GDPR mega‑fines on social networks for unlawful adtech and children’s data processing

$100M-$1.3B fine per enforcement; legal defense costs $5M-$20M per action; settlement negotiation delays • $100M-$1.3B per enforcement action; ongoing legal defense costs; compliance remediation budget overruns • $100M–$1.3B (regulatory fines; remediation costs; reputational/stock price impact; lost political advertiser relationships; future compliance monitoring costs)

Agency maintains manual spreadsheet audit trail of consent; tracks targeting parameters in unsecured shared files; uses WhatsApp to communicate with legal about compliance risks; conducts manual reviews of audience definitions before launch • Agency manages client compliance via email checklist; Manual vendor approval process; No automated consent auditing for campaigns; Relies on client self-reporting of geo-targeting rules • Brand advertiser Trust & Safety contact manages compliance via email with platform; Manual review of audience composition; Audits of 'who saw my ads' conducted offline; No real-time audit of audience legality