Uber Fined $324 Million in Netherlands for Violating EU Data Rules

Uber has been hit with a hefty fine of 290 million euros ($324 million) by the Dutch Data Protection Authority (DPA) for transferring the personal data of European taxi drivers to the United States in violation of the General Data Protection Regulation (GDPR). The watchdog stated that Uber failed to adequately safeguard this data, constituting a serious breach of privacy laws.

Uber’s spokesperson, Caspar Nixon, strongly disagreed with the ruling, labeling the decision as “flawed” and “unjustified.” He added that Uber’s data transfer practices were compliant with GDPR during a period of uncertainty between the EU and U.S. Nixon expressed confidence that the company would prevail on appeal.

The investigation leading to the fine began after a complaint from a French human rights organization representing over 170 taxi drivers. While the complaint was initially filed in France, it was forwarded to the DPA since Uber’s European headquarters are in the Netherlands.

This is not Uber’s first encounter with the DPA. Earlier this year, the watchdog fined the company 10 million euros ($11 million) for similar privacy infringements. Uber plans to appeal the latest fine, a process that could take up to four years, with fines suspended until all legal avenues are exhausted.