anonym.legal

By · Last updated 2026-06-05

Rudi kwa BlogGDPR & Ufuatiliaji

AP ya Uholanzi: Faini ya €290M na Utekelezaji wa GDPR

AP ya Uholanzi ilitoa faini kubwa zaidi ya EU kwa uhamishaji wa data — €290M dhidi ya Uber. BSN (nambari ya kitaifa ya Uholanzi) inahitaji uthibitishaji wa Elfproef unaokosekana kwa 56% ya zana.

June 5, 20269 dakika kusoma
Dutch APBSN detectionUber GDPR fineNetherlands compliancedata transfer GDPR

Autoriteit Persoonsgegevens (AP) ilimlipa Uber faini ya €290 milioni mnamo Agosti 2024. Faini hiyo ilitolewa kwa sababu ya kutuma data ya madereva kwenye seva za Marekani bila makubaliano halali ya uhamishaji. Hakuna kesi yoyote ya GDPR iliyozalisha faini kubwa zaidi kwa uhamishaji wa data wa kimataifa. AP pia ilishughulikia malalamiko zaidi ya 21,400 mnamo 2023. Hilo linafanya iwe moja ya wasimamizi wa data wenye shughuli nyingi zaidi barani Ulaya.

Mambo Aliyoyagundua AP katika Kesi ya Uber

Uber ilikuwa inakusanya data kutoka kwa madereva nchini Uholanzi na Ufaransa. Data hiyo ilijumuisha historia ya mahali, nyaraka za utambulisho, rekodi za malipo, rekodi za uendeshaji, na faili za kodi. Yote ilihamishwa kwenye seva za Marekani. AP iliamua kuwa njia ya uhamishaji haikuwa halali.

Masuala matatu yalisababisha uamuzi huo:

  • Njia dhaifu ya uhamishaji: Uber ilitumia Sheria za Shirika Zinazolazimisha (BCRs). AP iligundua hazikufunika upeo wala unyeti wa data ya madereva iliyohusika.
  • Hakuna Tathmini ya Athari ya Uhamishaji (TIA): Uber haikuonyesha kwamba sheria za Marekani ziliacha ulinzi uliokubaliwa wa uhamishaji ukiwa imara.
  • Data nyeti kwa mchanganyiko: Data ya mahali, malipo, na alama za utendaji pamoja hutoa picha ya kina ya kila dereva. AP ilitibu mchanganyiko huu kama sawa na data nyeti ya kibinafsi.

Kesi ya Uber inaweka kanuni wazi. Data ya wafanyakazi na wakandarasi inayotumwa Marekani inahitaji TIA sawa na hatua za ziada kama vile data ya watumiaji.

Maeneo ya Kuzingatia kwa Utekelezaji wa AP 2025

Imesasishwa kwa 2026

AP imebainisha maeneo matatu inayoyafuatilia kwa makini mnamo 2025.

Ufuatiliaji wa wafanyakazi: Zana za kufuatilia kazi ya mbali ndizo lengo kuu. Hii inajumuisha kumbukumbu za tija, kunasa picha za skrini, kufuatilia vibonye, na zana za mahali za mbali. Kabla ya kutumia zana yoyote kama hiyo, makampuni lazima yaandike kwa nini yalikataa chaguo zisizo za uvamizi.

Uhamishaji wa data wa kimataifa: Baada ya uamuzi wa Uber, AP inakagua njia za uhamishaji. Makampuni yanayotegemea huduma za Marekani, Asia, au nchi nyingine zisizokuwa na kiwango cha kutosha yako katika wigo. Kila kampuni inayotumia zana za programu za Marekani kwa HR, kazi za mradi, au data ya wateja lazima iwe na TIA ya sasa kwenye faili.

Maamuzi ya kiotomatiki: Tathmini ya mkopo ya AI, vichungi vya kuajiri, na mifumo ya utendaji vinasababisha majukumu ya Kifungu cha 22. AP inalenga mashirika yanayofanya maamuzi ya kiotomatiki bila hatua ya kweli ya ukaguzi wa binadamu. Wafanyakazi na watumiaji wote lazima wafunikwe.

BSN: Kitambulisho cha Taifa Kinacholindwa

Burgerservicenummer (BSN) ni nambari ya kitambulisho ya taifa yenye tarakimu 9 inayotumiwa nchini Uholanzi. Inathibitishwa kwa kutumia ukaguzi wa Elfproef (uthibitisho wa kumi na moja). Ili kuendesha ukaguzi: zidisha kila tarakimu kwa uzito kuanzia 9 hadi −1, jumlisha matokeo, na jumla lazima igawanywe sawasawa na 11.

Sheria ya BSN (Wet algemene bepalingen burgerservicenummer) inapunguza matumizi ya BSN kwa muktadha maalum wa kisheria. Hizi ni: kodi, afya, serikali, na malipo ya mwajiri. Kutumia BSN nje ya muktadha huo husababisha utekelezaji wa Sheria ya BSN. Dhima ya GDPR inatumika juu ya hiyo.

Kwa nini zana za kawaida zinakosa BSN: Zana nyingi za NLP hazijumuishi ukaguzi wa Elfproef. Bila hiyo, kila mfuatano wa tarakimu 9 unabandikwa bendera kama BSN inayowezekana. Hiyo husababisha kengele za uongo katika nyaraka za fedha na utawala. BSN zilizoandikwa vibaya pia zinakosekana. Zinashindwa ukaguzi lakini zinaonekana kama muundo sahihi. Angalia mwongozo wetu wa utambuzi wa kitambulisho cha kodi cha kitaifa cha EU na PII kwa ulinganisho kamili wa miundo ya kitambulisho ya Ulaya.

NER kwa Maandishi ya Kiholanzi

Kiholanzi (Nederlands) kina vipengele vinavyotatiza mifano iliyofunzwa kwa Kiingereza.

Maneno mchanganyiko: Kiholanzi huunganisha maneno. Persoonsgegevens (data ya kibinafsi) na Burgerservicenummer (nambari ya kitambulisho cha raia) kila moja ni neno moja. Mifano iliyojengwa kwa Kiingereza mara nyingi huigawanya mahali pasipofaa. Hiyo huvunja utambuzi wa viumbe.

Viishio vya majina: Viambishi -je na -tje vinaonekana katika majina ya kwanza — Annetje, Hansje. Mifano ya majina inahitaji kushughulikia fomu ya msingi na fomu fupi.

Miundo ya anwani: Aina za mitaa ni pamoja na Straat, Laan, Weg, Plein, na Gracht. Nambari za posta zinatumia tarakimu nne pamoja na herufi mbili (mfano: 1234 AB). Kila nambari inafanana na mtaa mmoja, kwa hivyo inafunua zaidi ya nambari nyingi za posta za Ulaya.

Muundo wa IBAN: IBAN za Kiholanzi zina herufi 18: NL + tarakimu 2 za ukaguzi + msimbo wa benki wa herufi 4 + nambari ya akaunti ya tarakimu 10. Nchi ina matumizi makubwa ya malipo ya kadi. Kwa hivyo nyaraka za fedha zina IBAN nyingi. Kwa njia za kupima imani katika aina za kitambulisho, angalia utambuzi wa PII wa binary na kupima imani.

Orodha ya Kiufundi ya Kuzingatia kwa Utekelezaji wa AP

Ili kukidhi viwango vya sasa vya AP, mifumo ya data inahitaji:

  1. Utambuzi wa BSN na Elfproef — ulinganifu wa muundo peke yake haitoshi
  2. NER ya lugha ya Kiholanzi — mfano kama vile spaCy nl_core_news hushughulikia maneno mchanganyiko na majina ya fomu fupi
  3. Utambuzi wa IBAN — unaojua muundo, si wa kawaida
  4. Rekodi za msindikaji msaidizi kwa uhamishaji wote wa kimataifa
  5. TIA kwa wauzaji wa Marekani — kipaumbele cha ukaguzi wa AP baada ya uamuzi wa Uber

Baada ya Uber, TIA kwa wauzaji wa Marekani ni mahitaji ya msingi, si mazoea bora. Kwa uchambuzi kamili wa uamuzi na athari zake za uhamishaji, angalia faini ya AP Uber na utekelezaji wa uhamishaji wa kimataifa.

Vyanzo

Makala Zinazohusiana

GDPR & Ufuatiliaji

Japan My Number: Verhoeff & APPI

63% of generic tools fail My Number detection in Japanese documents. My Number uses Verhoeff algorithm — the most complex national ID checksum in Asia.

GDPR & Ufuatiliaji

HDPA Greece: AFM & AMKA Detection

Greek AFM detected with 52% accuracy by generic tools. HDPA issued 89 decisions in 2024 — up 162% from 2022. Tourism and maritime sectors face distinct.

GDPR & Ufuatiliaji

NAIH Hungary: TAJ-Szám and Adóazonosító Jel

Hungarian NER accuracy is 67% vs. EU average 82% — NAIH's 2024 assessment. TAJ-szám weighted checksum and adóazonosító jel detection gaps.

Tayari kulinda data yako?

Anza kuanonymisha PII na aina 285+ za vitu katika lugha 48.

Anza Jaribio la BureTazama Vipengele

About this page

We update this page when our platform or the law changes.

Read our founder note for how we work.

Each change shows up in the timestamp at the top.

Related reading

We follow these rules

  • GDPR (EU 2016/679).
  • ISO/IEC 27001:2022.
  • NIS2 (EU 2022/2555).
  • HIPAA safe harbor under 45 CFR § 164.514(b)(2).

Our promise

We do not sell your data.

We do not train models on your text.

We store your files in Germany.

You can delete your account at any time.

You own your work.

Where we run

Our servers live in Falkenstein, Germany.

We use Hetzner. They hold ISO 27001 certification.

All data stays in the EU.

Backups run every day.

Need help?

Email support@anonym.legal.

We reply within one business day.

How we test

We run a full check suite on every release.

Each surface gets its own sweep script and report.

Human reviewers spot-check the output each week.

We track recall and precision on a labelled set.

Bad runs block the deploy.

What we never do

  • We never sell your information to third parties.
  • We never train models on what you upload.
  • We never keep your work after you delete it.
  • We never share keys with any outside firm.
  • We never run ads inside the product.

Plans in plain words

We sell credits, not seats.

One credit covers one short job.

Long jobs use a few credits each.

You can top up at any time.

Unused credits roll over each month.

Read the plans page for current rates.

Who built this

A small team of engineers and lawyers built this.

We ship from Europe and work in the open.

Our founder note spells out why we started.

Where to start

How the parts fit

A browser add-on cleans text inside Chrome.

A Word plug-in handles drafts in Office.

A small desktop tool works on whole folders.

An agent protocol link feeds large models safely.

All four share one core engine and one rule set.

Words from our team

We started this work after a lunch about cookies.

One friend kept getting odd ads on her phone.

We asked why a court file leaked through a draft.

We sketched the first build on a napkin that week.

By month three we had a tiny demo for a friend.

She used it on her first case the next day.

Common questions we hear

Can the tool read scanned PDFs? Yes, with OCR.

Does it work on long files? Yes, in small chunks.

Can I roll my own rule set? Yes, save it as a preset.

Does it run offline? The desktop build runs offline.

Do you keep my files? No, the cloud build wipes after each run.

Will it learn from my work? No, we never train on inputs.

A short tour of the workflow

Upload a file or paste a snippet of prose.

Pick the entities you want gone from the draft.

Choose a method: replace, mask, hash, encrypt, or redact.

Press run and watch the side panel show each hit.

Skim the result and tweak any rule that misfired.

Save the cleaned file or send it to a teammate.