German newspaper Handelsblatt recently published an extensive report on the “Tesla Files,” which is comprised of 100 GB worth of confidential data from the electric vehicle maker. Amidst the publishing of the leaked data, German authorities are now reportedly looking into possible data protection violations by Tesla.
The “Tesla files” reportedly included more than 100,000 names of former and current employees, private email addresses, Elon Musk’s social security number, salaries of employees, bank details of customers, and complaints about products like Autopilot, to name a few. The majority of the leaked information appears to have originated from Tesla’s project management system.
When Handelsblatt reportedly contacted Tesla about the leak, the electric vehicle maker’s legal team issued a response. A lawyer from the company demanded that the files be returned and destroyed, and that the publication, by possessing such data itself without proper justification, breaches data protection law.
The EV maker also noted that mishandling of the information subjects recipients such as the German newspaper to “liability for violation of trade secrets, data protection law, and handling stolen data,” among other things.
“Any such data in your possession also requires you to protect it carefully against further misappropriation. To this end, please send us a copy of this information, immediately delete all other copies, and confirm with us that you have done so,” Tesla’s lawyer reportedly wrote.
Tesla’s legal team also noted that it had reason to believe that the source of the data leak is a disgruntled former employee who had abused his access as a service technician. The company plans to take action against the former employee.
Citing the data protection office in the state where Tesla has its European Gigafactory, Handelsblatt noted that authorities now have serious indications of possible data protection violations by Tesla. The data protection supervisory authority in the Netherlands has reportedly been informed of the case. Tesla had also reportedly filed a preliminary report to Dutch authorities about the leak.
As noted in a Reuters report, the European Union’s General Data Protection Regulation (GDPR) stipulates that companies are required to inform authorities about such issues if personal data has been leaked. And considering that customer data is reportedly found in abundance in the “Tesla files,” the data breach would effectively violate the GDPR, the German newspaper noted.
Don’t hesitate to contact us with news tips. Just send a message to email@example.com to give us a heads up.