Uber faces a heavy $324 million fine amidst data protection concerns

0comments
Uber faces a heavy $324 million fine amidst data protection concerns
In 2018, the European Union rolled out one of the strictest privacy and security regulations globally: GDPR (General Data Protection Regulation). Despite being an EU law, it applies to any organization that targets or collects data from people in the EU. The latest company to face the heat from this regulation is the ride-hailing giant Uber.

Uber hit with a fine in the Netherlands for transferring driver data to the US


Uber just got hit with its biggest fine ever, as the Dutch Data Protection Authority (DPA) slapped the rideshare company with a €290 million ($324 million when directly converted) penalty. The DPA stated that the fine was imposed because Uber transferred personal data of European taxi drivers to the United States without ensuring the information was properly protected.

The investigation kicked off after a French human rights group filed a complaint on behalf of over 170 taxi drivers in France with the local data protection authority. However, the case was eventually shifted to the Netherlands, where Uber has its EU headquarters.

The DPA labeled the data transfers a "serious violation" of the EU's GDPR, pointing out that Uber didn’t adequately safeguard driver information. The watchdog reported that sensitive details like ID documents, taxi licenses, and location data were sent to the company's US headquarters over two years.

Although EU law permits data transfers to the US, there is still a lot of ambiguity about when these transfers can happen without needing additional approval.


– Aleid Wolfsen, DPA chairman, August 2024

Uber announced its intention to appeal the fine, labeling it as "unjustified."



This marks the third penalty from the DPA against Uber, following fines of €600,000 (about $670,000 directly converted) in 2018 and €10 million (roughly $11 million) last year.

Recommended Stories
The EU has been tightening its grip on big tech companies, rolling out a slew of regulations and hefty fines for violations in recent years. For instance, last year, Irish regulators slapped TikTok with a €345 million (approximately $385 million) fine for breaching children's privacy under GDPR guidelines.

Recently, the same regulator has launched legal action against Twitter International, the Irish division of X, over worries about how the personal data of millions of European users is managed. Meanwhile, Meta has decided to postpone the launch of its AI models in Europe due to concerns regarding its data practices involving Facebook and Instagram users.

I think safeguarding users' data is essential, and stronger regulations for big tech are key to ensuring our online safety. However, clearer laws might also help tech companies introduce new innovations more widely, regardless of where users are located.

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless