Dutch watchdog fines Uber €290 million
The Dutch data-protection watchdog has fined taxi-hailing platform Uber €290 million for failing to properly transfer information on its drivers to the US.
Its investigation followed a complaint from 170 French Uber drivers that was eventually forwarded to the Dutch body, as the country is the home of Uber’s European headquarters.
The Dutch authority found that Uber collected “sensitive information” about drivers from Europe and retained it on servers in the US for two years, from August 2021.
GDPR breach
The data was transferred in breach of the GDPR, as Uber was not using the Standard Contractual Clauses that provided a valid basis for such transfers at the time.
The EU’s highest court had invalidated the previous EU-US data-transfer agreement, Privacy Shield, in 2020. Since last year, Uber has been using the successor to Privacy Shield.
“Uber did not meet the requirements of the GDPR to ensure the level of protection to the data with regard to transfers to the US. That is very serious," said the chair of the Dutch watchdog Aleid Wolfsen.