Maltese MEP Alfred Sant asked the European Commission whether it has any information on the massive data breach on consumers by Uber and whether it plans to take formal action for the violation of EU legislation. Uber experienced a massive data breach in October 2016 that included the personal information of 57 million consumers and drivers across the globe, including EU citizens. According to recent news, instead of notifying the authorities or the individuals affected, Uber paid the hackers responsible for the original breach $100,000 to delete the data and cover up the breach in security.
Discovery of the U.S. company’s cover-up of the incident resulted in the firing of two employees responsible for its response to the hack. Dara Khosrowshahi, who replaced co-founder Travis Kalnick as CEO in August, said he had only recently learned of this massive data breach.
“What is the Commission’s view of practices which enable a company active in the digital and sharing economy to experience a data breach without informing clients or the relevant national authorities?” asked the Maltese MEP.
Dr Sant said that in light of the EU legislation on measures applicable to the notification of personal data breaches as well as on privacy and electronic communications, Uber’s year long cover-up is highly questionable. This regulation specifies that when the breach of data can adversely affect the personal privacy of individuals, providers shall notify the individuals and this notification should be made no later than 24 hours after its detection.

Maltese Version – HACKERS JISIRQU INFORMAZZJONI TA’ 57 MILJUN KONSUMATUR TA’ UBER

Alfred Sant staqsa lill-Kummissjoni Ewropea hux se tieħu azzjoni formali kontra l-kumpanija Uber dwar il-ksur massiċċ tal-informazzjoni f’Ottubru tal-2016 ta’ 57 miljun konsumatur u sewwieqa madwar id-dinja, inkluż ċittadini Ewropej. Rapporti riċenti jgħidu li Uber ħallset $100,000 lil hackers responsabbli għas-serq tal-informazzjoni diġitali biex iħassru l-informazzjoni u jgħattu l-ksur fis-sistema tas-sigurta’, minflok avżat lill-awtoritajiet u lill-individwi affettwati.
Dara Khosrowshahi, li ħa l-post tal-ko-fundatur Travis Kalnick ta’ Uber bħala CEO f’Awwissu, qal li kien biss riċentement li sar jaf dwar il-ksur tal-liġi tal-informazzjoni.
“X’inhi l-opinjoni tal-Kummissjoni Ewropea dwar prattiċi li bihom kumpanija attiva fis-suq diġitali tesperjenza ksur tal-liġi tal-informazzjoni mingħajr ma tinforma lill-klijenti jew lill-awtoritajiet nazzjonali rilevanti?” staqsa Alfred Sant lill-KE.
Dr Sant qal li l-‘cover up’ ta’ Uber fuq tul ta’ sena jqanqal ħafna mistoqsijiet fid-dawl tal-liġi tal-UE dwar miżuri applikabbli għan-notifikazzjoni ta’ ksur tal-liġi ta’ informazzjoni personali kif ukoll fuq il-privatezza u komunikazzjoni elettroniċi. Dan ir-regolament jispeċifika li ksur tal-liġi tal-informazzjoni taffettwa negattivament il-privatezza tal-individwi, għaldaqstant dawk li jipprovdu s-servizz għandhom jinformaw l-individwi fi żmien 24 siegħa wara li dan jiġi identifikat.