Dutch watchdog fines Uber $324 million for alleged inadequate protection of drivers' data (2024)

The Dutch data protection watchdog slapped a $324 million fine Monday on ride-hailing service Uber for allegedly transferring personal details of European drivers to the United States without adequate protection. Uber called the decision flawed and unjustified and said it would appeal.Related video above: Massive data breach compromised records of up to 2.9B peopleThe Dutch Data Protection Authority said the data transfers spanning more than two years amounted to a serious breach of the European Union’s General Data Protection Regulation, which requires technical and organizational measures aimed at protecting user data.“In Europe, the GDPR protects the fundamental rights of people, by requiring businesses and governments to handle personal data with due care,” Dutch DPA chairman Aleid Wolfsen said in a statement.“But sadly, this is not self-evident outside Europe. Think of governments that can tap data on a large scale. That is why businesses are usually obliged to take additional measures if they store personal data of Europeans outside the European Union. Uber did not meet the requirements of the GDPR to ensure the level of protection to the data with regard to transfers to the U.S. That is very serious.”The case was initiated by complaints from 170 French Uber drivers, but the Dutch authority issued the fine because Uber’s European headquarters is in the Netherlands.Uber insisted it did nothing wrong.“This flawed decision and extraordinary fine are completely unjustified. Uber’s cross-border data transfer process was compliant with GDPR during a 3-year period of immense uncertainty between the EU and U.S. We will appeal and remain confident that common sense will prevail,” the company said in a statement.The alleged breach came after the EU’s top court ruled in 2020 that an agreement known as Privacy Shield that allowed thousands of companies — from tech giants to small financial firms — to transfer data to the United States was invalid because the American government could snoop on people’s data.The Dutch data protection agency said that following the EU court ruling, standard clauses in contracts could provide a basis for transferring data outside the EU, “but only if an equivalent level of protection can be guaranteed in practice.”“Because Uber no longer used Standard Contractual Clauses from August 2021, the data of drivers from the EU were insufficiently protected,” the watchdog said. It added that Uber has been using the successor to Privacy Shield since the end of last year, ending the alleged breach.The Computer & Communications Industry Association, an advocacy organization for tech companies, said the fine ignored the realities of online business in the aftermath of the 2020 EU court ruling.“The busiest internet route in the world could not simply be put on hold for three entire years while governments worked to establish a new legal framework for these data flows,” the association's European head of policy, Alexandre Roure, said in a statement.“Any retroactive fines by data protection authorities are especially worrisome given that these very privacy watchdogs failed to provide helpful guidance during this period of significant legal uncertainty, in absence of any clear legal framework,” he added.Monday's announcement is not the first time the Dutch data protection watchdog has fined Uber. In January, the agency fined it 10 million euros over what it said was the company's failure to disclose how long it retained data from drivers in Europe or to name non-EU countries it shared the data with.

THE HAGUE, Netherlands —

The Dutch data protection watchdog slapped a $324 million fine Monday on ride-hailing service Uber for allegedly transferring personal details of European drivers to the United States without adequate protection. Uber called the decision flawed and unjustified and said it would appeal.

Related video above: Massive data breach compromised records of up to 2.9B people

The Dutch Data Protection Authority said the data transfers spanning more than two years amounted to a serious breach of the European Union’s General Data Protection Regulation, which requires technical and organizational measures aimed at protecting user data.

“In Europe, the GDPR protects the fundamental rights of people, by requiring businesses and governments to handle personal data with due care,” Dutch DPA chairman Aleid Wolfsen said in a statement.

“But sadly, this is not self-evident outside Europe. Think of governments that can tap data on a large scale. That is why businesses are usually obliged to take additional measures if they store personal data of Europeans outside the European Union. Uber did not meet the requirements of the GDPR to ensure the level of protection to the data with regard to transfers to the U.S. That is very serious.”

The case was initiated by complaints from 170 French Uber drivers, but the Dutch authority issued the fine because Uber’s European headquarters is in the Netherlands.

Uber insisted it did nothing wrong.

“This flawed decision and extraordinary fine are completely unjustified. Uber’s cross-border data transfer process was compliant with GDPR during a 3-year period of immense uncertainty between the EU and U.S. We will appeal and remain confident that common sense will prevail,” the company said in a statement.

The alleged breach came after the EU’s top court ruled in 2020 that an agreement known as Privacy Shield that allowed thousands of companies — from tech giants to small financial firms — to transfer data to the United States was invalid because the American government could snoop on people’s data.

The Dutch data protection agency said that following the EU court ruling, standard clauses in contracts could provide a basis for transferring data outside the EU, “but only if an equivalent level of protection can be guaranteed in practice.”

“Because Uber no longer used Standard Contractual Clauses from August 2021, the data of drivers from the EU were insufficiently protected,” the watchdog said. It added that Uber has been using the successor to Privacy Shield since the end of last year, ending the alleged breach.

The Computer & Communications Industry Association, an advocacy organization for tech companies, said the fine ignored the realities of online business in the aftermath of the 2020 EU court ruling.

“The busiest internet route in the world could not simply be put on hold for three entire years while governments worked to establish a new legal framework for these data flows,” the association's European head of policy, Alexandre Roure, said in a statement.

“Any retroactive fines by data protection authorities are especially worrisome given that these very privacy watchdogs failed to provide helpful guidance during this period of significant legal uncertainty, in absence of any clear legal framework,” he added.

Monday's announcement is not the first time the Dutch data protection watchdog has fined Uber. In January, the agency fined it 10 million euros over what it said was the company's failure to disclose how long it retained data from drivers in Europe or to name non-EU countries it shared the data with.

Cruise will dispatch some of its trouble-ridden robotaxis to join Uber's ride-hailing service

Dutch watchdog fines Uber $324 million for alleged inadequate protection of drivers' data (2024)

References

Top Articles
Issue December 2003 - MotorTrend
The UPS Store | Ship & Print Here > 3705 Ellison Dr NW
Otc School Calendar
Hsqa Online Renewal System
scotty rasmussen paternity court
Buy Quaaludes Online
Vacature Ergotherapeut voor de opname- en behandelafdeling Psychosenzorg Brugge; Vzw gezondheidszorg bermhertigheid jesu
O'reilly's In Monroe Georgia
Craigslist Richmond Ba
Muckleshoot Bingo Calendar
Taterz Salad
Nashville Tranny
Iapd Lookup
Hudson River Regional Conference Inc. · 112-14 107th ave., South Richmond Hill, NY 11419
Fy23 Ssg Evaluation Board Fully Qualified List
Lake Charles, LA Houses and Single Family Homes For Rent | realtor.com®
I Don'T Give A Rat'S Ass: The Meaning And Origin Of This Phrase - Berry Patch Farms
Zulrah Strat Osrs
Megnutt Health Benefits
Chris Evert Twitter
Dirty Old Man Birthday Meme
Cappacuolo Pronunciation
New Haven Music Festival
Ma.speedtest.rcn/Merlin
12 Week Glute Program to Transform Your Booty with Free PDF - The Fitness Phantom
Yellow Kitchen Curtains Walmart
Idaho Falls Temple Prayer Roll
Junior's Barber Shop & Co — Jupiter
Perfect Coffee Shop Recipe Cool Math Games
Family Leisure Sale
Wayne Carini How Tall
Air Quality Index Endicott Ny
Recharging Iban Staff
Rs3 Bis Perks
No title - PDF Free Download
Jetnet Retirees Aa
Directions To Truist Bank Near Me
Aeorian Security Cannon
Super Bowl 17 Ray Finkle
Ece 2300 Osu
How To Get Mini Tusks In Blox Fruits
Rubmd.com.louisville
Yakini Q Sj Photos
Sutter Immunization Clinic Mountain View
Oriley Auto Parts Hours
Wgu Admissions Login
Barbie: A Touch of Magic
German American Bank Owenton Ky
水餃 家園
Nurselogic Testing And Remediation Beginner
19 BEST Stops on the Drive from Te Anau to Milford Sound +Road Trip Tips!
Choices’ summer movie preview
Latest Posts
Article information

Author: Arielle Torp

Last Updated:

Views: 5681

Rating: 4 / 5 (61 voted)

Reviews: 84% of readers found this page helpful

Author information

Name: Arielle Torp

Birthday: 1997-09-20

Address: 87313 Erdman Vista, North Dustinborough, WA 37563

Phone: +97216742823598

Job: Central Technology Officer

Hobby: Taekwondo, Macrame, Foreign language learning, Kite flying, Cooking, Skiing, Computer programming

Introduction: My name is Arielle Torp, I am a comfortable, kind, zealous, lovely, jolly, colorful, adventurous person who loves writing and wants to share my knowledge and understanding with you.