Privacy and data protection at the core of data sharing
We believe that the protection of rider and driver data is fundamental, and will continue to strive for the highest level of privacy protection. The provisions of the General Data Protection Regulation (GDPR) constitute the legal basis for the collection and sharing of personal data, including location data. This has put widespread and sweeping requirements on organisations, for which businesses have mobilised significant resources. Therefore, it must be ensured that all actors involved in the sharing of (personal) data respect these strict requirements of the GDPR.
In parallel, regulators should ensure that a strong data protection framework, relying on multiple and in some cases overlapping sets of rules, does not compromise the chances of smaller entrants to the market. The sharing of mobility data already now falls under a variety of provisions, which will be further complemented by upcoming initiatives, such as the Data Governance Regulation and the Data Act in 2021. Therefore, it will be important to ensure coherent legislation and workable rules for all involved actors.