@RaceProUK i will never understand why aren't these fines, since their first draft, automatically, calculated as "% of company's/individual's gross worldwide yearly income"
The next one does in fact do that. The GDPR (Euroweenie ruling) that comes into force next year has fines defined this way. Or at least, it has them laid out in terms of maximum fine because all breaches are not equal.
The GDPR lays out that there are two tiers - for businesses that are 'the most important for data protection' have the fine up to €20M or 4% of global annual turnover for the preceding financial year, whichever is the greater.
Lesser entities, the figures are half that - €10M or 2% of last year's turnover, whichever is the greater. But these are maximum figures rather than the instant rules - partly because this would make all smaller businesses effectively defunct (because who's going to do business with that kind of fine if it is equally applied to every type of breach)
But since this is EU-wide rather than worldwide, we'll just see a different kind of Hollywood accounting for places like Facebook that will just shuffle money in a different way to avoid this being a risk in the first place.