(qlmbusinessnews.com Tues. 27th Aug, 2024) London, UK —
EU Slaps Uber with Massive Fine Over Illegal Data Transfers
Uber has been handed a hefty €290 million (£246 million; $324 million) fine by the Dutch Data Protection Authority (DPA) for unlawfully transferring personal data of European drivers to servers in the United States, in breach of the EU's stringent General Data Protection Regulation (GDPR). The DPA has deemed these transfers a “serious violation” due to the failure to adequately protect sensitive driver information.
Over a two-year period, Uber reportedly transferred data including identity documents, taxi licences, and location details to its US headquarters. The company has announced its intention to appeal the fine, labelling it as “unjustified.” An Uber spokesperson stated, “Uber’s cross-border data transfer process was compliant with GDPR during a 3-year period of immense uncertainty between the EU and US.” The company argued that the fine and the decision itself are flawed.
While EU law permits data transfers to the US under certain conditions, there is ongoing ambiguity about the specific circumstances under which such transfers are permissible without additional authorisation. DPA chairman Aleid Wolfsen criticised Uber for not ensuring an adequate level of protection for the data when transferring it to the US, describing the lapse as “very serious” and noting that the company also failed to properly safeguard the information.
The investigation leading to this fine was initiated after more than 170 French drivers lodged complaints with a French human rights organisation, which subsequently reported the issue to France's data protection watchdog. The DPA highlighted that Uber had collected and transferred sensitive data, including driver’s taxi licences, payment details, identity documents, and, in some cases, criminal and medical records.
Under GDPR regulations, companies operating across multiple EU countries are required to handle data through the data protection authority based in the country where their main office is located. For Uber, this is the Netherlands. The DPA’s action against Uber marks the third time the company has been fined, following penalties of €600,000 in 2018 and €10 million last year.
This case adds to a growing list of significant fines imposed on major tech companies for GDPR violations, as the EU continues to enforce strict regulations on data protection. In a similar case last year, TikTok was fined €345 million by Irish regulators for breaching children's privacy laws under GDPR.
This News Story is brought to you by QLM Business News, your Digital Media Channel
Visit QLM businessnews.com
For more business news stories also follow us on Facebook, X and Youtube.
To Help qlm business news bring you more new stories like this, please like, share and subscribe.
Unlock unparalleled business growth and effortlessly attract a stream of new customers through QLM Business News Sponsored Advertising. Elevate your brand's presence and captivate your target audience with precision. Visit QLMbusinessnews.com and click on “Advertise” to harness the power of strategic advertising. Don't miss this unparalleled opportunity to propel your business to new heights of success!
Disclaimer: All images presented herein are intended solely for illustrative purposes and may not accurately depict the true likeness of the subjects, objects, or individuals referencted in the accompanying news stories.