The Dutch Data Protection Authority (DPA) has fined Uber \u20ac290 million ($324 million) for allegedly failing to comply with the EU data protection regulation GPDR when transferring the personal data of European taxi drivers to the U.S.<\/p>\n\n\n\n
“The Dutch Data Protection Authority (DPA) imposes a fine of 290 million euros on Uber. The Dutch DPA found that Uber transferred personal data of European taxi drivers to the United States (US) and failed to appropriately safeguard the data with regard to these transfers. According to the Dutch DPA, this constitutes a serious violation of the General Data Protection Regulation (GDPR). In the meantime, Uber has ended the violation.” reads the press release<\/a> published by the Dutch Data Protection Authority.<\/em><\/p>\n\n\n\n
“All DPAs in Europe calculate the amount of fines for businesses in the same manner. Those fines amount to a maximum of 4% of the worldwide annual turnover of a business. Uber had a worldwide turnover of around 34.5 billion euro in 2023. Uber has indicated its intent to object to the fine.” concludes the press release. “This is the third fine that the Dutch DPA imposes on Uber. The Dutch DPA imposed a\u00a0fine of 600,000 euro<\/a>\u00a0on Uber in 2018, and a\u00a0fine of 10 million euro<\/a>\u00a0in 2023. Uber has objected to this last fine.”<\/em>
The company refuses any accusation and claims that its data transfer process is compliant with European laws. The company will appeal against the decision, its spokesman Caspar Nixon told<\/strong><\/a> Bloomberg.<\/p>\n\n\n\n
The fine is \u201ccompletely unjustified,\u201d said Caspar Nixon.
Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n
Pierluigi Paganin<\/strong><\/a><\/p>\n\n\n\n
(<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, DPA)<\/strong><\/p>\n\n\n\n