
Dutch DPA: Uber fined for data breach - johannes1234321
https://autoriteitpersoonsgegevens.nl/en/news/dutch-dpa-fine-data-breach-uber
======
delroth
Nothing to do with GDPR, in fact the breach predates it (2016). The
Netherlands already had regulations in place that mandate reporting data
breaches, through the Dutch Data Protection Act.

~~~
bryanrasmussen
imagine how high the fine could be if it was really under GDPR!

------
ckastner
> The Dutch Data Protection Authority (Dutch DPA) imposes a fine of €600.000

What a bargain! In the US, they settled for $148 million [1].

[1] [https://www.nytimes.com/2018/09/26/technology/uber-data-
brea...](https://www.nytimes.com/2018/09/26/technology/uber-data-breach.html)

~~~
mettamage
Hmm let's see with some back of the envelope calculation.

148 / 320 = 0.4625

0.6 / 17 = 0.035

Hmm, yea you're right.

~~~
duckerude
It seems data of ~25,000,000 US users was leaked, and of ~174,000 Dutch users.

148 / 25 = 5.92

0.6 / 0.174 = 3.45

That's more proportionate.

------
darrenf
The article makes no mention of GDPR, and the fine was levied due to
(in)action after a breach in 2016. Is this really GDPR related as the title
says?

------
majinb00
It is not GDPR but a previous local law that has been used since GDPR was not
applicable in 2016 when the breach did occur.

------
fybe
Can a mod alter the title? Nothing to do with GDPR. OP is a bit confused it
seems.

This was an independent action by the Dutch Data protection authority.

