3 weeks ago
24
The Dutch Data Protection Authority announced on Monday that it has fined the ride-hailing app, Uber, 290 million euros, approximately $324 million for transferring the personal data of European drivers to U.S. servers.
The regulator said the transfers were a “serious violation” of the European Union’s General Data Protection Regulation as they failed to appropriately protect driver information.
“Uber did not meet the requirements of the GDPR to ensure the level of protection to the data concerning transfers to the US. That is very serious,” Dutch Data Protection Authority chairman, Aleid Wolfsen, said in a statement.
The DPA said Uber collected sensitive information of European drivers, including taxi licences, location data, photos, payment details, identity documents, “and in some cases even criminal and medical data of drivers”.
Over two years, the DPA said, the information was transferred to Uber’s US headquarters without using transfer tools.
“Because of this, the protection of personal data was not sufficient,” the DPA said.
Uber said it would appeal the fine.
“This flawed decision and extraordinary fine are completely unjustified,” an Uber spokesperson said in a statement
“Uber’s cross-border data transfer process was compliant with GDPR during 3 years of immense uncertainty between the EU and the US. We will appeal and remain confident that common sense will prevail,” the statement said.
AFP
All rights reserved. This material, and other digital content on this website, may not be reproduced, published, broadcast, rewritten or redistributed in whole or in part without prior express written permission from PUNCH.
Contact: [email protected]
English (US) ·