back to article Canuck privacy commissioner to dig into Uber data breach

Canada's privacy commissioner has launched a formal investigation into the massive data breach concealed by the ride-hailing app company Uber. Last month, Uber's new CEO revealed that a year previously the details of 57 million customer and driver accounts had been stolen, but the company had decided not to divulge the breach …

  1. FreeRadical

    Pardon?

    "The privacy of riders and drivers is of paramount importance at Uber...said a spokesman.

    Does this company have any sort of conscience? How can you say this after you were caught red-handed in a blatant cover up? Companies generally have no integrity these days, but Uber, you just put yourself at the top of the list with this statement.

  2. Mephistro
    Unhappy

    "...CA$100,000 for a failure to do so..."

    Make that the fine per individual affected by the breach and we'll take it seriously. If this is a fine 'per breach', then it's just a mockery, targeting only small business and allowing big companies to keep doing as they please.

    1. Eguro

      Re: "...CA$100,000 for a failure to do so..."

      Or make it a percentage based fine with a minimum amount if the percentage is lower.

      5% of annual revenue or CA$100,000 - whichever is higher.

  3. RobThBay

    Don't forget about the IRS

    The kid shouldn't be too worried about being in trouble due to the hack. He'll be in bigger trouble with the IRS if he didn't report the payoff on his income tax.

  4. Horse Sense

    Uber will be shaking in their boots at the thought of copping the wrath of Canuck.

  5. Alistair
    Windows

    Personally I rather think the penalties should be phrased as:

    1) 100% of all bonuses, income enhancements for the responsible corporate Directors, VPs, and C suite residents, and the entirety of BOD salaries or bonuses *possibly* payable in the year in which the offence occurs, to be payed to the fining authority by the responsible executives and the BOD.

    2) 25% of corporate *revenue* for the year in which the offence occurred, to be paid to the fining authority by the corporation.

    phrased such as a judge would have some discretion in cases where the entity would be able to provide substantiation of their finances in great detail and have the fine reduced if it was clearly likely to cause the business to fold.

    This may seem brutal, but it would provide direct focus on systems security. It would beat the crap out of small businesses, and would force large corporates to consider their actions much more carefully. Possibly making the execs aware of their role in causing these things to happen. Especially if this was universal and these globals could be hit in *numerous* jurisdictions.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like