Uber facing a hefty €290 million fine due to unauthorized disclosure of driver information.
American ride-sharing service Uber has been slapped with a €290 million fine by Dutch officials for shifting personal data of European cabbies to the U.S. and lacking proper protection.
According to the Dutch Data Protection Authority (DPA), Uber transferred the sensitive information of European cab drivers to the United States and didn't provide ample security, which is a major breach of the General Data Protection Regulation (GDPR). Uber has stopped this practice afterward. The company intends to challenge the verdict, arguing that "Uber's cross-border data transfer procedure adhered to the GDPR during a three-year span of uncertainty between the EU and the U.S."
The probing started due to a complaint from French drivers. The French Data Protection Authority declared that it cooperated with its Dutch counterpart, where Uber holds its European headquarters.
The Dutch Data Protection Authority, also known as The Commission, imposed a €290 million fine on Uber for violating GDPR by transferring European cabbies' data to the U.S. without sufficient protection. The Commission and the French Data Protection Authority collaborated to investigate Uber's data handling practices due to a complaint from French drivers.