The Danish Data Protection Authority has requested a fine against a recruitment company. The company had deleted personal data that was the subject of a request for information after receiving the request and before providing the information. The data protection authority reported the company to the police and recommended a fine of 50,000 Danish kroner (approximately CHF 7,100).
Unlike in most Member States, the data protection authority in Denmark cannot impose a fine itself; the police investigate the case and a court has to decide on a fine. See recital 151:
According to the legal systems Denmark’s and Estonia the fines provided for in this Ordinance shall not be allowed. The provisions on fines may be applied in such a way that the fine in Denmark through the competent national courts as a penalty and in Estonia through the Supervisory authority within the framework of misdemeanor proceedings imposed, provided that such application of the rules in those Member States has the same effect as the fines imposed by the supervisory authorities. Therefore, the competent national courts should take into account the recommendation of the supervisory authority that initiated the fine. In any event, the fines imposed should be effective, proportionate and dissuasive.