Uber hit with a wonderful within the Netherlands for transferring driver knowledge to the US
Uber simply obtained hit with its greatest wonderful ever, as the Dutch Information Safety Authority (DPA) slapped the rideshare firm with a €290 million ($324 million when immediately transformed) penalty. The DPA acknowledged that the wonderful was imposed as a result of Uber transferred private knowledge of European taxi drivers to america with out making certain the data was correctly protected.The investigation kicked off after a French human rights group filed a grievance on behalf of over 170 taxi drivers in France with the native knowledge safety authority. Nonetheless, the case was finally shifted to the Netherlands, the place Uber has its EU headquarters.
The DPA labeled the information transfers a “severe violation” of the EU’s GDPR, mentioning that Uber didn’t adequately safeguard driver data. The watchdog reported that delicate particulars like ID paperwork, taxi licenses, and site knowledge have been despatched to the corporate’s US headquarters over two years.
Though EU regulation permits knowledge transfers to the US, there may be nonetheless lots of ambiguity about when these transfers can occur without having further approval.
Uber didn’t meet the necessities of the GDPR to make sure the extent of safety to the information with regard to transfers to the US. That may be very severe.
– Aleid Wolfsen, DPA chairman, August 2024
Uber introduced its intention to attraction the wonderful, labeling it as “unjustified.”
Stats present that Uber is a well-liked ride-sharing app throughout many European nations.
This marks the third penalty from the DPA towards Uber, following fines of €600,000 (about $670,000 immediately transformed) in 2018 and €10 million (roughly $11 million) final 12 months.
The EU has been tightening its grip on large tech firms, rolling out a slew of laws and hefty fines for violations in recent times. As an illustration, final 12 months, Irish regulators slapped TikTok with a €345 million (roughly $385 million) wonderful for breaching youngsters’s privateness underneath GDPR tips.
Just lately, the identical regulator has launched authorized motion towards Twitter Worldwide, the Irish division of X, over worries about how the private knowledge of thousands and thousands of European customers is managed. In the meantime, Meta has determined to postpone the launch of its AI fashions in Europe on account of issues relating to its knowledge practices involving Fb and Instagram customers.
I believe safeguarding customers’ knowledge is important, and stronger laws for giant tech are key to making sure our on-line security. Nonetheless, clearer legal guidelines may also assist tech firms introduce new improvements extra broadly, no matter the place customers are situated.