Skip to content

Uber slapped with €290 million fine for sending data to US servers

  • by
  • 2 min read

The Dutch Data Protection Authority (DPA) has levied a record-breaking €290 million ($324 million) against Uber Technologies Inc. for breaching European data protection standards. As per the agency, Uber had been transferring vast amounts of personal information — including taxi licenses, location data, and even criminal and medical records — from Europe to servers in the United States over two years.

This penalty, the highest ever imposed by the Dutch privacy regulator, underscores the growing scrutiny and enforcement of data privacy laws across Europe.

The watchdog revealed that Uber had only rectified the situation last year, ending the prolonged violation of European privacy standards.

Uber has categorically denied any such data transfers and maintains that the company has fully complied with European laws. In a statement to Bloomberg, Uber spokesperson, Casper Nixon calls this penalty “completely unjustified.”

The company has also announced an appeal against the decision.

As per the Digital Markets Act, European data protection authorities can levy find up to 4% of the company’s global turnover.

On the other hand, Aleid Wolfsen, chairman of the Dutch DPA, emphasised the gravity of the situation in a statement, noting that Uber had failed to meet the stringent requirements of transferring data to the United States.

The investigation into Uber was initiated following complaints from over 170 French drivers who raised concerns with a French human rights group. The Dutch DPA took charge of the probe because Uber’s European headquarters is in the Netherlands.

This latest fine is the third penalty imposed on Uber by the Dutch authority. The company has previously been penalised for lack of transparency and for failing to report a data breach to the regulator in 2018 promptly.

Under European data protection law, the authorities wield significant powers, with the ability to fine the company up to 4% of the annual global earnings.

Earlier, the EU issued a preliminary statement indicating that Microsoft may have violated EU antitrust regulations. In June 2024, the EU also flagged Apple for violating the Digital Markets Act as the company has put restrictions on app developers.

In the News: New stealer malware targets Mac credentials and crypto wallets

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>