Louis-Marie Guérif, Piano Data Privacy Officer, explains the three main categories of risk non-compliant businesses may face. Data protection authorities can issue fines up to 4% of total revenue for non-compliance. Companies in breach are also subject to reputations damage as offenders are often highly publicized. Finally, there is a risk to data processing. Data authorities can mandate the deletion of any data that has been collected unlawfully.