Uber faces GDPR lawsuit over 'robo-firing' algorithm

Black cards of Uber logos lined up in a row

(Image credit: Shutterstock)

Uber is facing a legal challenge over its automated “robo-firing” algorithm that allegedly breaches Article 22 of the General Data Protection Regulation (GDPR).

The App Drivers & Couriers Union (ACDU) has filed a complaint in Amsterdam's district court, where Uber's data resides, representing four former drivers from London, Birmingham and Lisbon, Portugal.

Uber wins license to operate in London after ‘plugging IT gaps’ What is an algorithm? Council of Europe urges a "precautionary" approach to algorithmic systems

The ACDU said that in each case the drivers were dismissed by Uber after being flagged up for "fraudulent activity." The claims, which the drivers deny, have not been reported to the police, but Uber deactivated their accounts.

The union also allege that Uber never gave the drivers access to any of the purported evidence against them, nor did it allow them to challenge or even appeal the terminations.

Under the UK's Data Protection Act and Article 22 of GDPR, individuals have the right to certain protections from any automated decisions which create negative effects that are not carried out with meaningful human intervention.

Two of the drivers were based in London. One was dismissed after Uber said its system detected "irregular trips associated with fraudulent activities", according to ACDU. The other was dismissed for "the installation of and use of software which has the intention and effect of manipulating the Driver App".

Neither driver was given any further explanation or the right of appeal, the ACDU said.

"Uber has been allowed to violate employment law with impunity for years and now we are seeing a glimpse into an Orwellian world of work where workers have no rights and are managed by machine," said Yaseen Aslam, president of the ADCU. "If Uber is not checked, this practice will become the norm for everyone."

The legal challenge comes just a month after Uber won back its London-operating license after proving its system was 'fit and proper'. London-based drivers who are dismissed by Uber are automatically reported to Transport For London (TfL), who may take licensing action against them.

However, James Farrar, the ADCU's general secretary told the BBC that Uber refused to give additional details to TfL because it would compromise its security.

"Uber provides requested personal data and information that individuals are entitled to," said a spokeswoman for Uber. "We will give explanations when we cannot provide certain data, such as when it doesn't exist or disclosing it would infringe on the rights of another person under GDPR."

Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.

Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.