What caused Bounty UK's £400,000 ICO fine ?

Selling 34.4M user records without informed consent, under pre-GDPR Data Protection Act.

How does GDPR change data sharing rules?

Requires specific consent, transparent notices, lawful basis checks — fines up to 4% global revenue.

Can companies legally sell customer data after GDPR?

Yes, with explicit, granular consent and compliance on transfers, bases, transparency.

Bounty UK's £400K Wake-Up: Data Brokering's Reckoning Before GDPR Even Hit

Everyone figured GDPR would be the big stick for data hogs. But Bounty's £400K fine under old UK law proves regulators were swinging hard even before the hammer dropped.

theAIcatchup Apr 07, 2026 4 min read

⚡ Key Takeaways

Bounty's £400K fine under old law shows regulators meant business pre-GDPR. 𝕏
Consent must be granular and informed — no burying data sales in fine print. 𝕏
Data brokering models face existential threats; pivot to trust or pay up. 𝕏

Published by

theAIcatchup

Where law meets technology.

#Bounty UK #GDPR compliance #ICO fine #data sharing

Worth sharing?

Get the best Legal Tech stories of the week in your inbox — no noise, no spam.

Originally reported by GDPR.eu Blog

⚡ Key Takeaways

The 60-Second TL;DR

theAIcatchup

Share this article

Worth sharing?

Related Stories

Danish Taxi App's €160K GDPR Wake-Up: Names Gone, Fines Stay

Remote Work's Data Defenses: Encryption, Policies, and the GDPR Edge

Europe's Small Businesses: GDPR Compliant? Hardly – Survey Exposes the Mess

Mission Creep: Surveillance Tech's Slow Poison

Stay in the loop