A Yango taxi in Helsinki on 8 August 2023. Yango, the ride-hailing service of Russia’s Yandex, will be prohibited from transferring personal data from Finland to Russia as of 1 September, according to the Office of the Data Protection Ombudsman. (Eelis Berglund – Lehtikuva)
- Previous Article Finnish software sector echoes concern about immigration policy revisions
- Next Article Decline in domestic beer sales continues – Industry awaits tax reduction
THE FINNISH Data Protection Authority has ordered Yandex and Ridetech International to suspend the transfer of personal data collected by Yango, the ride-hailing service of Yandex, from Finland to Russia.
The service is operated in Europe by Ridetech International, which is based in the Netherlands.
The Office of the Data Protection Ombudsman on Tuesday said the order was issued on grounds of a legislative amendment that will enter into force in Russia in September, granting the Federal Security Service (FSB) the right to access personal data processed in taxi operations both in and outside Russia.
The order is provisionally set to be in effect from 1 September to 30 November.
Yango is available in the Nordics in Finland and Norway. While Russian company has stated that the personal information it collects is processed in the Netherlands, it has provided information that such information is also transferred to Russia.
The data may include location information and destination of the ride, according to the Data Protection Ombudsman.
Yango is able to collect a surprising amount of data on its users that range from the point of departure and destination of the journey to the time of use, the cost and payment details, and any other information entered by the user, data protection expert Petteri Järvinen stated to YLE on Thursday.
“The information often also contains the customer’s name. You can deduce surprisingly much based on the data especially in the case of someone who uses Yango rides a lot and moves between the same places,” he said.
Although such information can be abused in many ways, Finns with no ties to Russia have no need to be particularly concerned, estimated Järvinen. They should, though, monitor the situation due to the uncertainty associated with where the information ends up.
“Russia is a Wild West for data protection, and without state permits and laws the data can leak and can be openly bought from various registers in the black market in Russia. It appears that even authorities are selling data to generate more revenue,” he stated.
Russian authorities are ultimately interested only in a limited group of people, such as people with dual citizenship and people who have fled Russia to Finland to avoid conscription.
“Ordinary citizens don’t have to be concerned, but people with dual citizenship may be of interest to Russian authorities and can be blackmailed with mobility data if they contain something sensitive. If someone has fled a military call-up in Russia, they may be tracked in Finland. For them, the risk is on another level,” gauged Järvinen.
He urged people to remove the ride-hailing app from their smartphones and those who continue to use it to make payments in cash rather than card.
“There isn’t more an ordinary citizen can do,” he said.
Järvinen also criticised Finnish data protection authorities for their slow response to the situation, describing the ban on data transfer as “the least” the ombudsman could do. It is odd, he added, that the service remains available in Finland, given that it was banned by the likes of Estonia, Latvia and Lithuania when Russia invaded Ukraine.
“The urgent and sudden decision feels like they hadn’t followed what’s going on globally and didn’t approach Russia with the necessary degree of seriousness,” he said.
Aleksi Teivainen – HT
- Previous Article Finnish software sector echoes concern about immigration policy revisions
- Next Article Decline in domestic beer sales continues – Industry awaits tax reduction
Source: www.helsinkitimes.fi
