Uber faces collective legal action over opaque AI-driven pay and alleged GDPR breaches

Uber faces collective legal threat over AI-driven dynamic pay: what legal teams need to know

Worker Info Exchange (WIE) has issued a legal letter before action to Uber BV in Amsterdam and Uber Technologies Inc. in the United States. The non-profit alleges Uber's AI-driven dynamic pay systems lack transparency, unlawfully profile drivers, and breach data protection law. WIE says it will file collective proceedings in the Amsterdam District Court if Uber does not cease the practices and compensate affected drivers.

"Through collective action, we intend to get a fairer deal for drivers and ensure Uber is held financially accountable for the harm caused by this unlawful use of AI," said James Farrar, Chair of the Management Board at WIE International. The group frames the case as a transparency and fairness issue, not just a pay dispute, and is exploring expansion across Europe.

The core allegations

• Opaque algorithmic pay-setting: WIE claims Uber uses AI and machine learning to set pay in ways drivers cannot understand or challenge.
• Profiling without valid consent: The foundation says drivers' personal data and behavioral profiles are used to train the same algorithms that set pay.
• Unlawful data transfers: WIE alleges driver data was transferred from Europe to the U.S. between August 2021 and November 2023, exposing it to unauthorized access and U.S. government surveillance risks.
• Economic impact: Research conducted by the University of Oxford with WIE reportedly found 82% of UK drivers earned less per hour after dynamic pay was introduced, losing 8-16% over the past year.

Why this matters legally

For EU drivers, the allegations directly engage GDPR's transparency and fairness principles (Article 5), lawful basis (Article 6), data subject rights (Articles 13-15), automated decision-making and profiling rules (Article 22), DPIA obligations (Article 35), and international transfer restrictions (Articles 44-49). If established, exposure could include injunctions, damages, and administrative fines under Article 83.

For UK drivers, similar issues arise under the UK GDPR and the Data Protection Act 2018, with potential ICO scrutiny. The Amsterdam venue indicates WIE may proceed under the Netherlands' collective redress law, positioning Uber BV as a central defendant for EU claims.

On cross-border transfers, the claims point to the legal standard post-Schrems II: any transfers to the U.S. require valid safeguards and effective supplementary measures. Reference materials on EU data transfer rules are available from the European Commission here.

Potential defenses Uber may raise

• Lawful basis: performance of a contract or legitimate interests, with argued necessity for pricing and marketplace operations.
• Transparency provided via in-app notices, help center materials, and contractual terms.
• Automated decision-making: asserting no decisions with legal or similarly significant effects are made without human involvement, placing the system outside strict Article 22 constraints.
• International transfers: reliance on Standard Contractual Clauses and supplementary measures during the alleged period, or claims of sufficient anonymization/aggregation.

What WIE says it wants

• Immediate cessation of contested practices, including specific uses of profiling for pay-setting.
• Compensation for drivers allegedly harmed.
• Greater algorithmic transparency and access to meaningful information about pay logic and inputs.
• Remediation of transfer practices, including storage location changes and improved safeguards.

Implications for platform counsel

• Map your algorithmic pay workflows: inputs, features, model outputs, human oversight, and escalation paths.
• Audit transparency: confirm data subject notices cover purpose, logic, consequences, and rights in language drivers can act on.
• Recheck Article 22 posture: document why a process is or is not "solely automated" and whether impacts are "similarly significant."
• Revisit DPIAs and risk mitigations for dynamic pay and pricing models; record model change logs and impact testing.
• Validate international transfers: transfer impact assessments, SCCs, supplementary measures, and any EU/US framework reliance.
• Prepare disclosure: preserve communications, model documentation, AB tests, and governance records that could be discoverable.

Procedural picture

WIE has sent a pre-action letter and signaled collective proceedings in Amsterdam if its demands are not met. Parallel regulatory complaints to EU supervisory authorities or the ICO are possible. The group also notes ongoing investigation across Europe, which suggests additional filings or expanded class definitions could follow.

Key quote

"It is about securing transparent, fair and safe working conditions for all platform workers." - Worker Info Exchange

Bottom line for legal teams

This dispute tests how far platforms can push algorithmic pay-setting without crossing transparency and profiling lines. Expect scrutiny on Article 22, evidence of human oversight, and the real-world impact of dynamic pay. If you run similar systems, get your records, notices, and transfer paperwork in order now-before a letter like this hits your inbox.