BERLIN (Reuters ) - German authorities have serious indications that Tesla may be violating data protection laws, the Handelsblatt newspaper reported Thursday. The paper cited the data protection officer in the state of the carmaker's European gigafactory.
The Dutch data protection supervisory authority, where Tesla’s European headquarters are located, was informed of the situation, according to the newspaper. Tesla had also submitted a preliminary report on the issue to the Dutch authorities.
According to the General Data Protection Regulation of the European Union (GDPR), companies must take action if they suspect that personal data has been compromised.
Brandenburg Data Protection Office was not available to comment immediately.
Tesla did not immediately respond to a request for comment.
The data set, called the Tesla Files by Handelsblatt, contains a plethora of customer data.
These files contain tables with more than 100,000 names, including those of current and former employees. They also include the social security numbers of Tesla CEO Elon Musk and private email addresses and phone numbers.
The newspaper also added that the breach would be in violation of GDPR.
A lawyer for Tesla told Handelsblatt that a "disgruntled ex-employee" had abused his position as a technician to obtain information. The company said it would take legal actions against the suspected former employee.
According to the newspaper, the whistleblower informed the German authorities of the data breach in April.
Handelsblatt quoted a Brandenburg data protection officer spokesperson as saying that the matter would be serious from a data privacy point of view, if there was substantial evidence.
The newspaper reported on thousands of complaints from customers about the driver assistance systems. Around 4,000 complaints were related to sudden acceleration and phantom braking.
A Reuters report last month revealed that Tesla employees shared videos and images taken by car cameras of customers between 2019 and 2020 via an internal messaging service.
Facebook parent Meta has been fined a record-breaking 1.2 billion euros ($1.3 billion) by the European Union's privacy regulator for its handling of users' information. Meta also received a five-month deadline to stop sending data to U.S.
(Reporting and editing by Susan Fenton, David Gregorio and Riham Alkousaa from Berlin and San Francisco)