Dutch watchdog fines Uber $324 million for alleged inadequate protection of drivers' data

abcnews.go.com:

The Dutch data protection watchdog has slapped a 290 million euro ($324 million) fine on ride-hailing service Uber for allegedly transferring personal details of European drivers to the United States without adequate protection

THE HAGUE, Netherlands — The Dutch data protection watchdog slapped a 290 million euro ($324 million) fine Monday on ride-hailing service Uber for allegedly transferring personal details of European drivers to the United States without adequate protection. Uber called the decision flawed and unjustified and said it would appeal.

The Dutch Data Protection Authority said the data transfers spanning more than two years amounted to a serious breach of the European Union’s General Data Protection Regulation, which requires technical and organizational measures aimed at protecting user data.

“In Europe, the GDPR protects the fundamental rights of people, by requiring businesses and governments to handle personal data with due care,” Dutch DPA chairman Aleid Wolfsen said in a statement.

“But sadly, this is not self-evident outside Europe. Think of governments that can tap data on a large scale. That is why businesses are usually obliged to take additional measures if they store personal data of Europeans outside the European Union. Uber did not meet the requirements of the GDPR to ensure the level of protection to the data with regard to transfers to the U.S. That is very serious.”

The case was initiated by complaints from 170 French Uber drivers, but the Dutch authority issued the fine because Uber’s European headquarters is in the Netherlands.

Uber insisted it did nothing wrong.

“This flawed decision and extraordinary fine are completely unjustified. Uber’s cross-border data transfer process was