Uber fined $11M for violating privacy of EU drivers

Uber is fined nearly $11 million by the Netherlands' data watchdog agency for its lack of transparency and uninformed data policies, violating the privacy rights of EU Uber drivers.

The Dutch Data Protection Authority (DPA) said on Wednesday that Uber will pay just over $10.8 million (€10M) for failing to disclose to its European Union drivers how long it holds on to their personal data and not informing them when it shares that personal data with other non-EU countries.

The DPA also charged that Uber made it difficult for EU drivers to get access to their own personal information to find out exactly what was being stored in the company servers, as well as the security measures in place to keep the data safe.

“Drivers have the right to know how Uber handles their personal data. However, Uber did not explain this with sufficient clarity,” DPA chairman Aleid Wolfsen said.

There are about 120,000 Uber drivers operating in the EU today.

More than 170 drivers based in France first filed the privacy complaint with the French human rights organization known as LDH (Ligue des droits de l’Homme et du citoyen).

Because Uber’s EU headquarters are based in Amsterdam, the DPA took over the case.

The DPA said Uber made it “unnecessarily complicated” for drivers to view or get copies of their data, burying the data request form “deep within the app and spread across various menus.”

Even if drivers successfully navigated the process, the data files given to them were unformatted and hard to read.

“Transparency is a fundamental part of protecting personal data. If you don’t know how your personal data is being handled, you can’t determine whether you are being put at a disadvantage or treated unfairly. And you can’t stand up for your rights," Wolfsen said.

Additionally, Uber’s privacy policies provided no information on how long their data would be retained by the company, or how that data was protected when being sent to outside entities.

"This shows that Uber put all sorts of obstacles in place that blocked drivers from exercising their right to privacy, and that is prohibited. In fact, Uber should be facilitating drivers in their rights. This is laid down by law," Wolfsen said.

Uber drivers in the EU are considered 'employees' and therefore afforded more workers' rights than in the US, where its drivers are only classified as 'independent contractors.'

Uber formally disagreed with the DPA’s decision, lodging a notice of an objection, but has since taken steps to remediate the violations, the agency stated.

More from Cybernews:

Meta, TikTok, X CEOs face query over surge in child exploitation

Football Australia leak exposes players’ details

Mercedes source code exposed via GitHub token leak

Google TV users lash out at home screen ad invasion

Robot reported in hit-and-run incident

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked