The Netherlands has fined Uber hundreds of millions of dollars for failing to provide adequate protection for driver data transferred to the US. The fine covers activity dating back to 2021, when Uber stopped using EU-approved model contracts to cover data transfers out of the EU. The model contracts underwent significant revision in 2021, following a series of court decisions about the legality of transferring data to the US and overturning the Privacy Shield program negotiated between the EU and US regulators.
WHY IT MATTERS
The fine is a large one, especially considering the short time period (two years) it covers. It provides continuing evidence of EU regulators' skepticism about transfer of EU data to the US absent tangible privacy measures.
On the plus side: many US companies have wondered whether the model contracts remain a valid mechanism for data transfer. The decision signals that, despite all the court cases about data transfers, model contracts remain a good option (when used correctly) for US companies doing business in the EU.
/Passle/5fe0c4f453548a10fc881e09/SearchServiceImages/2024-12-02-17-46-50-352-674df28a830c68446ba110de.jpg)
/Passle/5fe0c4f453548a10fc881e09/SearchServiceImages/2024-11-19-20-20-11-574-673cf2fb9e69c3dc65f56d4a.jpg)
/Passle/5fe0c4f453548a10fc881e09/MediaLibrary/Images/2024-11-22-15-51-35-522-6740a887f07133d089d46abd.jpg)