David Bridges
Uber has obtained its largest fantastic thus far, with the Dutch Knowledge Safety Authority (DPA) issuing a €290 million ($324 million) penalty to the rideshare firm. The regulatory physique introduced it had issued the fantastic in response to Uber transferring the non-public knowledge of European taxi drivers into the USA with out correctly safeguarding the data. The grievance got here from France, however the case was moved to Holland, the place Uber’s EU headquarters are situated.
The Dutch DPA discovered that Uber took account particulars, taxi licenses, location knowledge, images, cost particulars, id paperwork and extra from European drivers and transferred them to servers at their US headquarters for over two years. Throughout this era, Uber did not use any switch instruments, a choice the Dutch DPA has deemed triggered inadequate safety. “In Europe, the GDPR protects the basic rights of individuals, by requiring companies and governments to deal with private knowledge with due care,” Dutch DPA chairman Aleid Wolfsen mentioned in a press release. “Uber didn’t meet the necessities of the GDPR to make sure the extent of safety to the information with regard to transfers to the US. That may be very critical.”
The Dutch DPA has fined Uber twice earlier than, first imposing a €600,000 ($670,000) fantastic in 2018 after the corporate did not report a knowledge breach that occurred two years earlier inside a 72-hour timeframe. In 2023, the Dutch DPA fined Uber €10 million ($11.2 million) for not totally detailing its knowledge retention durations (relating to details about European drivers) or the non-European nations the place it shares knowledge. Uber objected to the latter fantastic and has made its intentions clear to combat the €290 million.
Daniel Mercer
Brandon Fletcher
