Netherlands: Issued ruling in Dutch Data Protection Authority Investigation into Uber's Alleged Infringement of Privacy Regulations against drivers

On 31 January 2024, the Dutch Data Protection Authority (AP) issued a ruling in the investigation into Uber Technologies, Inc. and Uber B.V. (Uber) for failures to disclose certain information related to its data practices in violation of privacy regulations. The AP imposed a fine of EUR 10 million on Uber for failing to disclose the full details of its retention periods for data concerning European drivers, and for not naming the non-European countries in which it shares this data. The AP also found that Uber had obstructed its drivers’ efforts to exercise their right to privacy. The fine was imposed after more than 170 French drivers complained to the French human rights organisation Ligue des droits de l’Homme et du citoyen (LDH), which in turn submitted a complaint to the French data protection authority. As Uber has its European headquarters in the Netherlands, this complaint was forwarded to the AP.