Meta Signs Multi-Billion Dollar AI Chip Deal With Google to Power Next-Gen AI Models 
Trump Pushes Tech Giants to Build Power Plants to Offset AI Data Center Energy Costs 
OpenAI Pentagon AI Contract Adds Safeguards Amid Anthropic Dispute 
Anthropic Refuses Pentagon Request to Remove AI Safeguards Amid Defense Contract Dispute 
Snowflake Forecasts Strong Fiscal 2027 Revenue Growth as Enterprise AI Demand Surges 
Flare, Xaman Roll Out One-Click DeFi Vault for XRP Yield via XRPL Wallets 
OpenAI Hires Former Meta and Apple AI Leader Ruomin Pang Amid Intensifying AI Talent War 
Netflix Declines to Raise Bid for Warner Bros. Discovery Amid Competing Paramount Skydance Offer 
Nintendo Share Sale: MUFG and Bank of Kyoto to Sell Stakes in Strategic Unwinding 
Nvidia Earnings Beat Expectations as AI Demand Surges, Stock Rises on Strong Revenue Outlook 
Amazon’s $50B OpenAI Investment Tied to AGI Milestone and IPO Plans 
Hyundai Motor Plans Multibillion-Dollar Investment in Robotics, AI and Hydrogen in South Korea 
xAI’s Grok Secures Pentagon Deal for Classified Military AI Systems Amid Anthropic Dispute 
Boeing Secures $166.8 Million U.S. Navy Contract for P-8A Engineering and Software Support 
Trump Media Weighs Truth Social Spin-Off Amid $6B Fusion Energy Pivot 
FCC Approves Charter Communications’ $34.5 Billion Acquisition of Cox Communications 
Uber has been fined $324 million by the Dutch Data Protection Authority for violating the EU’s GDPR by transferring European drivers' data to the U.S. without adequate protection. The company plans to appeal, asserting that its data transfer processes were compliant during a period of legal uncertainty.
Uber Hit with $324M Fine by Dutch Authority for Alleged GDPR Violations in Data Transfers to U.S.
Uber, a ride-hailing service, was fined 290 million euros ($324 million) by the Dutch data protection authority on August 26 for allegedly transferring the personal details of European drivers to the United States without adequate protection. Uber declared the decision defective and unjustified and announced it would file an appeal.
The Dutch Data Protection Authority declared that the data transfers, which spanned over two years, constituted a severe violation of the General Data Protection Regulation of the European Union. This regulation mandates implementing technical and organizational measures to safeguard user data.
"In Europe, the GDPR protects the fundamental rights of people, by requiring businesses and governments to handle personal data with due care," Dutch DPA chairman Aleid Wolfsen said in a statement.
"But sadly, this is not self-evident outside Europe. Think of governments that can tap data on a large scale. That is why businesses are usually obliged to take additional measures if they store personal data of Europeans outside the European Union. Uber did not meet the requirements of the GDPR to ensure the level of protection to the data with regard to transfers to the U.S. That is very serious."
The Dutch authority imposed the sanction because Uber's European headquarters is in the Netherlands, even though complaints from 170 French drivers initiated the case, per Nikkei Asia.
Uber maintained that it had committed no violations.
"This flawed decision and extraordinary fine are completely unjustified. Uber's cross-border data transfer process was compliant with GDPR during a 3-year period of immense uncertainty between the E.U. and the U.S. We will appeal and remain confident that common sense will prevail," the company said.
Privacy Shield's Invalidation Sparks GDPR Breach Allegations Against Uber, Leading to $324M Fine
The alleged breach occurred after the E.U.'s highest court ruled in 2020 that the Privacy Shield agreement, which permitted thousands of companies, including tech titans and small financial firms, to transfer data to the United States, was invalid due to the American government's ability to snoop on individuals' data.
The Dutch data protection agency stated that standard contract clauses could serve as a foundation for data transfers outside the E.U. in the wake of the E.U. court ruling, "but only if an equivalent level of protection can be ensured in practice."
"Because Uber no longer used Standard Contractual Clauses from August 2021, the data of drivers from the E.U. were insufficiently protected," the watchdog said. It added that Uber has been using the successor to Privacy Shield since the end of last year, ending the alleged breach.
The Computer & Communications Industry Association, an advocacy organization for technology companies, alleged that the sanction failed to consider the realities of online business in the wake of the 2020 E.U. court ruling.
"The busiest internet route in the world could not simply be put on hold for three entire years while governments worked to establish a new legal framework for these data flows," the association's European head of policy, Alexandre Roure, said in a statement.
"Any retroactive fines by data protection authorities are especially worrisome given that these very privacy watchdogs failed to provide helpful guidance during this period of significant legal uncertainty, in absence of any clear legal framework," he added.
Uber has been penalized by the Dutch data protection authority numerous times, including the August 26 announcement. The agency imposed a fine of 10 million euros in January for the company's failure to disclose the duration of data retention from drivers in Europe or to identify the non-EU countries with which it shared the data.
