Uber has acquired its largest fine so far, with the Dutch Data Protection Authority (DPA) issuing a €290 million ($324 million) penalty to the rideshare firm. The regulatory physique introduced it had issued the high-quality in response to Uber transferring the non-public knowledge of European taxi drivers into the US with out correctly safeguarding the knowledge. The criticism got here from France, however the case was moved to Holland, the place Uber’s EU headquarters are situated.
The Dutch DPA discovered that Uber took account particulars, taxi licenses, location knowledge, images, cost particulars, id paperwork and extra from European drivers and transferred them to servers at their US headquarters for over two years. Throughout this era, Uber did not use any switch instruments, a call the Dutch DPA has deemed precipitated inadequate safety. “In Europe, the GDPR protects the basic rights of individuals, by requiring companies and governments to deal with private knowledge with due care,” Dutch DPA chairman Aleid Wolfsen mentioned in a press release. “Uber didn’t meet the necessities of the GDPR to make sure the extent of safety to the information with regard to transfers to the US. That could be very severe.”
The Dutch DPA has fined Uber twice earlier than, first imposing a €600,000 ($670,000) fine in 2018 after the corporate did not report a knowledge breach that occurred two years earlier inside a 72-hour timeframe. In 2023, the Dutch DPA fined Uber €10 million ($11.2 million) for not absolutely detailing its knowledge retention intervals (relating to details about European drivers) or the non-European nations the place it shares knowledge. Uber objected to the latter high-quality and has made its intentions clear to combat the €290 million.
Trending Merchandise