Yandex's Dutch subsidiary will pay €100 million for transferring private data to Russia
Finland, the Netherlands, and Norway have imposed a joint fine of 100 million euros on MLU B.V., a company belonging to the Yandex Group.
This was reported by the press service of Finland’s Data Protection Authority (DPA).
The reason for this severe decision was the proven fact that personal data of European users of the Yango taxi service was transferred to the Russian Federation.
The investigation into the activities of the Netherlands-registered company began back in 2023 at the initiative of Finland’s Data Protection Authority (DPA).
Regulatory authorities sought to determine whether Russian intelligence agencies and government bodies had access to the confidential information of European residents.
The results of the investigation confirmed European regulators’ worst fears regarding the security of digital data.
As noted in the report, Yango service customers’ information ended up on servers in Russia without any adequate level of protection.
“The investigation revealed that Yango user data was transferred to Russia without adequate protection. Data protection authorities believe the company failed to demonstrate that Russian authorities’ access to personal data was sufficiently prevented,” the DPA press office officially stated.
Regulatory authorities emphasized the critical importance of respecting privacy and immediately ceasing any cooperation with the aggressor in the digital sphere.
In accordance with the regulators’ requirements, “the transfer of personal data to Russia must be immediately halted” to ensure the safety of EU citizens.
Representatives of MLU B.V. have expressed their strong disagreement with the decision and are already preparing an appeal.
In their official statement, they are attempting to reassure the public that all necessary technical security protocols have been followed.
“Personal data of EU users was stored exclusively within the EU in pseudonymized and encrypted form, which technically made it inaccessible to any third parties,” the press service of the Yandex division stated.
Despite these justifications, European regulators believe that the risks of data being used by Russian law enforcement agencies remain too high.
This precedent sends a clear signal to all tech companies that continue to maintain ties with Russian IT entities.
Yandex complied with a record number of government requests to disclose user data
In Russia, a court ordered Yandex to hide maps leading to an oil refinery that had been attacked by drones four times
