The Dutch Data Protection Authority (DPA) announced on Monday that it has fined Uber 290 million euros, approximately $324 million, for illegally transferring the personal data of European drivers to U.S. servers.
The regulator described the data transfers as a “serious violation” of the European Union’s General Data Protection Regulation (GDPR), citing Uber’s failure to adequately protect driver information.
“Uber did not meet the GDPR requirements to ensure the level of protection necessary for data transfers to the U.S. That is very serious,” said Aleid Wolfsen, chairman of the Dutch Data Protection Authority, in a statement.
Related News: YouTuber Jailed for Plane Crash Stunt
According to the DPA, Uber collected sensitive information from European drivers, including taxi licenses, location data, photos, payment details, identity documents, and, in some cases, even criminal and medical records.
Over a span of two years, this data was transferred to Uber’s U.S. headquarters without utilizing proper transfer tools, leading to insufficient protection of personal data.
In response, Uber announced its intention to appeal the fine, calling the decision flawed and the fine extraordinary.
“This flawed decision and extraordinary fine are completely unjustified,” an Uber spokesperson said in a statement. “Uber’s cross-border data transfer process was compliant with GDPR during three years of immense uncertainty between the EU and the U.S. We will appeal and remain confident that common sense will prevail.”
You can also read: Nigerian Sprinter Tobi Amusan Dominates Jamaica Athletics Invitational