Dutch Data Protection Authority Is Celebrating Tesla Bocored Customer Data
JAKARTA - Data protection authorities for the Netherlands stated on Friday May 26 that they were aware of a data protection breach that Tesla might have committed. But they admitted it was too early to provide further comment.
Germany's Handelsblatt newspaper reported on Thursday May 25 that Elon Musk's Tesla allegedly failed to adequately protect data from customers, employees, and business partners, citing 100 gigabite of classified data leaked by a whistleblower.
"We are aware of reports from Handelsblatt and we are investigating them," said a spokesman for the AP data authority in the Netherlands, where Tesla Europe's headquarters is located.
They declined to comment on whether the agency might or had conducted an investigation, citing policies. The Dutch authorities were notified by a similar institution in Germany's state of Brandenburg.
Handelsblatt said Tesla informed Dutch authorities of the breach, but an AP spokesman said they did not know if the company had made a statement to the agency.
Tesla did not immediately comment on Handelsblatt's report last Friday, which stated that customer data could be found "in large quantities" in a data set labeled "Tesla Files".
The data protection office in Brandenburg, where Europe's Tesla gigafactory plant is located, describes the data leak as "massive".
"I don't remember the scale of this before," data protection official Brandenburg Dagmar Hartge said. He added that the case had been handed over to Dutch authorities who would be responsible if the allegations led to law enforcement.
"The Dutch authorities have several weeks to decide whether to handle the case as part of European procedures," he added.
The files include tables containing more than 100,000 names of current formers and employees, including Tesla CEO Elon Musk's social security number, personal email address, phone number, employee salary, customer bank details, and confidential details from production, Handelsblatt reported.
"This violation will violate the GDPR (General Data Protection Regulation)," the report said.
If the breach is proven, Tesla could be fined up to 4% of its annual sales, which could reach 3.26 billion euros (Rp52.5 trillion).
German union IG Metall said the disclosure was "disturbing" and called on Tesla to inform employees of all data protection breaches and promote a culture where staff can express issues and complaints openly and without fear.
"This disclosure... is in line with the picture we have obtained in less than two years," said Dirk Schulze, the upcoming district manager for Berlin, Brandenburg, and Sachsen IG Metall.
Handelsblatt quoted a Tesla lawyer as saying that an "unsatisfied former employee" had abused their access as service technicians, and the company would take legal action against individuals suspected of causing the data leak.
Citing the leaked files, the newspaper reported thousands of customer complaints about Tesla driver assistance systems, with around 4,000 complaints about the sudden acceleration or ghost braking.
Last month, a Reuters report showed that a group of Tesla employees personally shared highly invasive videos and images through an internal messaging system recorded by customer car cameras between 2019 and 2022.
This week, Facebook's parent company Meta was also fined 1.2 billion euros (IDR 19.3 trillion) by the European Union's privacy regulator for handling user information and given five months to stop transferring user data to the United States.