Because the US ride-hailing service provider allegedly violated European data regulations when transferring personal data, the responsible authority imposed a fine of millions. But the dispute continues.
The Dutch data protection authority has imposed a fine of 290 million euros on Uber because the US ride-hailing service provider is said to have inadequately protected data from European drivers when transmitting it to its headquarters. According to the data protection authority in The Hague, the data stored on servers in the USA included proof of identity and payment details, but sometimes also criminal and medical data of the drivers. Uber has now stopped the violation, which lasted around two years. The ride-hailing service provider announced that it would appeal against the fine.
“This flawed decision and the extraordinary fine are completely unjustified,” said an Uber spokeswoman. Uber’s cross-border data transfer was compliant with data protection rules during a three-year period of great uncertainty between the EU and the US. “We will appeal and are confident that common sense will prevail.”
The data protection authority had launched an investigation against Uber following a complaint from more than 170 French drivers. This complaint initially went to the French data protection authority. However, because Uber’s European headquarters are in the Netherlands, the data protection authority there dealt with the case.
Uber’s data transfer between August 2021 and November 2023 was criticized. This was a period during which the data protection agreement between the EU and the USA was suspended due to European court rulings.
Source: Stern
