The Dutch info safety guard canine on Monday positioned ride-hailing utility Uber for a “serious violation” of the rules by transferring info concerning its automobile drivers to net servers within the United States.
What the regulatory authority claimed
The regulatory authority hit Uber with a EUR290 million (about $324 million) cost for a violation of the European Union’s General Data Protection Regulation (GDPR).
The Dutch Data Protection Authority (DPA) claimed Uber gathered European automobile drivers’ delicate data. This consisted of taxi licenses, footage, compensation info, place data, identification recordsdata, “and in some cases even criminal and medical data of drivers.”
“Uber did not meet the requirements of the GDPR to ensure the level of protection to the data with regard to transfers to the US. “That is very serious,” DPA chairman Aleid Wolfsen claimed.
Over 2 years, the DPA claimed, the data was moved to Uber’s United States head workplaces with out using switch units that filter data.
“Because of this, the protection of personal data was not sufficient,” the DPA claimed.
What was the motion from Uber?
Uber claimed it could actually attraction the penalty.
“This flawed decision and extraordinary fine are completely unjustified,” a spokesman claimed.
“Uber’s cross-border data transfer process was compliant with GDPR during a three-year period of immense uncertainty between the EU and US. We will appeal and remain confident that common sense will prevail.”
The EU has truly generated rules for big expertise firms and enforced massive penalties for violations.
The DPA launched an examination after higher than 170 French automobile drivers grumbled to a French civil rights single-interest group that grumbled to the French info safety guard canine.
Why was the Dutch regulatory authority included?
Businesses that refine info in quite a few EU nations ought to deal with the data safety authority the place its main office lies. Uber’s European head workplaces stay within the Netherlands.
“In Europe, the GDPR protects the fundamental rights of people, by requiring businesses and governments to handle personal data with due care,” the DPA’s Wolfsen claimed. “But sadly, this is not self-evident outside Europe. Think of governments that can tap data on a large scale. That is why businesses are usually obliged to take additional measures if they store personal data of Europeans outside the European Union.”
It’s the third penalty that the DPA within the Netherlands has truly leveled versus Uber, after prices of EUR600,000 in 2018 and EUR10 million in 2015.
rc/msh (AFP, Reuters)
