Europe’s data protection regulators have received more than 95,000 complaints about possible data breaches, eight months after the adoption of a landmark EU privacy law, the European Commission said on Friday (Jan 25).

The General Data Protection Regulation (GDPR) gives new powers to privacy enforcers, allowing them to levy fines of up to 4 percent of global revenue or 20 million euros ($23 million), whichever is higher.

Last week, the French data protection watchdog slapped a 50 million euro fine on Alphabet-owned Google for failing to properly obtain users’ consent for personalised ads, the largest sanction under GDPR rules to date.

More penalties could come as Europeans become more aware of their rights, EU digital chief Andrus Ansip, European Commission Vice President Frans Timmermans, EU justice chief Vera Jourova and EU digital economy commissioner Mariya Gabriel said in a joint statement.

“What is at stake is not only the protection of our privacy, but also the protection of our democracies and ensuring the sustainability of our data-driven economies,” they said.

The majority of the complaints focused on telemarketing, promotional emails and video surveillance by closed-circuit televisions. Privacy regulators have opened 225 investigations to date.