Data Security—that reviews the insurability of General Data Protection Regulation (GDPR) fines.

GDPR comes into effect in Europe on May 25. Fines can be as high as 20 million euros or up to 4% of a group’s annual global turnover. The report found that fines are insurable in only two jurisdictions, and only when there is no deliberate wrongdoing or gross negligence on the part of the insured.

Key findings include:

  • Finland and Norway are the only country where GDPR fines are insurable
  • Fines would not be insurable in 20 of the 30 countries reviewed in the report, including the U.K., France, Italy and Spain
  • It is unclear whether fines would be insurable in eight jurisdictions

Canadian companies that do business in the U.K. could be subject to GDPR fines, Aon noted in a press release.

“The first thing Canadian companies can do is make sure they are compliant, then consider insurance,” said Brian Rosenbaum, head of Aon Canada’s National Cyber and Privacy Practice. “Aon in Canada has adapted the wording in its cyber insurance policies in the light of the new GDPR to give clients the legal costs they need to challenge the GDPR fine and provide the client a fighting chance to get the fine paid if they are caught offside.”

Canadian Insurance Top Broker is now on Facebook ( as well as LinkedIn ( and Twitter ( Follow us for easy access to the top P&C news you need to know.

This story was originally published by Canadian Insurance Top Broker.