Italian food delivery firm Foodinho has been slapped with a €5 million fine by the country's privacy watchdog for violating data protection regulations. The Glovo-owned company was found to have unlawfully processed the personal data of over 35,000 riders registered on its platform.

The watchdog's investigation revealed that Foodinho had transferred riders' geolocation data to third parties without their knowledge or consent, even when they were not working. This breach of trust was compounded by the fact that the company continued to track riders' locations up to August 2023, even when they were not on the job. The regulator has ordered Foodinho to make changes to its messaging and GPS features to allow riders to turn off location tracking when they are not working.

Furthermore, the watchdog has banned Foodinho from using riders' biometric data, including facial recognition, for identity verification purposes. This move is seen as a significant step towards protecting the privacy and security of riders' personal information.

This is not the first time Foodinho has fallen foul of Italy's data protection regulations. In 2021, the company was fined around $3 million for a range of data protection and algorithmic management issues, affecting around 19,000 registered riders at the time. The latest fine suggests that Foodinho has not learned from its past mistakes and has failed to prioritize the privacy and security of its riders.

The €5 million fine serves as a warning to companies operating in the food delivery space to prioritize the privacy and security of their riders and customers. The incident also highlights the importance of robust data protection regulations and the need for companies to be transparent about their data collection and processing practices.

The fallout from this incident could have significant implications for Foodinho's business operations in Italy and beyond. The company will need to take swift action to address the regulator's concerns and rebuild trust with its riders and customers. As the food delivery market continues to grow, companies like Foodinho must prioritize privacy and security to maintain their competitive edge.

In conclusion, the €5 million fine imposed on Foodinho serves as a stark reminder of the importance of data privacy and security in the digital age. As companies continue to collect and process vast amounts of personal data, they must prioritize transparency, accountability, and the protection of individuals' rights. The incident also underscores the need for robust regulatory frameworks to ensure that companies are held accountable for their actions.