/wion/media/agency_attachments/2024/12/26/2024-12-26t112006978z-wion-white-logo-for-website-2-1.png){kind=logo}
/wion/media/agency_attachments/2024/12/13/2024-12-13t071548098z-wionlogo.webp)
/wion/media/member_avatars/sites/default/files/styles/medium/public/2020/03/20/133766-wion2.jpg)
/wion/media/member_avatars/sites/default/files/styles/medium/public/2020/03/20/133766-wion2.jpg)
/wion/media/post_attachments/files/2024/08/21/450467-uber-logo.JPG){kind=logo}
New Delhi
The ride-hailing platform Uber has been fined 290 million euros (USD 324 million) by the Netherlands' data protection authority (DPA) for unlawfully transferring the personal data of European taxi drivers to the United States, in violation of EU regulations, according to a statement released by the DPA on Monday. The Dutch watchdog noted that Uber has since ceased this data transfer practice.
In response to the ruling, Uber spokesperson Caspar Nixon expressed strong disagreement, describing the decision and the hefty fine as "completely unjustified." In an email to Reuters, Nixon stated that Uber's cross-border data transfer process adhered to GDPR requirements during a "three-year period of immense uncertainty between the EU and the U.S." He also mentioned that Uber plans to appeal the decision and is confident that "common sense will prevail."
The DPA's investigation revealed that Uber transferred personal data to the United States without implementing adequate safeguards, which the authority deemed a significant breach of the General Data Protection Regulation (GDPR). The DPA emphasised that this failure constitutes a serious violation of the GDPR.
Uber has the option to appeal the DPA's decision. If the appeal is unsuccessful, Uber can escalate the case to the Dutch courts. The DPA indicated that the appeals process could take up to four years, and any fines will be suspended until all legal avenues have been exhausted.
The investigation into Uber's data practices was initiated after a French human rights organization filed a complaint on behalf of more than 170 taxi drivers in France with the country's data protection authority. Since Uber's European headquarters is located in the Netherlands, the complaint was transferred to the DPA. The French national data protection regulator, CNIL, confirmed in a separate statement that it had collaborated with the DPA on this case.
In a related matter, the DPA imposed a separate fine of 10 million euros (USD 11 million) on Uber in January for violating privacy regulations concerning its drivers' personal data.