Monday, August 26, 2024 Dutch and French regulators fined Uber €290 million for failing to protect drivers’ data during transfers outside the EU, following privacy violations. Dutch and French regulators have imposed a €290 million fine on Uber for inadequately safeguarding the privacy of its drivers during data transfers outside the European Union. The penalty was officially handed down in July following a collective complaint from the French Human Rights League, which represented over 170 Uber drivers.
Regulatory bodies criticized Uber for failing to provide adequate protection for sensitive driver information when moving data to servers in the United States. The compromised data included account details, taxi licenses, location information, photos, payment details, identity documents, and, in some instances, even criminal and medical records. This enforcement action follows the implementation of the new Data Privacy Framework, which resolved a three-year period of legal uncertainty for technology companies.
The investigation was overseen by Dutch authorities due to Uber’s EU headquarters being located in the Netherlands. Notably, Uber had already faced a €10 million fine last year for multiple GDPR violations..