The Netherlands fined Uber 290 million euros

The Dutch Personal Data Protection Authority (AP) said on Monday that it had imposed a fine of 290 million euros on Uber due to the transfers of insufficient security data from European drivers to the United States. Dutch regulators believe that Uber, a European company based in the Netherlands, is guilty “The tough nature of the General Data Protection Regulation (GDPR)” in power in the European Union.

“Uber failed to ensure the level of driver protection required by the GDPR for data transfers to the United States. It is very important”underscored in a press release AP President, Aleid Wolfsen. The Dutch president said that Uber received sensitive information about European drivers, including taxi licenses, location data, photos, payment details, identification documents, “and in some cases even the driver’s criminal and medical data”. “The company transferred this data to Uber’s US headquarters for over 2 years, without using a transfer tool”AP said. “As a result, personal data protection is insufficient”he noted.

Uber will appeal the fine. “This unjustified decision and completely unjustified fine is completely unjustified”said a spokesperson was released. “Uber’s cross-border data transfer policy is GDPR compliant during a three-year period of great uncertainty between the EU and the US”he added. “We will plead and trust that common sense will prevail”it indicates.

Read again“It will make our work more difficult, if not impossible”: Uber launches water taxis in Venice, to the dismay of gondoliers

Complaints in France

The EU has set a series of rules for large tech companies and in recent years has imposed large fines for violations. The AP opened an investigation into Uber after a complaint in France from more than 170 drivers. The study was conducted in collaboration with the National Commission for Information Technology and Liberties (CNIL). Under the GDPR, the actions of a company that processes data in several EU countries are controlled by the data protection authority where the head office is located.

“In Europe, GDPR protects basic human rights by requiring businesses and governments to handle personal data with care”affirmed Aleid Wolfsen. “Unfortunately, this does not happen outside of Europe. Think about governments that can use data at scale”added Aleid Wolfsen. “This is why companies are generally required to take additional measures when storing personal data of European citizens outside the European Union,” he continued. Uber has now stopped the crime, according to AP. This is the third fine imposed by the Dutch regulator on Uber. In 2018, Uber was fined 600,000 euros and in 2023 a fine of 10 million euros. Uber appealed this new fine.