Dutch regulators fined ride-hailing platform Yango €100 million after concluding that the company transferred European user data to Russia without proper safeguards. The case raised serious concerns about cross-border data privacy, Russian access risks, and how international tech firms handle sensitive customer information.
Authorities said the company failed to properly protect user data while moving information outside the European Union. The investigation also renewed debate about whether apps tied to Russian companies should process large volumes of European customer data.
Dutch regulators fined Yango over EU data transfers
The Dutch Data Protection Authority issued the fine against MLU B.V., the company responsible for Yango’s operations in Europe. Regulators concluded that the platform violated GDPR rules by transferring personal information to Russia without ensuring adequate protection for European users.
Authorities stated that Yango failed to clearly explain how customer information could be processed outside the EU. Investigators also argued that the company did not provide enough safeguards to prevent potential access by Russian authorities.
The ruling followed cooperation between regulators in the Netherlands, Finland, and Norway. Officials ordered Yango to stop the transfers immediately or face additional penalties.
The company said it disagreed with the decision and plans to challenge the ruling.
Sensitive customer information was reportedly involved
According to investigators, the transferred data included names, phone numbers, email addresses, ride history, device information, and precise location data. Regulators also said some driver-related information included identification documents, bank details, and social security numbers.
Privacy experts warned that transportation platforms collect large amounts of highly sensitive behavioral information. Ride data can reveal movement patterns, routines, workplaces, home addresses, and financial activity.
Because of that, European regulators argued that companies handling mobility data must follow strict privacy protections before transferring information internationally.
The investigation also focused on concerns that Russian laws could allow authorities to request access to certain data processed inside the country.
Yango’s Russian connections increased scrutiny
Yango operates as part of the wider Yandex technology ecosystem. Yandex has often been described as one of Russia’s largest technology companies, which increased regulatory scrutiny following rising geopolitical tensions in recent years.
European governments and privacy regulators have become more cautious about companies connected to Russian infrastructure since the invasion of Ukraine in 2022. Several countries launched investigations into whether Russian-linked platforms properly protected European user information.
Finnish and Norwegian authorities previously raised concerns about Yango’s data handling practices after reports suggested Russian security agencies could potentially request access to platform data.
Although Yango later reduced operations in some European markets, regulators continued examining how customer information was stored and transferred.
Data transfer risks remain under pressure
The Yango data Russia case reflects broader concerns surrounding international data governance and digital sovereignty. Regulators across Europe continue increasing pressure on technology companies that transfer user data outside EU jurisdictions.
Privacy authorities have intensified enforcement of GDPR requirements involving transparency, data protection, and international processing agreements. Companies that fail to meet those standards now face growing financial and legal risks.
The case also highlighted how location-based platforms have become especially sensitive from a cybersecurity and privacy perspective. Apps connected to transportation, navigation, and mobility services often collect enough information to create detailed user profiles.
As global tensions continue affecting technology regulation, companies handling cross-border customer data will likely face even stricter oversight.
Conclusion
The Yango data Russia controversy intensified after Dutch regulators concluded that the ride-hailing platform unlawfully transferred European user data to Russia. Authorities fined the company €100 million and ordered it to stop the transfers immediately. The case highlighted growing concerns about privacy, foreign technology infrastructure, and the risks tied to international data processing involving sensitive user information.
0 responses to “Yango data Russia transfers trigger €100M fine”