Trip-hailing platform Uber has been fined 290 million euros ($324 million) within the Netherlands for sending private information of European taxi drivers to the US in breach of EU guidelines, Dutch information safety watchdog DPA stated on Monday.
Uber has now stopped this observe, the DPA added.
“This flawed resolution and extraordinary nice are utterly unjustified,” Uber spokesman Caspar Nixon instructed Reuters in an e mail.
“Uber’s cross-border information switch course of complied with the GDPR throughout a three-year interval of immense uncertainty between the EU and the US,” he added, saying the corporate would attraction and was assured that “widespread sense would prevail.”
The DPA stated Uber transferred private information to the US and didn’t adequately defend the info.
“This constitutes a severe violation of the Normal Knowledge Safety Regulation (GDPR),” he stated.
Uber can attraction the choice to the DPA and, if unsuccessful, can file a lawsuit within the Dutch courts. The attraction course of is anticipated to take about 4 years and fines will likely be suspended till all authorized cures have been exhausted, in keeping with the DPA.
The investigation was launched after a French human rights organisation filed a criticism on behalf of greater than 170 taxi drivers in France with the nation’s information safety authority. Nonetheless, since Uber has its European headquarters within the Netherlands, the criticism was referred to the info safety authority.
France’s nationwide information safety regulator CNIL stated in a separate assertion that it had cooperated with the DPA.
In a associated case, the DPA fined Uber 10 million euros ($11 million) in January for violating privateness laws concerning its drivers’ private information.