Uber has been hit with a huge fine in the EU for failing to protect the transfer of driver data.
On Monday, the Dutch Data Protection Authority (DPA) announced it was fineing Uber €290 million (US$325 million) for violating the EU’s sweeping General Data Protection Regulation (GDPR) law.
Uber criticized for not protecting passenger data
The Dutch DPA’s investigation found that Uber collected sensitive data about its drivers – including account details, taxi licences, location data, photos, payment details, identity documents, criminal records and medical data – and stored it on US servers without using appropriate “transfer tools” to transfer the data outside the EU. “This resulted in insufficient protection of personal data,” the statement said.
Mashable Lightspeed
The fine was the result of a complaint filed by 170 French Uber drivers with a France-based human rights organisation, which then escalated the complaint to the Dutch DPA, as Uber’s European headquarters is in the Netherlands.
This isn’t the first time the EU has cracked down on Uber for data privacy violations: in 2018, the transportation and delivery giant was fined €600,000 for a data leak, and in 2023 it was fined €10 million for violating the privacy of its European drivers.
Other big tech companies are also facing the impact of tougher EU laws on protecting user data: In 2021, Amazon was fined $886 million for not complying with GDPR, and more recently, Meta was hit with a massive $1.3 billion fine for improper data transfers to the US.
In its announcement, the Dutch DPA said Uber had “ended its non-compliance,” but in a statement to The Verge, Uber said it plans to appeal the ruling.
topic
Apps and Software Uber
