The Dutch Data Protection Authority (DPA) has imposed a significant fine of 10 million euros ($10.8 million) on popular ride-hailing app Uber for failure to be transparent in its handling of drivers’ personal data. The fine comes in response to a complaint filed by 170 French drivers to a French human rights organization.
The complaint, which was addressed in the Netherlands due to the location of Uber’s European headquarters, alleged that Uber made it unnecessarily complicated for drivers to access and request copies of their personal data. The DPA found that Uber had buried the process within the app, making it difficult to locate, and spread across various menus.
Another issue highlighted by the DPA was Uber’s failure to clearly specify in its privacy terms and conditions the duration for which it retains drivers’ personal data, as well as the security measures it employs when transmitting this information to entities in countries outside the European Economic Area.
Although Uber has taken measures to rectify the situation, the company has chosen to appeal the decision made by the DPA. In response, Uber stated that the DPA had acknowledged that the company had addressed a small number of minor issues highlighted by the drivers, while dismissing the majority of their claims as groundless.
In a statement, Uber emphasized its commitment to continuously improving its data request processes and its willingness to collaborate constructively with authorities to address any concerns raised.
Data protection has become an increasingly critical issue in the digital age, with regulators and governing bodies across the globe taking a firm stance on the protection of individuals’ personal information. Companies that handle personal data, especially those operating in the technology and app industry, face heightened scrutiny to ensure compliance with data protection regulations.
1. Source: Coherent Market Insights, Public sources, Desk research
2. We have leveraged AI tools to mine information and compile it