Almost 30 data leaks are reported every day, according to the latest available figures from the Dutch Data Protection Authority (DPA). Organisations that lose private data from citizens get away with it without being fined. Since the beginning of 2016, reporting data breaches is legally required, but no one has been fined. The fact that the DPA did not fine anyone - in theory fines can amount to 820,000 euros - is according to the privacy watchdog itself because fines are not the goal 'but an ultimate tool'. Up until now, warning companies was enough to achieve better data security.